件名：Purchase Order 数字4～8桁

From：Netadmin <netadmin＠Toドメイン> (を偽装)

本文：

 

Hi Sir,

 

Please find attached PDF.

 

Thanks & Regards,

 

FIRSTNAME LASTNAMEi,

Network Administrator,

01数字9桁.

 

添付ファイル：Purchase Order 数字4～8桁.7z

7zファイルの中身は、Purchase Order 数字10桁.js

https://www.virustotal.com/#/file/02bcda1d403f14db75f74353043b7ed41d10bb4308eeac49ba507298fb75cc12/detection

https://www.virustotal.com/#/file/42b27a2c4aacc454f79e748dc6a4f656e0f616437893c10b88a12865d68a366f/detection

https://www.virustotal.com/#/file/d100529c7b5b92c6e866d4c9ac6057452671efdcba0310a7d3590e463d2ae18a/detection

https://www.virustotal.com/#/file/3a0a1f9c6a7f3275e8c4ee1693c91a60277e49c029a293013956b9354e85be46/detection