The Ukraine CERT-UA discovered a mass distribution of e-mails using the subject “chemical attack” and a link to an XLS-document with a macro. When opened, the macro downloads and runs an EXE file, which damages the computer with the malicious program JesterStealer. Note that executable files are downloaded from compromised web resources.
Mass distribution of the JesterStealer malware using the topic of chemical attack (CERT-UA # 4625)