MX Lab, http://www.mxlab.eu, started to intercept a new trojan distribution campaign by email with the subject “Fax 19.05”.
This email is send from a spoofed address and has the following short body:
Fax to *****@*****.***
The attached file Fax-5108870.zip contains the 32 kB large file fax_info.exe.
The trojan is known as Evilware.Outbreak, BehavesLike.Win32.Downloader.nm, Downloader.Upatre!gen5 or Trojan.Win32.YY.Gen.0.
At the time of writing, 4 of the 55 AV engines did detect the trojan at Virus Total.
Use the Virus Total for more detailed information.