Products & Services
Support

Product Categories


Popular Downloads


Manage Software

How to Buy

For Home

Linksys Products Store
Linksys is now part of Belkin
Products for everyone

All Ordering Options

Training & Events Partners
Guest

Threat Outbreak Alert

Threat Outbreak Alert: Fake Product Order Email Messages on February 26, 2014

 
Threat Type:IntelliShield: Threat Outbreak Alert
IntelliShield ID:27710
Version:79
First Published:2012 December 21 18:20 GMT
Last Published:2014 February 27 13:02 GMT
Port: Not available
Urgency:Possible use
Credibility:Confirmed
Severity:Mild Damage
 
Version Summary:Cisco Security Intelligence Operations has detected significant activity on February 26, 2014.
 

Description
 
Cisco Security Intelligence Operations has detected significant activity related to spam email messages that claim to contain a product order quote for the recipient. The text in the email message attempts to convince the recipient to open the attachment and view the details. However, the .zip attachment contains a malicious .exe file that, when executed, attempts to infect the system with malicious code.

Email messages that are related to this threat (RuleID4961, RuleID4961KVR, RuleID4961KVR_1, RuleID4961_1KVR, and RuleID4961_2KVR) may contain any of the following files:

Newt_Order_Product_Quotation-doc.zip
Newt_Order_Product_Quotation-doc.exe
IMG2475240169-JPG.scr
New_Order_Product_Quote-doc.zip
New_Order_Product_Quote-doc.exe
scan01_pdf.zip
scan01_pdf.exe
sample_pdf.zip
sample_pdf.exe
tt copy_pdf.zip
products.zip
PRODUC~1.EXE
New_Order_Quotation-doc.zip
New_Order_Quotation-doc.exe
PAYMENTSLIP.zip
Samplepicture_pdf.zip
Samplepicture_pdf.exe
New_Order_Quotation-pdf.zip
New_Order_Quotation-pdf.exe
New_Order_Quotations-doc.zip
New_Order_Quotations-doc.exe
Wester Union Payment Slip_pdf.zip
Wester Union Payment Slip_pdf.exe
scan000_pdf.exe
Quotation_pdf.zip
Quotation_pdf.exe
Obfuscated. Order_pdf.exe
tt_copy_pdf.zip
tt_copy_pdf.scr
Purchase order.pdf.zip
Product Order_pdf.exe
scan002_pdf.zip
scan002_pdf.exe
image001_pdf.zip
image001_pdf.exe
image15052013_pdf.zip
image15052013_pdf.exe
report_0946547_PDF.exe
image200313_pdf.zip
image200313_pdf.exe
Original_copy_pdf.zip
Original_copy_pdf.exe
Original Copy_pdf.zip
Original Copy_pdf.exe
Revised Purchse Order_pdf.zip
cina.scr
document_payment_pdf..zip
New Order.zip
Original_pdf.exe
OriginalCopy.pdf.zip
New Purchase Order_pdf .zip
New Purchase Order_pdf.exe
IMG3866203949-JPG.zip
IMG1258310330-JPG.scr
IMG0990207321-JPG.zip
IMG2531797423-JPG.scr
Original Copy_pdf (1).zip
Original Copy_pdf.scr
IMG9416157474-JPG.zip
IMG2216617538-JPG.scr
AdobeReaderXI_316291.zip
IMG2475240169-JPG.scr
Document_6603096519-PDF.zip
Document_4553172582-PDF.scr
IMG2742904648-JPG.zip
IMG2182934609-JPG.scr
IMG2118155891-JPG.zip
IMG3723393505-JPG.scr
IMG9415071339-JPG.zip
MIAP511I_5329142_0001934810_ST493.PDF.exe
IMG9207122536-JPG.zip
IMG0385780233-JPG.scr
IMG2430575899-JPG.zip
IMG6881491278-JPG.scr
IMG0772835702-JPG.zip
image.exe
Original Copy_pdf (5).zip
revised PO.pdf.zip
IMG8732165337-JPG.zip
IMG7521164198-JPG.scr
product_pdf.zip
product_pdf.scr
Payment Copy.zip
Sample_pdf.scr
order list.zip
order list_pdf.exe
IMG3381987961-JPG.zip
IMG1533331062-JPG.scr
IMG6461914564-JPG.zip
IMG6438052499-JPG.scr
IMG5825170128-JPG.zip
IMG3978836446-JPG.scr
IMG1296540518-JPG.zip
IMG9936706340-JPG.scr
IMG6926852712-JPG.zip
IMG5877719669-JPG.scr
IMG3997574537-JPG.zip
IMG2752924697-JPG.scr
IMG2543127254-JPG.zip
IMG2257181497-JPG.scr
New_order_quotation6-doc.zip
New_order_quotation6-doc.exe
IMG3815508030-JPG.zip
IMG0783898958-JPG.scr
IMG1609815235-JPG.zip
IMG7453095166-JPG.scr
IMG0090430460-JPG.zip
IMG5532084864-JPG.scr
T-BOX_13.zip
T-BOX.exe
IMG5266667081-JPG.zip
IMG4566471499-JPG.scr
IMG3474195690-JPG.zip
IMG8108541954-JPG.scr
IMG9816148913-JPG.zip
IMG4753077994-JPG.scr
Love_Doc_6808737450-txt.zip
Love_Doc_8036764315-txt.scr
IMG1684435436-JPG.zip
IMG5088930942-JPG.scr
PRINT_IXNDJ863ML_PDF.zip
PRINT_IXNDJ863ML_PDF.exe
order_9LNAHPQQ9PPT7EG8HF.PDF.zip
order_9LNAHPQQ9PPT7EG8HF.pdf.exe
RFQ pdf.zip
Orde_fdp.scr
Electricity bill sep.13 64391230.zip
Electricity bill sep.13 87409584.pdf.exe
IMG3430048558-JPG.zip
IMG2315855606-JPG.scr
payment-pdf.zip
payment-pdf.exe
IMG2165587498-JPG.zip
IMG4306804284-JPG.scr
IMG4486580362-JPG.zip
IMG4837016874-JPG.scr
report.zip
report.pdf.exe
2013_10rechnung_2054314981.zip
2013_10rechnung_7409598302.pdf.exe
20131001_103316.zip
Order Items.pdf.scr
IMG_20131001_02380.zip
IMG_20131001_76475.jpg.exe
IMG9711475991-JPG.zip
IMG0767643376-JPG.scr
PO#6872.pdf.zip
PO#6872.pdf.scr
TT-doc.zip
TT-doc.scr
cashpro_digital_cert_7819470049378619129.zip
cashpro_digital_cert.exe
BARC67505-D5990988-JC7348-65-PDF_1.zip
BARC67505-D5990988-JC7348-65-PDF.exe
0839644138.200131003.zip
8759840043.200131003.jpg.exe
P2420219080.Print.zip
P7469984985.Print.pdf.exe
IMG1.20131007_2804385625.zip
IMG1.20131007_7400850038.jpeg.exe
elinvoice.zip
elinvoice.PDF.exe
PaymentConfirmation.zip
PaymentConfirmation.pdf.exe
Nota-Fiscal-995671256.zip
nota_fiscal_01256245_DOC.scr
ID186808_Picture Message.zip
ID985003_Picture Message.jpg.exe
MQ661.zip
Schedule_Transactions_18937001_XLS.exe
New Orde-fdp.scr
20131014_40960.zip
20131014_006453.jpg.exe
20131014_92422IMG.zip
20131014_85004IMG.jpg.exe
Dated Reminder 489-071-pdf.zip
PO-653489071-pdf.exe
G8373.zip
G8373-PDF.exe
rm_EFF74517E7.zip
ms_7382648732687.pdf.exe
rm_24993CA396.zip
rm_265372638723.pdf.exe 

