Analysis by: Ramon Miguel Romero

We recently encountered a spam sample that purports itself to be a purchase order from IKEA, which is a famous furniture retailer founded in Sweden and features modern Scandanavian furniture. However, once unsuspecting users or legitimate IKEA customers open the attached .doc file, the macro embedded in the said attachment would trigger the download of the malware detected by Trend Micro as W2KM_DRIDEX.YSQU. Affected users may find malicious routines being exhibited on their system.

Trend Micro protects users from this threat via detecting and blocking the malware as well as the spammed email. Users are advised to be wary when opening suspicious emails similar to these, even if they come from supposedly legitimate sources.

 SPAM BLOCKING DATE / TIME: January 29, 2016 GMT-8
 TMASE INFO
  • ENGINE:8.0
  • PATTERN:AS2100

Related Malware