Trend Micro Security

Malware Downloader Found in Attachment Posing as a Certificate

 解析者: Cedrick Ramos

Sometimes, a colleague sends you a file to print for him or her, especially if he or she can't properly connect to the office printer. This spammed message plays upon that possibility. It poses as a certificate file for printing. The mail contains an MS Excel file. Upon opening the attachment, it executes a macro that downloads other files. This malicious macro is blocked and detected by Trend Micro products as W2KM_GEN.F299E00LK16. The spammed message is also blocked and detected by Trend Micro products.

Never open attachments from email that are not expected or that are from unknown sources. Having proper anti-spam and anti-malware products installed also provides a good layer of protection.

 スパムブロック日時 : 2016年12月21日 0:07:00 GMT-8
 TMASE
  • TMASEエンジン:8.1
  • TMASEパターンバージョン:2774