MX Lab, http://www.mxlab.eu, started to intercept a new malware distribution campaign by email with the subject “Contract”.
This email is send from the different spoofed email address and has the following body – each time signed with a different name at the end:
Please sign the attached contract with our technical service company for 2016 � 2017.
We would appreciate your quick response.
The attached file 79800f65bce.zip contains the file contract_2016-2017_pdf ~62bbb6d9.js.