MX Lab, http://www.mxlab.eu, started to intercept a new malware distribution campaign by email with the subject “”Unpaid Invoice #xxxxxx”
This email is send from various spoofed addresses and has the following body:
Dear Valued Customer,
Please make sure you send payment for your parcel to avoid any inconvenience. Open the attached file to review the confirmation listing.
The attached file UNPAID_INVOICE_920511.zip contains the 8 large file letter.078656871.js.
The malware is detected as JS/Locky.C!Camelot by 1 of the 54 AV engines at Virus Total.