Joined
Sep 19, 2016
Messages
100
Operating System
Windows 7
Antivirus
Avast
#81
This is a good thread. I get tons of these all the time and it's good to know I'm not the only one. I'm also apparently on a call list, so I get things like "Your PC is infect with very virus! Call Microsoft at *number* to fix virus." so yeah xd
 

rockstarrocks

Level 16
Verified
Joined
Apr 16, 2017
Messages
796
Operating System
Windows 10
Antivirus
ESET
#83
I received a sms earlier.

You selected for 1.35 crore from Microsoft company.Kindly send your name,gender,age,add,job,phone no. To:microclaims********@gmail.com

No currency, poor grammar and why the hell would MS use Gmail? Lol
I was thinking "do you want my online banking details too" :D
Edit: couldn't upload the screenshot, idk why
 
E

Eddie Morra

Guest
#90
Maybe the macromalware is just a dropper and once executed, it can download the malicious executable that would have a higher ratio on VT.
That would be a logical explanation.

Most of the time, malicious Office VBA Macro's will simply act as an entry to gain code execution on the machine before deploying file-less script attacks or dropping another loader on the environment. Following this, the real payload normally comes into play.
 
E

Eddie Morra

Guest
#91
I can try and investigate the attachment for you if you'd like and provide some malware analysis insight. I'm a bit bored these days, it'll spice things up.

Send me the attachment download in a PM - if you don't have it, I'll use the VT link and see if I can find the sample myself.
 

ticklemefeet

Level 21
Verified
Joined
Jan 31, 2018
Messages
1,011
#92
I can try and investigate the attachment for you if you'd like and provide some malware analysis insight. I'm a bit bored these days, it'll spice things up.

Send me the attachment download in a PM - if you don't have it, I'll use the VT link and see if I can find the sample myself.
You changed your nickname again? This one is easier to pronounce. The sample is still in my inbox.