The Newt_Order_Product_Quotation-doc.exe file in the Newt_Order_Product_Quotation-doc.zip attachment has a file size of 246,272 bytes. The MD5 checksum, which is a unique identifier of the executable, is the following string: 0x374DB3316720F085660D248FF80F7236

The New_Order_Product_Quote-doc.exe file in the New_Order_Product_Quote-doc.zip attachment has a file size of 208,896 bytes. The MD5 checksum is the following string: 0xE35A51B00D65A62D923ECF38F0958332

The scan01_pdf.exe file in the scan01_pdf.zip attachment has a file size of 551,986 bytes. The MD5 checksum is the following string: 0x1FF7800661B8DABE3D07BEB4CAE9BBED

The sample_pdf.exe file in the sample_pdf.zip attachment has a file size of 552,585 bytes. The MD5 checksum is the following string: 0xB486F08C3A3FA4FC4196BC4AC198558D

The PRODUC~1.EXE file in the products.zip attachment has a file size of 622,080 bytes. The MD5 checksum is the following string: 0x77D61900D8D38567FBF3C1A0F83B7B88

The New_Order_Quotation-doc.exe file in the New_Order_Quotation-doc.zip attachment has a file size of 242,176 bytes. The MD5 checksum is the following string: 0x10B1B22D78452DDBB2DB45A281840EA8

The Samplepicture_pdf.exe file in the Samplepicture_pdf.zip attachment has a file size of 1,404,968 bytes. The MD5 checksum is the following string: 0x000ED64D563392ABB8FE971148E54B62

A variant of sample_pdf.exe file in the sample_pdf.zip attachment has a file size of 563,204 bytes. The MD5 checksum is the following string: 0xEBD9C2F7EA857F895D954D778D34802D

The New_Order_Quotation-pdf.exe file in the New_Order_Quotation-pdf.zip attachment has a file size of 479,744 bytes. The MD5 checksum is the following string: 0x447C433BBAC67632EC309F8248A32221

The New_Order_Quotations-doc.exe file in the New_Order_Quotations-doc.zip attachment has a file size of 238,080 bytes. The MD5 checksum is the following string: 0xE88E598C69D226473554EF92B544D61B

The Wester Union Payment Slip_pdf.exe file in the Wester Union Payment Slip_pdf.zip attachment has a file size of 561,546 bytes. The MD5 checksum is the following string: 0xAC17928943887F879D0F7410B3FB85C5

The scan000_pdf.exe file has a file size of 561,481 bytes. The MD5 checksum is the following string: 0xE3C11111B0237A07E52991352FF30455

The Quotation_pdf.exe file in the Quotation_pdf.zip attachment has a file size of 324,096 bytes. The MD5 checksum is the following string: 0x0FDD80F5725D8086B76DDE6C3A3C8476

A third variant of sample_pdf.exe file in the tt copy_pdf.zip attachment has a file size of 567,637 bytes. The MD5 checksum is the following string: 0xD0145A94B7B7A76560A74FEC4FF954EA

The Obfuscated. Order_pdf.exe has a file size of 616,960 bytes. The MD5 checksum is the following string: 0x99E0857035EE258BD49D65DE21C23D38

The tt_copy_pdf.scr file in the tt_copy_pdf.zip attachment has a file size of 567,427 bytes. The MD5 checksum is the following string: 0x997E1C3EE1BE1B01A9750C736375E267

A fourth variant of the sample_pdf.exe file in the sample_pdf.zip attachment has a file size of 568,226 bytes. The MD5 checksum is the following string: 0x3AFFE31D2F69CFE8F477381ECC2A9485

The Product Order_pdf.exe file in the Purchase order.pdf.zip attachment has a file size of 200,704 bytes. The MD5 checksum is the following string: 0x7E4DCE631728B13CEDC6E800378DF9A1

The scan002_pdf.exe file in the scan002_pdf.zip attachment has a file size of 193,814 bytes. The MD5 checksum is the following string: 0x0D9CA29E21821BC123BCC8FEEFCB7206

The image001_pdf.exe file in the image001_pdf.zip attachment has a file size of 567,704 bytes. The MD5 checksum is the following string: 0xD020B6B79EB642A4A543AA36D58D5370

A variant of New_Order_Quotation-doc.exe file in the PAYMENTSLIP.zip attachment has a file size of 295,424 bytes. The MD5 checksum is the following string: 0xB8D9B77C93D7E924FF4B701F73253F19

A third variant of the New_Order_Quotation-doc.exe file in the New_Order_Quotation-doc.zip attachment has a file size of 291,328 bytes. The MD5 checksum is the following string: 0x6299A6F9BFD9E2A1F8217F321D211563

The fifth variant of the sample_pdf.exe file in the sample_pdf.zip attachment has a file size of 219,975 bytes. The MD5 checksum is the following string: 0x200189938C0D0A1C2FA048DAC326C0BF

The image15052013_pdf.exe file in the image15052013_pdf.zip attachment has a file size of 222,023 bytes. The MD5 checksum is the following string: 0x03887FD4DA77216D554C9C17E3F37B44

The report_0946547_PDF.exe file has a file size of 127,488 bytes. The MD5 checksum is the following string: 0xF51B8A6450A27810C6F11D0A30CCA2F0

The image200313_pdf.exe file in the image200313_pdf.zip attachment has a file size of 221,105 bytes. The MD5 checksum is the following string: 0x6B9E3F487FFA3E7D4C17B18F22C05C57

The Original_copy_pdf.exe file in the Original_copy_pdf.zip attachment has a file size of 319,571 bytes. The MD5 checksum is the following string: 0x1C461CC1DAE43397BFAD5214DE3E1433

The Original Copy_pdf.exe file in the Original Copy_pdf.zip attachment has a file size of 700,928 bytes. The MD5 checksum is the following string: 0x8FED60B28DC5B0840C58CAEC9C23B4B2

The cina.scr file in the Revised Purchse Order_pdf.zip attachment has a file size of 410,112 bytes. The MD5 checksum is the following string: 0x9F18D8CFF2B76A417E9EE107CC93BB33

A sixth variant of the sample_pdf.exe file in the document_payment_pdf..zip attachment has a file size of 700,928 bytes. The MD5 checksum is the following string: 0x1F901FCD01633815A2D2E563C83DACE4

The Original_pdf.exe file in the New Order.zip attachment has a file size of 799,232 bytes. The MD5 checksum is the following string: 0xEF1A1DAD152853254EDA027B57D80235

A variant of the Original Copy_pdf.exe file in the OriginalCopy.pdf.zip attachment has a file size of 803,328 bytes. The MD5 checksum is the following string: 0xA003B62DEFEF4D5432B2DF173B631FFF

The New Purchase Order_pdf.exe file in the New Purchase Order_pdf .zip attachment has a file size of 1,203,597 bytes. The MD5 checksum is the following string: 0x0C3D9B76CD503A57950E0A3808B71BE4

The IMG1258310330-JPG.scr file in the IMG3866203949-JPG.zip attachment has a file size of 714,244 bytes. The MD5 checksum is the following string: 0x3712DF9555FF386AC999BDF25C4D4BC1

The IMG2531797423-JPG.scr file in the IMG0990207321-JPG.zip attachment has a file size of 805,380 bytes. The MD5 checksum is the following string: 0x7773CFAB8A72D3ACF99464D0BEA5EE9F

The Original Copy_pdf.scr file in the Original Copy_pdf (1).zip attachment has a file size of 823,808 bytes. The MD5 checksum is the following string: 0xB1BFE9353E039F051523F2212013B92A

