JPCERT/CC said it can elude detection by embedding a malicious Word file within a PDF document