From "Garth Hutchison"
Date 21/01/2015 11:50
Subject BACS Transfer : Remittance for JSAG400GBP
We have arranged a BACS transfer to your bank for the following amount : 5821.00
Please find details attached.
Attached is a malicious Word document BACS_transfer_JS87123781237.doc [VT 1/57] which contains a macro [pastebin] which downloads a file from:
This is then saved as %TEMP%\iHGdsf.exe. This has a VirusTotal detection rate of 6/57 identifying it as a Dridex downloaded. You can see the Malwr report here.
Sources indicate that this malware phones home to the following IPs which I recommend you block: