Date: Wed, 27 Nov 2013 11:50:07 +0100 [05:50:07 EST]Attached is a file Transaction_274135902580.zip which in turn contains a malicious executable named Transaction.exe which has an icon to make it look like a PDF file and a VirusTotal detection rate of 8/48.
From: "email@example.com" [firstname.lastname@example.org]
Subject: ADP - Reference #274135902580
We were unable to process your recent transaction. Please verify your details and try again.
If the problem persists, contact us to complete your order.
Transaction details are shown in the attached file.
This e-mail has been sent from an automated system.
PLEASE DO NOT REPLY.
The information contained in this message may be privileged, confidential and protected from disclosure. If the reader of this message is not the intended recipient, or an employee or agent responsible for delivering this message to the intended recipient, you are hereby notified that any dissemination, distribution or copying of this communication is strictly prohibited. If you have received this communication in error, please notify your representative immediately and delete this message from your computer. Thank you.
Malwr reports an attempted connection to seribeau.com on 188.8.131.52 (Exa Bytes Network, Malaysia). This IP has several hundred legitimate web sites on it, and it is not possible to determine if these are clean or infected.