The IMG2216617538-JPG.scr file in the IMG9416157474-JPG.zip attachment has a file size of 1,560,520 bytes. The MD5 checksum is the following string: 0x8B09BE4A2F7A6EDE63E0CB192F43C008

A seventh variant of the sample_pdf.exe file in the sample_pdf.zip attachment has a file size of 382,976 bytes. The MD5 checksum is the following string: 0x5BC2292ED3975B117A60C4864800AF2C

The IMG2475240169-JPG.scr file in the AdobeReaderXI_316291.zip attachment has a file size of 1,490,070 bytes. The MD5 checksum is the following string: 0xD50D4836B14E76C030AC3E8E63123F73

A variant of the Original Copy_pdf.scr file in the Origina_Copy_Pdf.zip attachment has a file size of 2,413,054 bytes. The MD5 checksum is the following string: 0x87B70747273A1503356005417C9FF0C5

An eighth variant of the sample_pdf.exe file in the sample_pdf.zip attachment has a file size of 238,080 bytes. The MD5 checksum is the following string: 0x5B88DC11D63052413FC732161336ADBA

The Document_4553172582-PDF.scr file in the Document_6603096519-PDF.zip attachment has a file size of 770,456 bytes. The MD5 checksum is the following string: 0x52E1F1D79B81D641023D83D5396FB41C

The IMG2182934609-JPG.scr file in the IMG2742904648-JPG.zip attachment has a file size of 816,036 bytes. The MD5 checksum is the following string: 0x6599E1123FEC12EF455487FEC54C3F3A

The IMG3723393505-JPG.scr file in the IMG2118155891-JPG.zip attachment has a file size of 816,030 bytes. The MD5 checksum is the following string: 0x86D597D58E5CF7EF89038C90C5DF19C9

The MIAP511I_5329142_0001934810_ST493.PDF.exe file in the IMG9415071339-JPG.zip attachment has a file size of 133,632 bytes. The MD5 checksum is the following string: 0x0BE2C0F318159A87FA1A27E84A224AD7

The IMG0385780233-JPG.scr file in the IMG9207122536-JPG.zip attachment has a file size of 788,390 bytes. The MD5 checksum is the following string: 0x61B587EFD27F14526FA1C2E79C9DB7C5

The IMG6881491278-JPG.scr file in the IMG2430575899-JPG.zip attachment has a file size of 787,100 bytes. The MD5 checksum is the following string: 0xD0AA8C13162EDD0547A68910773B9077

The image.exe file in the IMG0772835702-JPG.zip attachment has a file size of 282,624 bytes. The MD5 checksum is the following string: 0xEC965FA0E751BEC5B61FC736B49590E2

A third variant of Original Copy_pdf.scr file in the Original Copy_pdf (5).zip attachment has a file size of 216,633 bytes. The MD5 checksum is the following string: 0x371DF4E4E94A93A43C9386B567DAE345

A fourth variant of Original Copy_pdf.scr file in the revised PO.pdf.zip attachment has a file size of 331,321 bytes. The MD5 checksum is the following string: 0x0B8E146208C5CE386997D434E4068FD3

A fifth variant of the Original Copy_pdf.scr file in the Original Copy_pdf.zip attachment has a file size of 216,633 bytes. The MD5 checksum is the following string: 0xCB5A97EA8F41FF834242B3CA334988C8

A sixth variant of the Original Copy_pdf.scr file in the Original Copy_pdf (1).zip attachment has a file size of 212,633 bytes. The MD5 checksum is the following string: 0xEB227DAAF89BEF1D23FE961F9603DE91

The IMG7521164198-JPG.scr file in the IMG8732165337-JPG.zip attachment has an approximate file size of 1,904 bytes. The MD5 checksum is not available.

A seventh variant of Original Copy_pdf.scr file in the Original Copy_pdf (1).zip attachment has a file size of 253,497 bytes. The MD5 checksum is the following string: 0xFA3EF8F79E2B153A5FD693BE7F81ABFA

The product_pdf.scr file in the product_pdf.zip attachment has a file size of 253,497 bytes. The MD5 checksum is the following string: 0xEF720504CB6B143D156E74BDE911FFE7

The Sample_pdf.scr file in the Payment Copy.zip attachment has a file size of 200,345 bytes. The MD5 checksum is the following string: 0x41CF3DC04C348F01D8B4C960361904CF

The order list_pdf.exe file in the order list.zip attachment has a file size of 209,408 bytes. The MD5 checksum is the following string: 0xBE03D76EC4E977AE0D8EBE8D8D938EF0

A eighth variant of Original Copy_pdf.scr file in the Original Copy_pdf.zip attachment has a file size of 200,345 bytes. The MD5 checksum is the following string: 0xFF995D0C1AB504010DDA52022D0BA963

The IMG1533331062-JPG.scr file in the IMG3381987961-JPG.zip attachment has a file size of 621,056 bytes. The MD5 checksum is the following string: 0x91B3971CE8D6512612B369A78212167A

The IMG6438052499-JPG.scr file in the IMG6461914564-JPG.zip attachment has a file size of 809,511 bytes. The MD5 checksum is the following string: 0x0F00970B30F990BAC3217F85817E7928

The IMG3978836446-JPG.scr file in the IMG5825170128-JPG.zip attachment has a file size of 776,192 bytes. The MD5 checksum is the following string: 0xC2DF26EC6555B068BBD52DBB3F777156

The IMG9936706340-JPG.scr file in the IMG9936706340-JPG.scr attachment has a file size of 809,511 bytes. The MD5 checksum is the following string: 0x3DCB0EA8CF748D6915FD70BF15B80BBD

The IMG5877719669-JPG.scr file in the IMG6926852712-JPG.zip attachment has a file size of 16,896 bytes. The MD5 checksum is the following string: 0x06DB897966AD45FCEA9DB82097C2A985

The IMG2752924697-JPG.scr file in the IMG3997574537-JPG.zip attachment has a file size of 751,104 bytes. The MD5 checksum is the following string: 0x3F43C84D14784EF75A43059EDD9529FA

A ninth variant of the Original Copy_pdf.scr file in the Original Copy_pdf.zip attachment has a file size of 770,560 bytes. The MD5 checksum is the following string: 0xB9BC2BCF99EE71D7705DAD54FA690772

The IMG2257181497-JPG.scr file in the IMG2543127254-JPG.zip attachment has a file size of 22,528 bytes. The MD5 checksum is the following string: 0x62FBDED375EC06455D503B65C8EA69BA

The New_order_quotation6-doc.exe file in the New_order_quotation6-doc.zip attachment has a file size of 1,468,512 bytes. The MD5 checksum is the following string: 0xEA76F8546B2C9799286622C9751F8C4E

The IMG0783898958-JPG.scr file in the IMG3815508030-JPG.zip attachment has a file size of 77,824 bytes. The MD5 checksum is the following string: 0x97173F71A4633E77DB758A210B2EA492

The IMG7453095166-JPG.scr file in the IMG1609815235-JPG.zip attachment has a file size of 43,520 bytes. The MD5 checksum is the following string: 0xC297BD6F5918D3E2F072E151D582BED3

A third variant of the Original Copy_pdf.exe file in the Original Copy_pdf.zip attachment has a file size of 825,836 bytes. The MD5 checksum is the following string: 0xCB112AE68A11DF20A51EA86979B57E70

The IMG5532084864-JPG.scr file in the IMG0090430460-JPG.zip attachment has a file size of 110,592 bytes. The MD5 checksum is the following string: 0x8954BFAB088FC56B2E043B2FE6DD6E21

The T-BOX.exe file in the T-BOX_13.zip attachment has a file size of 1,057,792 bytes. The MD5 checksum is the following string: 0xABA2B52A6C25DB5793260DE93D3E4FE5

