分析者: Joachim Capiral

A new wave of spam that uses *.rar *.zip *.gif *.tiff *.docx *.pdf *.jpg is making its rounds.

The attachment looks like it is renamed to lure recipients into clicking the attachment files. These attachments are archive files that come with a JavaScript file that drops a LOCKY malware, detected as JS_LOCKY.BQ.

It looks like this is similar to the spam wave found several days ago that also distributes Locky ransomware. See Malspam With JavaScript Attachment Leads To Locky Ransomware.

 垃圾邮件阻止日期/时间 : 2016年3月29日 22:00:00 GMT-8
 TMASE
  • TMASE引擎(全局:8.0
  • TMASE样式(全局):2228