New Javascript malware in email “office equipment”

MX Lab,, started to intercept a new malware distribution campaign by email with the subject “office equipment”.

This email is send from the spoofed addresses and has the following body:

Dear ****,

Please sign the attached purchase of the office equipment. We will send you back the receipt afterward.

Best regards,
Marylou Cox
Sales Manager

The attached file contains the file office_equipment ~2e0c9b44.js.

The malware is detected by 4/55 AV engines at Virus Total. Malwr analysis shows that more malware will be downloaded from hxxp:// Other hosts might be used in this campaign.