Analizzato da: Cedrick Ramos
Trojan Powmet are arriving as attachments to invoice and efax-related emails. In spoofed invoice mails, .xls attachments were used while spoofed efax email used .doc attachments.

Upon investigation, the attachments from these spam mails are detected as 'W2KM_POWLOAD.AUJTC'. 


Attackers use urgency and the victim's lack of knowledge to trick them into opening attachments. Users are advised to carefully check the email they recieve and be cautious when opening attachments from emails.
 Data/ora di blocco Spam: : 27 settembre 2017 GMT-8
 TMASE
  • Motore TMASE: :8.0
  • Patrón TMASE: :3356