Friday, 6 May 2016

On 01:47 by admin   No comments
MX Lab,, started to intercept a new malware distribution campaign by email with the subject “Your order has dispatched (#583-6989419-8889556)”.

This email is send from the spoofed address “”” <>” and has no body content in the email. It is clear that this fake email doesn’t originate from Amazon directly.

The attached file invoice84576872.doc is a Word file with malicious macro.
The attached file contains the file 4775327493_4421613.js.

The malware is detected as Trojan.Ransom-Locky!8.4655-fi21vws43hB (Cloud) by 3/56 AV engines at Virus Total.


Post a comment