Information about malicious e-mails against Banks in the Middle East

fIn the first week of May 2016, FireEye’s DTI identified a wave of emails containing malicious attachments being sent to multiple banks in the Middle East region. The threat actors appear to be performing initial reconnaissance against would-be targets, and the attacks caught our attention since they were using unique scripts not commonly seen in crimeware campaigns.
In this blog we discuss in detail the tools, tactics, techniques and procedures (TTPs) used in these targeted attacks.