A big wave of malicious VBE files targeting Brazilian users, distributed via email messages. Most of the files are downloaders which, after they are executed, try to install a series of badness that goes from traditional banking Trojans to RATs to Boleto malware. Bad guys are using all kinds of encoding, in an effort to avoid detection by AV products although most are using simple Base64 provided by Motobit software. Brazil, Portugal and Spain are the most attacked countries by the VBS.Banload family this month.”]
Source: https://securelist.com/wave-of-vbe-files-leading-to-financial-fraud/71753/