Analysis byCatherine Loveria

A spam message purporting to be a requested letter is making its rounds, carrying an attachment that is a JavaScript malware. When users open this attachment, their computers are infected with JS_NEMUCOD.DLDVCP. NEMUCOD is known to deliver other malware such as ransomware.

Trend Micro product users with anti-spam filtering enabled are protected from this spam, and consequently, the execution of the attached malware. Other users should refrain from opening email from unknown senders.

 SPAM BLOCKING DATE / TIME: 13 de lipca de 2016 GMT-8
 TMASE
  • TMASE Engine: :
  • Patrón TMASE: :2450