MX Lab, http://www.mxlab.eu, started to intercept a new trojan distribution campaign by email with the subject “Remittance Advice”.
This email is send from the spoofed addresses and has the following body:
Remittance Advice from Bailey of Bristol
We are making a payment to you.
Please find attached a copy of our remittance advice, done on 5/09/2014.
If you have any questions regarding the remittance please contact us using the details below.
Bailey of Bristol
Tel: 949 906-5058
Fax: 949 820-2704
The attached ZIP file has the name Remittance_F033.zip and contains the 70 kB large file Remittance_F033.PDF.scr.
The trojan is known as HEUR/Malware.QVM19.Gen or Mal/Generic-S.
At the time of writing, 2 of the 55 AV engines did detect the trojan at Virus Total.
Use the Virus Total permalink for more detailed information.