Here’s an actual Outlook inbox (On-premise exchange, note that Office 365 mailboxes are silently discarding this attachment)
From the offset Gmail and Office365 were not spreading the malware forward. 365 silently drops the mail, Gmail sends you a friendly heads-up…
Namecheap private email is blissfully unaware 20 hours after the first report of a suspicious attachment.
ESET has added signatures for this outbreak at last, many hours behind other antivirus vendors but still not as late as; ALYac AVware Agnitum AhnLab-V3 Alibaba Antiy-AVL Baidu Baidu-International Bkav ByteHero CAT-QuickHeal CMC ClamAV Comodo DrWeb F-Secure Ikarus Jiangmin K7AntiVirus K7GW Malwarebytes Microsoft NANO-Antivirus Panda Qihoo-360 Rising SUPERAntiSpyware Symantec TheHacker TrendMicro TrendMicro-HouseCall VBA32 ViRobot Zillya Zoner nProtect
At the end of today (actually well into the following day now) all the above vendors haven’t added signatures for this seriously damaging ransom-ware infection.
Researchers and analysts: download payload
If you don’t know the password, email firstname.lastname@example.org and ask nicely.