Date: Tue, 12 Nov 2013 16:22:38 +0100 [10:22:38 EST]The body text of the spam contains a faked email address made to look like helpdesk@ the victim's domain. Attached to the email is a password-protected ZIP file Outlook.zip that has to be decoded with the PaSdIaoQ key in the body text of the email (hopefully intelligent people will realise that you wouldn't send the password with the encrypted attachment.. you'd have to be really daft to do that).
From: Undisclosed Recipients
Subject: Important - New Outlook Settings
Please carefully read the attached instructions before updating settings.
This file either contains encrypted master password, used to encrypt other files. Key archival has been implemented, in order to decrypt the file please use the following password: PaSdIaoQ
This e-mail and / or any attachment(s) is intended solely for the above-mentioned recipient(s) and it may contain confidential or privileged information. If you have received it in error, please notify us immediately at helpdesk@victimdomain and delete the e-mail. You must not copy it, distribute it, disclose it or take any action in reliance on it.
Unzipping the file gives a malicious executable Outlook.exe which has an icon designed to look like Microsoft Outlook.
The detection rate at VirusTotal is 5/45. Automated analysis tools   show an attempted connection to dchamt.com on 126.96.36.199 (Peer 1 Dedicated Hosting, US). That IP address contains about 70 websites which may or may not be clean.