Thats right folks, the scammers are back - and this time they're holding an infection (guess the phishing stuff wasn't working as well for them?). I've received 27 of these so far, and other than the sender, they're all virtually identical;
The attachment? BANK_DETAILS.zip, which contains a 66.5KB file called .... wait for it .... BANK_DETAILS.exe, with an Excel icon to make you think it's an XLS file (naughty scammer!). Detection alas, isn't that good, with only 16/32 detecting it.
Alas the Sunbelt sandbox claims the file has already been analyzed but err;
Where is it? Instead, I've submitted it both to Anubis and to the Microsoft sandbox - results will be posted when I receive them. In the meantime, the e-mail itself is below.
As mentioned, the following are the Anubis and MS sandbox results;
No really, that IS all Microsoft decided to send for this one!