From: Credit Control [email@example.com]Attached is a document I0026098.doc which comes in at least two versions with low detection rates   which contain some macros   that attempt to download a component from the following locations:
Date: 5 March 2015 at 11:10
Subject: Penta invoice I0026098
Please find attached your invoice I0026098
This is the same payload as used in this earlier spam run. It currently has a VirusTotal detection rate of 12/56.