New javascript malware: PO # 10 – B F


MX Lab, http://www.mxlab.eu, started to intercept a new malware distribution campaign by email with the subject “PO # 10 – B F”

This email is send from the spoofed address “Kalyani Purchase <purchase@kalyanimotors.com>” and has the following body:

Attached PO


Thanking you

Regards
Shankar

Kalyani Motors Pvt. Ltd
Bangalore
M #. 9900026982

The attached file B F – 10.zip contains the file 00003601966209.js which is an obfuscated JavaScript.

The malware is detected by 4/56 engines at Virus Total  and a Malwr report is available.