Spam Pose as Google Non-Delivery Report, Contains Trojan Attachment
2015年9月1日
Trend Micro engineers came across spam mail which appear to be non-delivery reports or undelivered mail notice from mx.google.com. Upon further investigation, these messages are verified to be falsely coming from Google. These messages have varying sender addresses.
The spammed messages contain .ZIP attachments that use file names beginning with Google_Mail or Google_Drive. Opening the attachment executes a malicious JavaScript that downloads other probably malicious files. For Trend Micro product users, the spam is blocked and the malicious script, detected as JS_NEMUCOD.XXUK, is prevented from executing on the affected computer.
垃圾邮件阻止日期/时间 : 2015年9月1日 22:00:00 GMT-8
TMASE
- TMASE引擎(全局:8.0
- TMASE样式(全局):1786