Analysis by: Cedrick Ramos

A number of users may receive a fake utility bill email that contains malware. The email is in Japanese and contains an .xls attachment that is supposed to be filled up by the recipient. However, once the file is executed, the user's machine gets infected. The malware is detected as HEUR_VBA.O2.

The email addresses the recipient in good nature initially, then proceeds to tell the user to confirm the invoice by entering information in the attachment.

Users should take extra precautions against unsolicited emails and not click links or open attachments therein. Security solutions with anti-spam and anti-malware capabilities provide an effective defense against such threat.
 SPAM BLOCKING DATE / TIME: September 07, 2017 GMT-8
 TMASE INFO
  • ENGINE:
  • PATTERN:3312