解析者: Jat Lucas Sauler

We have observed a new spam wave delivering Trickbot. This campaign uses spam mail with malicious attachments disguised as a Microsoft Excel file. The message contains fake payment notification, claiming to be from well-known banks or financial entities. When the .XLS attachment is opened, it asks users to enable macros. This then executes a PowerShell command to access a malicious link that downloads the Trickbot malware.

Trend Micro detects the malicious attachment as Trojan.X97M.POWLOAD.NSFGAIBR. Trend Micro email products easily prevents spam messages from reaching your inbox. While products with anti-spam help, users are still advised to ignore email that are fro unknown sources.

 スパムブロック日時 : 2018年11月21日 21:58:00 GMT-8
 TMASE
  • TMASEエンジン:8.0
  • TMASEパターンバージョン:4238