Global malspam campaign with xlsm attachment. It contacts a link from an internal list and downloads a dll, which contains a trojan and backdoor-loader hybrid.
Institutions leveraged in daily-based campaigns. Last one exploits INPS. An xls attachment, different for each message, contacts a single link and downloads a DLL that activates malware infection.
New malspam campaign: the xlsm attachment, if opened, contacts a random link from an internal list and downloads the DLL that starts the malware infection.
The bait is a shipping receipt, attached as an .xlsm file. This, if opened, contacts a random link from an internal list and downloads a DLL, which starts malware infection.
The bait is always an attached invoice, an .xlsm file. This, if opened, contacts a link chosen randomly from an internal list that downloads a DLL and infects the PC with malware.
The emails contain an .xlsm attachment which, when opened, contacts a random link from an internal list. This downloads a DLL that infects the PC with malware.