MX Lab, http://www.mxlab.eu, started to intercept a new trojan distribution campaign by email with the subject “my photo”.
This email is send from the spoofed addresses and has the following body:
my new photo🙂
The attached file my_iphone_photo.zip contains the folder with the 54 kB large file 1my_photo.exe and the 30 kB larg e file 2my_photo.jpg.
The trojan is known as a variant of MSIL/Injector.GMB, UDS:DangerousObject.Multi.Generic, Trojan.MSIL.BVXGen or Win32.Trojan.Inject.Auto.
At the time of writing, 4 of the 54 AV engines did detect the trojan at Virus Total.