New javascript malware: PO # 10 – B F

MX Lab,, started to intercept a new malware distribution campaign by email with the subject “PO # 10 – B F”

This email is send from the spoofed address “Kalyani Purchase <>” and has the following body:

Attached PO

Thanking you


Kalyani Motors Pvt. Ltd
M #. 9900026982

The attached file B F – contains the file 00003601966209.js which is an obfuscated JavaScript.

The malware is detected by 4/56 engines at Virus Total  and a Malwr report is available.