The IMG4566471499-JPG.scr file in the IMG5266667081-JPG.zip attachment has a file size of 98,304 bytes. The MD5 checksum is the following string: 0x2F6C9F2FED418BB32387B224854013F4

The IMG8108541954-JPG.scr file in the IMG3474195690-JPG.zip attachment has a file size of 81,920 bytes. The MD5 checksum is the following string: 0xAB97ED5EEB4084ECA9DD6DCB08F6C280

The IMG4753077994-JPG.scr file in the IMG9816148913-JPG.zip attachment has a file size of 86,016 bytes. The MD5 checksum is the following string: 0x620CE97A2E1D757689EA289EF75568F2

The Love_Doc_8036764315-txt.scr file in the Love_Doc_6808737450-txt.zip attachment has a file size of 81,920 bytes. The MD5 checksum is the following string: 0x3205341F582BFCD4B6D657AEE7E7A699

The IMG5088930942-JPG.scr file in the IMG1684435436-JPG.zip attachment has a file size of 65,536 bytes. The MD5 checksum is the following string: 0x310775CF231C4E409E1EB1FF5B6D9181

The PRINT_IXNDJ863ML_PDF.exe file size in the PRINT_IXNDJ863ML_PDF.zip attachment is unavailable. The MD5 checksum is also unavailable.

The order_9LNAHPQQ9PPT7EG8HF.pdf.exe file in the order_9LNAHPQQ9PPT7EG8HF.PDF.zip attachment has a file size of 16,384 bytes. The MD5 checksum is the following string: 0x432F09E1348BEB807719B66A8B306C81

The Orde_fdp.scr file in the RFQ pdf.zip attachment has a file size of 1,708,567 bytes. The MD5 checksum is the following string: 0x59AB1C6D4D47B47BDBE7ED64B1C415BF

The Electricity bill sep.13 87409584.pdf.exe file size in the Electricity bill sep.13 64391230.zip attachment is unavailable. The MD5 checksum is also unavailable.

The IMG2315855606-JPG.scr file in the IMG3430048558-JPG.zip attachment has a file size of 7,680 bytes. The MD5 checksum is the following string: 0xB16672C89270AC991D28B450FB0280AC

The payment-pdf.exe file in the payment-pdf.zip attachment has a file size of 507,416 bytes. The MD5 checksum is the following string: 0x81B0F122D2A0B355E40E806A12CC3DDB

The IMG4306804284-JPG.scr file in the IMG2165587498-JPG.zip attachment has a file size of 8,192 bytes. The MD5 checksum is the following string: 0xA31ED5CD5686E2C81B7D6B4BC57DCBE2

The IMG4837016874-JPG.scr file in the IMG4486580362-JPG.zip attachment has a file size of 7,680 bytes. The MD5 checksum is the following string: 0x761DC1DBAF7666FFF22F2048A5293C78

The report.pdf.exe file in the report.zip attachment has a file size of 169,685 bytes. The MD5 checksum is the following string: 0x7A39F497EA179F3F9BCC589CB643EB48

The 2013_10rechnung_7409598302.pdf.exe file in the 2013_10rechnung_2054314981.zip attachment has a file size of 235,520 bytes. The MD5 checksum is the following string: 0x2DB348ED6863A62521391A1C083E8A78

The Order Items.pdf.scr file in the 20131001_103316.zip attachment has a file size of 963,524 bytes. The MD5 checksum is the following string: 0xB27267B2698AF69002BCF2997ED55A69

The IMG_20131001_76475.jpg.exe file in the IMG_20131001_02380.zip attachment has a file size of 40,960 bytes. The MD5 checksum is the following string: 0x705EBDFDE006791E765A8EC7F22852CC

The IMG0767643376-JPG.scr file in the IMG9711475991-JPG.zip attachment has a file size of 10,240 bytes. The MD5 checksum is the following string: 0xB2DD030C66AFE2E3C9CF8336D9EF48E0

The PO#6872.pdf.scr file in the PO#6872.pdf.zip attachment has a file size of 417,280 bytes. The MD5 checksum is the following string: 0x3D7726D50BAFE527E5A8160FC9356BDC

The TT-doc.scr file in the TT-doc.zip attachment has a file size of 325,908 bytes. The MD5 checksum is the following string: 0x16BD57F4027273363798670834700663

The cashpro_digital_cert.exe file size in the cashpro_digital_cert_7819470049378619129.zip attachment is unavailable. Then MD5 checksum is also unavailable.

A variant of the cashpro_digital_cert.exe file in the cashpro_digital_cert_7819470049378619129.zip attachment has a file size of 27,648 bytes. The MD5 checksum is the following string: 0x585990CB8B0CEC0F4D7FA6D872C9A678

The BARC67505-D5990988-JC7348-65-PDF.exe file in the BARC67505-D5990988-JC7348-65-PDF_1.zip attachment has a file size of 3,885,568 bytes. The MD5 checksum is the following string: 0x0E1D48E4197DACA6DB7A27CB3EE1BD93

The 8759840043.200131003.jpg.exe file in the 0839644138.200131003.zip attachment has a file size of 96,469 bytes. The MD5 checksum is the following string: 0xD8F909422888650C38334E6AB9DCEAFC

The P7469984985.Print.pdf.exe file in the P2420219080.Print.zip attachment has a file size of 75,989 bytes. The MD5 checksum is the following string: 0x8A9ABE065D473DA9527FDF08FB55CB9E

The IMG1.20131007_7400850038.jpeg.exe file in the IMG1.20131007_2804385625.zip attachment has a file size of 94,674 bytes. The MD5 checksum is the following string: 0x7CBE6D0196D234762033BB8329059023

The elinvoice.PDF.exe file in the elinvoice.zip attachment has a file size of 157,397 bytes. The MD5 checksum is the following string: 0xDB15567C95699AD5C622F457E57928FE

The PaymentConfirmation.pdf.exe file in the PaymentConfirmation.zip attachment has a file size of 89,194 bytes. The MD5 checksum is the following string: 0xD90066BA3E775DAF1D5B5A9C096E7B63

The nota_fiscal_01256245_DOC.scr file in the Nota-Fiscal-995671256.zip attachment has a file size of 471,552 bytes. The MD5 checksum is the following string: 0x9EC206B7E98BB1CE19BBE63327DF347A

A variant of the report.pdf.exe file in the report.zip attachment has a file size of 137,216 bytes. The MD5 checksum is the following string: 0x6AFCCD4EEDE8F8C5336229F80D925BA0

The ID985003_Picture Message.jpg.exe file in the ID186808_Picture Message.zip attachment has a file size of 202,240 bytes. The MD5 checksum is the following string: 0x82E974ECA4A818140CC5B552F0A2C6CF

The Schedule_Transactions_18937001_XLS.exe file in the MQ661.zip attachment has a file size of 402,847 bytes. The MD5 checksum is the following string: 0xBED4FFD73CE916DDCF6EB2A803DBE4E3

The New Orde-fdp.scr file in the New Order.zip attachment has a file size of 1,728,206 bytes. The MD5 checksum is the following string: 0x9323D3D0952C62A2CED7FFD33CA5C5FC

A third variant of the report.pdf.exe file in the report.zip attachment has a file size of 134,656 bytes. The MD5 checksum is the following string: 0x4EA805AC7915E93068EE5C04E02D5EBF

A fourth variant of the report.pdf.exe file in the report.zip attachment has a file size of 133,632 bytes. The MD5 checksum is the following string: 0xE2E525D1250D1F874304BF4A174F7F85

The 20131014_006453.jpg.exe file in the 20131014_40960.zip attachment has a file size of 88,277 bytes. The MD5 checksum is the following string: 0xD08C957A004BECD0A2404DB99D334484

