Analysis by: Catherine Loveria

A spam message purporting to be a requested letter is making its rounds, carrying an attachment that is a JavaScript malware. When users open this attachment, their computers are infected with JS_NEMUCOD.DLDVCP. NEMUCOD is known to deliver other malware such as ransomware.

Trend Micro product users with anti-spam filtering enabled are protected from this spam, and consequently, the execution of the attached malware. Other users should refrain from opening email from unknown senders.

 SPAM BLOCKING DATE / TIME: July 13, 2016 GMT-8
 TMASE INFO
  • ENGINE:8.0
  • PATTERN:2450