Cancel Order Trojan

A trojan is currently being spammed out that has an executable file inside a zip attachment called "invoice.zip".  Sample subject lines include: 

Account Security Measures!
Bank Account Expired
Bank Account Irregular Activity
Bank account stolen
Bank Account Suspended
check your FBI records
Credit Card Bill
Credit Card Charged!
Credit Card Irregular Activity
Credit Card Stolen
Email Deleted
Email Suspended
money giveaway
msg from your cousin
Order Completed
Order Confirmation
Order Recieved
Security Measures!
SignUp Successfull
Successfull Transaction
Transaction Successfull
Your Bank Account Suspended
your check bounced
Your Credit Card has been Charged
Your Money Has been stolen
Your New Credit Card
your payment was declined

The email body refers to "confirmation" of an order from "Glamour Codes Inc". 

The executable file in the zip file is called "cancel order.exe", which plays on fact that some people might want to immediately cancel this "unwanted order".  The message explicitly encourages this action.

At this stage, we are not certain of the exact nature of the executable, but it may seek to download malware components from the web.

As usual be extremely wary of attachments in any unsolicited email, it is best just to delete the message.

MailMarshal customers should note the current SpamCensor is detecting these messages as spam and no further action is necessary.