The 20131014_85004IMG.jpg.exe file in the 20131014_92422IMG.zip attachment has a file size of 299,733 bytes. The MD5 checksum is the following string: 0x297C8E90C6E6B9D46AF671268165D838

A fifth variant of the report.pdf.exe file in the report.zip attachment has a file size of 133,632 bytes. The MD5 checksum is the following string: 0x530DC3F204893C3C8E5541868E895556

The PO-653489071-pdf.exe file in the Dated Reminder 489-071-pdf.zip attachment has a file size of 1,068,547 bytes. The MD5 checksum is the following string: 0x41D8057BA9F83B7C76CA04231D5892DC

The G8373-PDF.exe file in the G8373.zip attachment has a file size of 1,034,604 bytes. The MD5 checksum is the following string: 0x69199F559E7BEA69976271E9BB91FD

The ms_7382648732687.pdf.exe file in the rm_EFF74517E7.zip attachment has an approximate file size of 70,768 bytes. The MD5 checksum is the following string: 6cecb76e84f5043f12b83578d58dc69a

The rm_265372638723.pdf.exe file in the rm_24993CA396.zip attachment has an approximate file size of 69,058 bytes. The MD5 checksum is not available.


The following text is a sample of the email message that is associated with this threat outbreak:

Message Body:

This is Boris Kris from ICA PTY Ltd. Please view attached files for the Quantity and products we
want to Order and see if your firm will be able to fulfill our demand. Also provide us with the available
Discounts on the products we are requesting.
Please, kindly provide:
FOB price per piece
Minimum order quantity
I would appreciate your early reply in advance.
Sincerely
Boris Kris
Admin Marketing
ICA PTY ltd.
1742 Kings Dr. NWE Austrialia

Or

Subject: URGENT SUPPLY NEEDED!

Message Body:

Compliments of the day,
We saw similar Product of your company and some of our clients
are interested in them, so please confirm to us if your company
can make provision of the exact product with good quality. Please
finda attached’ specification and relative orders before giving
your quotation and subsequently making your proforma invoice
(PI). Please download attachment of the sample.
Please .This will enable us add it to our safe list and avoid
your email been sent to spam folder.
Looking forward to your response with details, prize and quantity
that can be made available.
Regards
MR DAVE JOHN
Sales Manager
Emirates.Technotrade. L.L.C
Jaierjah, UAE

Or

Message Body:

ATO_header.gif (181×54)
E-tax Notification!
Dear e-tax user,
You are advised to download your Online e-tax Payment Receipt for your Tax refunds for the year 2012.
Attached to this email is your Receipt and you are advise to download it to view your payment report and history.
ATO e-tax Service

Or

Message Body:

Manager Desk Office Angel Star General Merchandise
Paris, France.
My name is Jerry Pounds the head manager of Angel Star Paris Head office.
I am interested in your product and want a long term relation in business once I confirm you can render the required service needed by me.
I will like to know the FOB prices per each items plus the shipping cost I also want to know the kind of method you accept for payment.
Attached to this email is our sample order.Please view and get back to me as soon as possible.
Get back to me and let me know if you have the design so we can do business together.
Await your reply and update.
Jerry Pounds
Manager Desk Office Angel Star General Merchandise
Paris, France.

Or

Subject: New Order Enquiry

Message Body:

How are you?
This is Lee Wuteng from Mwsocds Imports Ltd. Please provide the FOB price and the allowed MQO for the products in the attached document.
I would appreciate your early reply in advance.
Sincerely
Lee Wuteng
Admin Marketing
Mwsocds Imports Ltd.
1894 Sandy Spring Road
Laurel 20707 MD. USA

Or

Subject: I Just make the payment.

Message Body:

Hi,
Please view the western union payment receipt for confirmation, and do get back to me immediately. Don't forget that you gave me your words of assurance never to let me down before i could raise this $4,750usd. I will be waiting for your email
asap.
Best Regards,
Williams Smith

Or

Subject: MAKING MONEY MADE EASY !!!

Message Body:

Hello,
You can work online and make a minimum of $250 USD per day.
Read document for further details.
NOTE: NO REGISTRATION FEE REQUIRED.

Or

Subject: Re: TT Copy.

Message Body:

Greeting's
Find the attached 30% down payment for your PI and will send balance after receiving BL.
Please,update me about production timing and all as its a re-order.
Best regards,
Laura Castilo Gomez
Sherlock Interbiz Co.,Ltd.
Silver Spring,Sanders Ville NY,USA

Or

Subject: P.O 234710

Message Body:

Dear Sir/Madam
We are Yuyao Jiachi Pipe Co., Ltd,we are professionals in dealing with Metal connector , Plastic coated pipe , Metal joint.We are really interested with your products as seen from your gallery on your website
Attached is Our signed Purchase Order ,but most importantly we will we will need your guarantee of speedy delivery of this order and as we have listed on our Purchase Order
Note:You will have to sign the Purchase Order and send back along with your Contract Letter
Contact:Mr.Zhou
Email:sales@nbjiachi.com
Website:www.nbjieachi.com

Or

Subject: Bank Of America

Message Body:

Attention,
Receive Your Funds Now With No Fee Required
Incoming Wire Notification.
An incoming wire transfer has been received by your financial institution and the funds deposited to your account on 08-03-2013.
Please download the attached document and view the transfer confirmation slip to be sure there's no error on your account that the funds was wired to.
Thanks For your cooperation
Regards
Customer Service
Bank Of America
Benedict Raul

Or

Subject: NEW ORDER QUOTATION

Message Body:

Dear,
Please see the attached product list and send us your quote.
Note: include the FOB, MQO, CIF, and the earliest shipping date
thanks
yours faithfuly
HENRY TB KL
Goe company ltd

Or

Subject: International Wire Transfer File Not Processed

Message Body:

We are unable to process your International Wire Transfer request due to
insufficient funds in the identified account.
Review the information below and contact your Relationship Manager if you
have questions, or make immediate arrangements to fund the account. If funds
are not received by 04/12/2013 03:00 pm PT, the file may not be processed.
Please view the attached file for more details on this transaction.
Any email address changes specific to the Wire Transfer Service should be
directed to Treasury Management Client Services at 1-800-AT-WELLS
(1-800-289-3557).
Event Message ID: S941-6828257
Date/Time Stamp: Fri, 17 May 2013 09:16:42 +0330
–––––––––––––––––––––––––––––––––––––-
––––––––––––––––––––––––––––––––––––-
Please do not reply to this email; this mailbox is only for delivery of
Event Messaging notices. To ensure you receive these notices, add
ofsrep.ceoemigw@wellsfargo.com to your address book.
For issues related to the receipt of this message, call toll free
1-800-AT-WELLS (1-800-289-3557) Monday through Friday between 4:00 am and
7: 00 pm and Saturday between 6:00 am and 4:00 pm Pacific Time.
Customers outside the U.S. and Canada may contact their local
representative's office, or place a collect call to Treasury Management
Client Services at 1-704-547-0145.
Please have the Event Message ID available when you call.

