MX Lab, http://www.mxlab.eu, started to intercept a new large malware distribution campaign by email with the subject “Re:”.
This email is send from the spoofed addresses and has the following body:
Please find attached our invoice for services rendered and additional disbursements in the above-
Hoping the above to your satisfaction, we remain.
Executive Director Finance & Information Systems
The malware is detected as Js.Trojan.Raas.Auto or virus.js.gen.85 by 2/55 AV engines at Virus Total.