MX Lab, http://www.mxlab.eu, started to intercept a new trojan distribution campaign by email with the subjects like:
This email is send from different spoofed address and has the following body:
Office Assistant IV
Stanford Health Care
1190 Welch Road, MC 5794 • Palo Alto, CA 94304
O: 650.736.1944 C: 650.847.0495
The attached file is named:
The Zip file contains the 21 kB large executable with the same name as the ZIP file.
The trojan is known as Upatre.GK or Trojan.Win32.YY.Gen.7.
At the time of writing, 2 of the 57 AV engines did detect the trojan at Virus Total.