New Javacsript malware in email “Statement” with monthly financial statement

MX Lab,, started to intercept a new malware distribution campaign by email with the subject “Statement”.

This email is send from the different spoofed email address and has the following body – each time signed with a different name at the end:


The monthly financial statement is attached within the email.
Please review it before processing.

King regards,
Wendi Burnett

(Topic-ID: e75fb3dd7e84b6fd59b55b5a6432f7f1a1fba8cd342a)

The attached file contains the file monthly_financial_scan 0c2d5b8d.js.

The malware is detected by 10/56 AV engines at Virus Total and the malware is analyzed by Malwr.