Just a heads up, my business email account suspiciously sent out numerous emails yesterday morning to clients with a Word doc attachment. The attachment contained the above mentioned trojan which also goes by:
Specific details here:
Webroot did not catch this on my system during numerous system scans on multiple devices. I had to reinstall my OS for other reasons (the wonders of Bootcamp), so subsequent scans with Webroot, Trend Micro and Windows Defender are clean. But by then the damage was done. The source was Russia, and by then they had the email password and access to my account, which means they knew who I'd been recently communicating with.
Malicious emails were sent to people I'd had recent conversations with, some of who were expecting documentation from me, so they assumed the attachment was safe and opened it which then infected their system. Many of these contacts were not in my address book, and the malware was clever enough to simply mask the phony email as a "reply" to the most recent legitimate email in each thread. The client system (Trend Micro) identified the trojan, and I was notified by them, but it was too late.
I don't know if the Webroot trojan database is not up to date, or whether Trend Micro is simply more capable of catching this. Just pointing this out and hoping it doesn't happen to anyone else. What a mess.