Or

Message Body:

;D

Or

Message Body:

hahaha

Or

Subject: Payment Advice Ref:[G41978847387] / ACH credits / Customer Ref:[PO925110]

Message Body:

Dear Sir/Madam,
The attached payment advice is issued at the request of our customer. The
advice is for your reference only.
Yours faithfully,
Global Payments and Cash Management
HSBC
***************************************************************************
This is an auto-generated email, please DO NOT REPLY. Any replies to this
email will be disregarded.
***************************************************************************
Security tips
1. Install virus detection software and personal firewall on your
computer. This software needs to be updated regularly to ensure you have
the latest protection.
2. To prevent viruses or other unwanted problems, do not open attachments
from unknown or non-trustworthy sources.
3. If you discover any unusual activity, please contact the remitter of
this payment as soon as possible.
***************************************************************************
*******************************************************************
This email is confidential. It may also be legally privileged.
If you are not the addressee you may not copy, forward, disclose
or use any part of it. If you have received this message in error,
please delete it and all copies from your system and notify the
sender immediately by return email.
Internet communications cannot be guaranteed to be timely,
secure, error or virus-free. The sender does not accept liability
for any errors or omissions.
*******************************************************************
"SAVE PAPER - THINK BEFORE YOU PRINT!"

Or

Subject: Your Company Reg.#IXNDJ863ML

Message Body:

103BGG4-71791175

Or

Message Body:

We acknowledge and confirm your order for customer ranbeer.johal@wesleyan.co.uk, as follows:
Find herewith the attached order invoice ICFEMDA451ICFEMDA975 .
The attached file is a Sale Report in HTML (web page) format.
To view the report, save all of the attachments to a new folder.
Then open the folder (for example, using Windows Explorer), and open the HTML file.
Regards,
Isabella Thomas
Sales Co-ordinator
Estate Industrial PVT. LTD.

Or

Subject: Re: Quotation Needed

Message Body:

Ref: [ Sellers Of Product ]
This Request for Quotation (RFQ) needs your prompt attention.
We have the following message for you:
Attn. Sales,
With reference to the above mentioned subject, please provide us your commercial and technical quotation for the following product.
In the attachment, some information?s you will require to provide us your quotation.
Regards,
Yvonne Laimal
Sales Director
# 782, 15th Cross, 1st Phase
JP Nagar,
––––––––––––––––––––––––––––––––
This message was sent using IMP, the Internet Messaging Program.

Or

Subject: Thank you for your payment

Message Body:

Thanks for your payment
Please add @britishgas.co.uk to your safe senders list or address book
Thank you
Your payment went through smoothly
Thank you for paying £250.00 for your Electricity bill.
If you have any questions about your account please visit our dedicated Help & advice area.
Kind regards
Tim Copper
Digital Director
_____________________________________________________________________
The information contained in or attached to this email is intended only for the use of the individual or entity to which it is addressed. If you are not the intended recipient, or a person responsible for delivering it to the intended recipient, you are not authorised to and must not disclose, copy, distribute, or retain this message or any part of it. It may contain information which is confidential and/or covered by legal professional or other privilege (or other rules or laws with similar effect in jurisdictions outside England and Wales).
The views expressed in this email are not necessarily the views of Centrica plc, and the company, its directors, officers or employees make no representation or accept any liability for its accuracy or completeness unless expressly stated to the contrary.
British Gas Trading Limited (company no: 03078711) British Gas Services Limited (company no: 3141243) and Centrica Energy (Trading) Limited (company no: 02877397), are all wholly owned subsidiaries of Centrica PLC (company no: 3033654). Each company is registered in England and Wales with a registered office at Millstream, Maidenhead Road, Windsor, Berkshire SL4 5GD.
British Gas Services Limited (BGS) and Centrica Energy (Trading) Limited are both authorised and regulated by the Financial Services Authority (FSA registration numbers are 490568 and 232514, respectively). BGS is authorised and regulated by the FSA for insurance mediation services. British Gas Trading Limited is an appointed representative of BGS for insurance mediation services (FSA registration number: 439467).

Or

Subject: You should take a look at this picture

Message Body:

:P

Or

Message Body:

Attention Sir,
Payment has been made to your account as instructed .Kindly confirm
payment slip and let us know when order will be ready.
Thanks

Or

Subject: Wells Fargo Advisors

Message Body:

Please review attached documents.
Chloe_Milson
Wells Fargo Advisors
817-559-4662 office
817-358-9011 cell Chloe_Milson@wellsfargo.com
Investments in securities and insurance products are:
NOT FDIC-INSURED/NO BANK-GUARANTEES/MAY LOSE VALUE Wells Fargo Advisors, LLC is a nonbank affiliate of Wells Fargo & Company, Member FINRA/SIPC.
1 North Jefferson, St. Louis, MO 63103
CONFIDENTIAL NOTICE: The contents of this message, including any attachments, are confidential and are intended solely for the use of the person or entity to whom the message was addressed. If you are not the intended recipient of this message, please be advised that any dissemination, distribution, or use of the contents of this message is strictly prohibited. If you received this message in error, please notify the sender. Please also permanently delete all copies of the original message and any attached documentation. Thank you.

Or

Subject: WG: RechnungOnline Monat Oktober 2013

Message Body:

TELEKOM - ERLEBEN, WAS VERBINDET.
| Rechnungen speichern | Kennwort wiederherstellen
Mehr
|
Ihre Rechnung für Oktober 2013
Guten Tag,
mit dieser E-Mail erhalten Sie Ihre aktuelle Rechnung. Die Gesamtsumme im Monat Oktober 2013 beträgt: 45,97 Euro.
Den aktuellen Einzelverbindungsnachweis – sofern von Ihnen beauftragt – und das Rechnungsarchiv finden Sie im Kundencenter.
Diese E-Mail wurde automatisch erzeugt. Bitte antworten Sie nicht dieser Absenderadresse. Bei Fragen zu RechnungOnline nutzen Sie unser Kontaktformular.
Informationen über die Umstellung auf den einheitlichen Euro-Zahlungsverkehrsraum (SEPA) finden Sie hier.
Speziell für Sie: Möchten Sie zukünftig Informationen über neue Produkte und Tarife erhalten, melden Sie sich zu unserem kostenlosen Informationsservice an.
Mit freundlichen Grüßen
Ralf Hoßbach
Leiter Kundenservice
RechnungOnline aufrufen
Rechnungen im Mediencenter speichern
Rechnungen im Mediencenter speichern
Nie mehr in Schubladen kramen: Speichern Sie Rechnungen und Einzelverbindungsnachweise dauerhaft im Mediencenter – per Mausklick! Aus dem Kundencenter heraus benötigen Sie nämlich nur einen Klick, um Ihre Rechnungen ins Mediencenter zu übertragen.
So sparen Sie sich viel Papierkram und langwieriges Suchen. Aktenordner ade!
Jetzt informieren!
Persoenliches Kennwort wiederherstellen
Persönliches Kennwort wiederherstellen
Sie wollen Ihren Router neu konfigurieren, aber haben Ihr persönliches Kennwort vergessen? Kein Problem! Im Kundencenter können Sie Ihr Kennwort ab sofort einfach und schnell selbst wiederherstellen.
Denken Sie bei der Wahl von Kennwörtern immer an die Sicherheit: Bilden Sie Buchstaben-Zahlen-Kombinationen mit Sonderzeichen.
Jetzt informieren!
Weitere aktuelle Produkt- und Service-Informationen finden Sie in unserer Online-Rechnungsbeilage.
© Telekom Deutschland GmbH Kundencenter FAQ Kontakt AGB Impressum
Hinweis: Die Inhalte dieser Mail sind vertraulich und nur für den konkret genannten Adressaten der Anlage bestimmt. Falls Sie nicht der richtige Empfänger dieser E-Mail sind, senden Sie uns bitte eine Information an info@telekom.de und löschen Sie diese E-Mail. Das unerlaubte Kopieren sowie die unbefugte Weitergabe dieser E-Mail und der darin enthaltenen Informationen sind nicht gestattet.
21

Or

Subject: Your CashPro Online Digital Certificate

Message Body:

Dear CashPro Customer,
This email is being sent to inform you that you have been granted a new digital certificate for use with Bank of America CashPro Online.
Please open the attachment and you will be guided through a simple process to install your new digital certificate.
If you have any questions or concerns, please contact the Bank of America technical help desk.
Thank you for your business,
Bank of America
CashPro Online Security Team
Please do not reply to this email .
Copyright 2013 Bank of America Merrill Lynch. All rights reserved. CashPro is a registered trademark of Bank of America Corporation.

