Análisis realizado por Cedrick Ramos

Spam campaigns, carrying links or malicious .doc files, exploiting the Microsoft Office vulnerability known as CVE-2017-11882 is spreading in Australia and Japan. The Australia spam campaign is persuading recipients to click on a link that will redirect to malware detected as TROJ_RTFCVE201711882.A:

The Japanese spam campaign, on the other hand, comes in varying forms. Some spammed messages hides the malicious file in the email's code, while other messages appear as an unformed email that has the malicious document, detected as TROJ_RTFCVE2017118882.B:

Just looking at the form of the email messages tells the reader that it is highly suspicious. Users should immediately delete email of this nature.

 Fecha/hora de bloqueo del spam: 23 de noviembre de 2017 GMT-8
 TMASE
  • Motor TMASE: 8.0
  • Patrón TMASE: 3486