I saw more of this today (5/19/2015) from an IP address in a new range from Russia.

by CompanyV | Feb 25, 2015 |

The malware in the zip is a trojan downloader largely referred to as Upatre.

This downloader will then probably download the next step which is known as Dyre .

Dyre, is Zeus-like banking Trojan, which is trying to capture as much information about your online banking details as possible.

This malware will also be used to then send out the same malware to everyone else by using your copy of outlook and your bandwidth.

When our mail servers detect a potential risk the attachment is replaced with a text message:
WARNING: This e-mail has been altered by MIMEDefang. Following this paragraph are indications of the actual changes made. For more information about your site’s MIMEDefang policy, contact CompanyV Mail Administrator . For more information about MIMEDefang, see:


An attachment named fax_2342.zip was removed from this document as it constituted a security hazard. If you require this document, please contact the sender and arrange an alternate means of receiving it.