We have received many reports from our German customers receiving spammed e-mails containing an attachment named GEZ_Rechnung.pdf.exe.Here is a sample screenshot of the spammed e-mail:Our detection for this malware is Nurech.W.Nurech.W uses the following links to download Bzub.HO: http://buckells.co.uk/heidi/[BLOCKED]ex.txt http://floorsovertexas.com/images/[BLOCKED]ex2.txt http://gideonsarmy3.com/gideons_files/[BLOCKED]ex2.txt http://gilles-pouliot.com/images/[BLOCKED]ex2.txt http://graceinthedesert.org/images/photo_page/[BLOCKED]ex2.txt http://gracesanders.com/images/[BLOCKED]ex2.txt http://mazal18.com/temp/[BLOCKED]ex2.txt http://thecorsairs.co.uk/Pics/[BLOCKED]ex.txt Bzub.HO is a password stealer and is hosted in the following link: http://samuraiwordsets.co.uk/images/[BLOCKED]p.exe