Email “Fax 19.05” contains trojan

MX Lab,, started to intercept a new trojan distribution campaign by email with the subject “Fax 19.05”.

This email is send from a spoofed address and has the following short body:

Fax to *****@*****.***

The attached file contains the 32 kB large file fax_info.exe.

The trojan is known as Evilware.Outbreak, BehavesLike.Win32.Downloader.nm, Downloader.Upatre!gen5 or Trojan.Win32.YY.Gen.0.

At the time of writing, 4 of the 55 AV engines did detect the trojan at Virus Total.

Use the Virus Total for more detailed information.
SHA256: 84f1ae6ce6c614a962891ff2e2a15241e32232242a5f133ff47c771a2c8bce0e

One thought on “Email “Fax 19.05” contains trojan

Comments are closed.