March 28, 2016
MX Lab, http://www.mxlab.eu, started to intercept a new malware distribution campaign by email with the subject “Document (1).pdf”.
This email is send from the spoofed addresses and has the following body:
The attached file Document (1).pdf contains the file TDY2486281915.js.
More malware is downloaded from: hxxp://enduro.si/pdf/765f46vb.exe