Source: https://blogs.technet.microsoft.com/mmpc/2016/04/18/javascript-toting-spam-emails-what-should-you-know-and-how-to-avoid-them/
We have recently observed that spam campaigns are now using JavaScript attachments aside from Office files. The purpose of the code is straightforward. It downloads and runs other malware.
Some of the JavaScript downloaders that we’ve seen are:
The same JavaScript downloaders are also responsible for spreading the following ransomware:
The spam email contains a .zip or .rar file attachment which carries a malicious JavaScript. The JavaScript attachment mostly has the following icon, depending on the system’s script software. The file names are either related to the spam campaign, or completely random:
Figure 1: Examples of JavaScript attachments from spam email campaigns