MX Lab, http://www.mxlab.eu, started to intercept a new malware distribution campaign by email with the subjects like:
The subject will be a combination of Emailing:, IMG/Photo/Picture followed with a number between ( and ) and a gif, jpg or png extension type. Spoofed addresses are being used and has no body content in the email.
The attached file Picture(359).png.zip contains the file 515081450905_98025.wsf which is a Windows Script File.
Note again that the the attached and extracted filenames will vary with each email.