Or

Subject: Terminal Agent

Message Body:

Hi all Agent and Customer!
Western Union RESPOND: 08/10/13.
Please note: A zip file reader is required to this attachment.
Added in a new Exchange Rates Converter ..
Download XLS document Wire Transfer.
Distribute for all agents and customers .
Please attach XLS document Wire Transactions
RE send all list of agent that have email contact
EURO 1.4015
USD 1.0318
AUD .9703
GBP 1.6577
XAU 1353.69
XAG 22.42
XPT 1430.33
CHF 1.1436
----------------------------------------------------------------------
The information transmitted, including any content in this communication is confidential, is intended only for the use of the intended recipient and is the property of The Western Union Company or its affiliates and subsidiaries.
If you are not the intended recipient, you are hereby notified that any use of the information contained in or transmitted with the communication or dissemination, distribution, or copying of this communication is strictly prohibited.
If you have received this communication in error, please notify the Western Union sender immediately by replying to this message and delete the original message.

Or

Subject: Wells Fargo Advisors

Message Body:

Please review attached documents.
John_Deen
Wells Fargo Advisors
817-559-4662 office
817-358-9011 cell John_Deen@wellsfargo.com
Investments in securities and insurance products are:
NOT FDIC-INSURED/NO BANK-GUARANTEES/MAY LOSE VALUE Wells Fargo Advisors, LLC is a nonbank affiliate of Wells Fargo & Company, Member FINRA/SIPC.
1 North Jefferson, St. Louis, MO 63103
CONFIDENTIAL NOTICE: The contents of this message, including any attachments, are confidential and are intended solely for the use of the person or entity to whom the message was addressed. If you are not the intended recipient of this message, please be advised that any dissemination, distribution, or use of the contents of this message is strictly prohibited. If you received this message in error, please notify the sender. Please also permanently delete all copies of the original message and any attached documentation. Thank you.

Or

Message Body:

Sent via the Samsung Galaxy S™ II Skyrocket™

Or
Subject: Wells Fargo Advisors

Message Body:

Please review attached documents.
Chloe_Milson
Wells Fargo Advisors
817-559-4662 office
817-358-9011 cell Chloe_Milson@wellsfargo.com
Investments in securities and insurance products are:
NOT FDIC-INSURED/NO BANK-GUARANTEES/MAY LOSE VALUE Wells Fargo Advisors, LLC is a nonbank affiliate of Wells Fargo & Company, Member FINRA/SIPC.
1 North Jefferson, St. Louis, MO 63103
CONFIDENTIAL NOTICE: The contents of this message, including any attachments, are confidential and are intended solely for the use of the person or entity to whom the message was addressed. If you are not the intended recipient of this message, please be advised that any dissemination, distribution, or use of the contents of this message is strictly prohibited. If you received this message in error, please notify the sender. Please also permanently delete all copies of the original message and any attached documentation. Thank you.
Cisco Security Intelligence Operations analysts examine real-world email traffic data that is collected from over 100,000 contributing organizations worldwide. This data helps provide a range of information about and analysis of global email security threats and trends. Cisco will continue to monitor this threat and automatically adapt systems to protect customers. This report will be updated if there are significant changes or if the risk to end users increases.

Cisco security appliances protect customers during the critical period between the first exploit of a virus outbreak and the release of vendor antivirus signatures. Email that is managed by Cisco and end users who are protected by Cisco Web Security Appliances will not be impacted by these attacks. Cisco security appliances are automatically updated to prevent both spam email and hostile web URLs from being passed to the end user.

Related Links
Cisco Security Intelligence Operations
Cisco SenderBase Security Network
 
Alert History
 

Version 78, February 20, 2014, 9:00 AM: Cisco Security Intelligence Operations has detected significant activity on February 19, 2014.

Version 77, January 22, 2014, 10:07 AM: Cisco Security Intelligence Operations has detected significant activity on January 20, 2014.

Version 76, October 14, 2013, 12:52 PM: Cisco Security Intelligence Operations has detected significant activity on October 14, 2013.

Version 75, October 11, 2013, 2:37 PM: Cisco Security Intelligence Operations has detected significant activity on October 11, 2013.

Version 74, October 9, 2013, 8:50 PM: Cisco Security Intelligence Operations has detected significant activity on October 9, 2013.

Version 73, October 9, 2013, 2:12 PM: Cisco Security Intelligence Operations has detected significant activity on October 9, 2013.

Version 72, October 9, 2013, 12:38 PM: Cisco Security Intelligence Operations has detected significant activity on October 8, 2013.

Version 71, October 8, 2013, 1:11 PM: Cisco Security Intelligence Operations has detected significant activity on October 8, 2013.

Version 70, October 7, 2013, 5:50 PM: Cisco Security Intelligence Operations has detected significant activity on October 7, 2013.

Version 69, October 7, 2013, 2:17 PM: Cisco Security Intelligence Operations has detected significant activity on October 7, 2013.

Version 68, October 3, 2013, 2:07 PM: Cisco Security Intelligence Operations has detected significant activity on October 3, 2013.

Version 67, October 2, 2013, 7:09 PM: Cisco Security Intelligence Operations has detected significant activity on October 2, 2013.

Version 66, October 2, 2013, 3:38 PM: Cisco Security Intelligence Operations has detected significant activity on October 2, 2013.

Version 65, October 1, 2013, 3:09 PM: Cisco Security Intelligence Operations has detected significant activity on October 1, 2013.

Version 64, September 30, 2013, 7:24 PM: Cisco Security Intelligence Operations has detected significant activity on September 30, 2013.

Version 63, September 30, 2013, 1:12 PM: Cisco Security Intelligence Operations has detected significant activity on September 27, 2013.

Version 62, September 26, 2013, 1:24 PM: Cisco Security Intelligence Operations has detected significant activity on September 25, 2013.

Version 61, September 23, 2013, 7:53 PM: Cisco Security Intelligence Operations has detected significant activity on September 23, 2013.

Version 60, September 23, 2013, 12:42 PM: Cisco Security Intelligence Operations has detected significant activity on September 23, 2013.

Version 59, September 17, 2013, 2:42 PM: Cisco Security Intelligence Operations has detected significant activity on September 17, 2013.

Version 58, September 9, 2013, 4:42 PM: Cisco Security Intelligence Operations has detected significant activity on September 9, 2013.

Version 57, September 9, 2013, 1:59 PM: Cisco Security Intelligence Operations has detected significant activity on September 9, 2013.

Version 56, September 6, 2013, 7:45 PM: Cisco Security Intelligence Operations has detected significant activity on September 6, 2013.

Version 55, September 5, 2013, 2:28 PM: Cisco Security Intelligence Operations has detected significant activity on September 4, 2013.

Version 54, September 3, 2013, 1:38 PM: Cisco Security Intelligence Operations has detected significant activity on September 1, 2013.

Version 53, August 29, 2013, 3:48 PM: Cisco Security Intelligence Operations has detected significant activity on August 29, 2013.

Version 52, August 26, 2013, 1:06 PM: Cisco Security Intelligence Operations has detected significant activity on August 26, 2013.

Version 51, August 23, 2013, 4:15 PM: Cisco Security Intelligence Operations has detected significant activity on August 23, 2013.

Version 50, August 22, 2013, 5:01 PM: Cisco Security Intelligence Operations has detected significant activity on August 22, 2013.

