Spoofed UK Fuels Collection malspam delivers malware, possibly Trickbot
released on 2017-07-19 @ 11:19:40 AM
An email with the subject of UK Fuels Collection pretending to come from invoices@ebillinvoice.com with a malicious word doc attachment delivers some sort of malware. I am not sure what these are. They might be Jaff ransomware or might be Dridex banking Trojan or Trickbot banking Trojan. The last time I saw proshuto8.exe it was Trickbot, but these malware gangs do mix & match and reuse file names and delivery methods to deliver multiple different malwares.