Version 49, August 22, 2013, 2:17 PM: Cisco Security Intelligence Operations has detected significant activity on August 22, 2013.

Version 48, July 24, 2013, 2:42 PM: Cisco Security Intelligence Operations has detected significant activity on July 24, 2013.

Version 47, July 22, 2013, 3:52 PM: Cisco Security Intelligence Operations has detected significant activity on July 21, 2013.

Version 46, July 19, 2013, 12:26 PM: Cisco Security Intelligence Operations has detected significant activity on July 18, 2013.

Version 45, July 17, 2013, 2:45 PM: Cisco Security Intelligence Operations has detected significant activity on July 17, 2013.

Version 44, July 17, 2013, 12:15 PM: Cisco Security Intelligence Operations has detected significant activity on July 16, 2013.

Version 43, July 15, 2013, 12:01 PM: Cisco Security Intelligence Operations has detected significant activity on July 12, 2013.

Version 42, July 12, 2013, 4:23 PM: Cisco Security Intelligence Operations has detected significant activity on July 11, 2013.

Version 41, July 10, 2013, 3:06 PM: Cisco Security Intelligence Operations has detected significant activity on July 9, 2013.

Version 40, July 9, 2013, 1:55 PM: Cisco Security Intelligence Operations has detected significant activity on July 5, 2013.

Version 39, July 5, 2013, 5:27 PM: Cisco Security Intelligence Operations has detected significant activity on July 5, 2013.

Version 38, July 5, 2013, 2:02 PM: Cisco Security Intelligence Operations has detected significant activity on July 4, 2013.

Version 37, July 3, 2013, 1:34 PM: Cisco Security Intelligence Operations has detected significant activity on July 3, 2013.

Version 36, July 1, 2013, 5:08 PM: Cisco Security Intelligence Operations has detected significant activity on June 28, 2013.

Version 35, June 28, 2013, 1:56 PM: Cisco Security Intelligence Operations has detected significant activity on June 26, 2013.

Version 34, June 27, 2013, 2:04 PM: Cisco Security Intelligence Operations has detected significant activity on June 26, 2013.

Version 33, June 24, 2013, 1:18 PM: Cisco Security Intelligence Operations has detected significant activity on June 22, 2013.

Version 32, June 20, 2013, 2:56 PM: Cisco Security Intelligence Operations has detected significant activity on June 20, 2013.

Version 31, June 18, 2013, 2:14 PM: Cisco Security Intelligence Operations has detected significant activity on June 17, 2013.

Version 30, June 17, 2013, 6:36 PM: Cisco Security Intelligence Operations has detected significant activity on June 15, 2013.

Version 29, June 13, 2013, 3:06 PM: Cisco Security Intelligence Operations has detected significant activity on June 12, 2013.

Version 28, June 12, 2013, 1:42 PM: Cisco Security Intelligence Operations has detected significant activity on June 12, 2013.

Version 27, June 7, 2013, 1:06 PM: Cisco Security Intelligence Operations has detected significant activity on June 6, 2013.

Version 26, June 4, 2013, 2:27 PM: Cisco Security Intelligence Operations has detected significant activity on June 4, 2013.

Version 25, May 28, 2013, 2:41 PM: Cisco Security Intelligence Operations has detected significant activity on May 28, 2013.

Version 24, May 20, 2013, 2:28 PM: Cisco Security Intelligence Operations has detected significant activity on May 20, 2013.

Version 23, May 17, 2013, 6:36 PM: Cisco Security Intelligence Operations has detected significant activity on May 17, 2013.

Version 22, May 16, 2013, 2:50 PM: Cisco Security Intelligence Operations has detected significant activity on May 16, 2013.

Version 21, May 15, 2013, 7:12 PM: Cisco Security Intelligence Operations has detected significant activity on May 15, 2013.

Version 20, May 6, 2013, 7:22 PM: Cisco Security Intelligence Operations has detected significant activity on May 3, 2013.

Version 19, March 18, 2013, 1:16 PM: Cisco Security Intelligence Operations has detected significant activity on March 15, 2013.

Version 18, March 12, 2013, 12:48 AM: Cisco Security Intelligence Operations has detected significant activity on March 12, 2013.

Version 17, March 5, 2013, 5:46 AM: Cisco Security Intelligence Operations has detected significant activity on March 4, 2013.

Version 16, February 27, 2013, 7:33 AM: Cisco Security Intelligence Operations has detected significant activity on February 26, 2013.

Version 15, February 25, 2013, 7:14 AM: Cisco Security Intelligence Operations has detected significant activity on February 24, 2013.

Version 14, February 20, 2013, 4:11 AM: Cisco Security Intelligence Operations has detected significant activity on February 19, 2013.

Version 13, February 19, 2013, 4:15 AM: Cisco Security Intelligence Operations has detected significant activity on February 18, 2013.

Version 12, February 18, 2013, 8:11 AM: Cisco Security Intelligence Operations has detected significant activity on February 18, 2013.

Version 11, February 15, 2013, 11:49 AM: Cisco Security Intelligence Operations has detected significant activity on February 15, 2013.

Version 10, February 15, 2013, 5:41 AM: Cisco Security Intelligence Operations has detected significant activity on February 14, 2013.

Version 9, February 11, 2013, 9:29 AM: Cisco Security Intelligence Operations has detected significant activity on February 11, 2013.

Version 8, February 4, 2013, 7:42 AM: Cisco Security Intelligence Operations has detected significant activity on February 3, 2013.

Version 7, January 28, 2013, 10:17 AM: Cisco Security Intelligence Operations has detected significant activity on January 28, 2013.

Version 6, January 25, 2013, 8:21 AM: Cisco Security Intelligence Operations has detected significant activity on January 24, 2013.

Version 5, January 22, 2013, 8:07 AM: Cisco Security Intelligence Operations has detected significant activity on January 21, 2013.

Version 4, January 16, 2013, 8:10 AM: Cisco Security Intelligence Operations has detected significant activity on January 15, 2013.

Version 3, January 16, 2013, 6:46 AM: Cisco Security Intelligence Operations has detected significant activity on January 15, 2013.

Version 2, January 2, 2013, 5:26 AM: Cisco Security Intelligence Operations has detected significant activity on December 25, 2012.

Version 1, December 21, 2012, 9:20 AM: Cisco Security Intelligence Operations has detected significant activity on December 20, 2012.


Product Sets
 
The security vulnerability applies to the following combinations of products.

Primary Products:
IntelliShieldThreat Outbreak Alert Original Release Base

Associated Products:
N/A




Alerts and bulletins on the Cisco Security Intelligence Operations Portal are highlighted by analysts in the Cisco Threat Operations Center and represent a subset of the comprehensive content that is available through Cisco Security IntelliShield Alert Manager Service. This customizable threat and vulnerability alert service provides security staff with access to timely, accurate, and credible information about threats and vulnerabilities that may affect their environment.


LEGAL DISCLAIMER
The urgency and severity ratings of this alert are not tailored to individual users; users may value alerts differently based upon their network configurations and circumstances. THE ALERT, AND INFORMATION CONTAINED THEREIN, ARE PROVIDED ON AN "AS IS" BASIS AND DO NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE ALERT, AND INFORMATION CONTAINED THEREIN, OR MATERIALS LINKED FROM THE ALERT, IS AT YOUR OWN RISK. INFORMATION IN THIS ALERT AND ANY RELATED COMMUNICATIONS IS BASED ON OUR KNOWLEDGE AT THE TIME OF PUBLICATION AND IS SUBJECT TO CHANGE WITHOUT NOTICE. CISCO RESERVES THE RIGHT TO CHANGE OR UPDATE ALERTS AT ANY TIME.
Powered by  IntelliShield