From: Barclays Online Bank [email@example.com]The link in the email varies, some other examples seen are:
Date: 20 January 2015 at 14:41
Subject: Barclays - Important Update, read carefully!
Protecting the privacy of your online banking access and personal information are our primary concern.
During the last complains because of online fraud we were forced to upgrade our security measures.
We believe that Invention of security measures is the best way to beat online fraud.
Barclays Bank have employed some industrial leading models to start performing an extra security check with Your Online Banking Activities to ensure a safe and secure Online and Mobile Banking.
For security reasons we downloaded the Update Form to security Barclays webserver.
You are requested to follow the provided steps and Update Your Online Banking details, for the safety of Your Accounts.
- Please download and complete the form with the requested details: http://fizza.ro/BARCLAYS~ONLINE.BANKING~UPDATE/update.html
- Fill in all required fields with your accurately details (otherwise will lead to service suspension)
Warning: If you choose to ignore our request, you leave us no choice but to temporary hold on your funds.
Thank you for your patience as we work together to protect your account.
Please update your records on or before 48 hours, a failure to update your records will result in a temporary hold on your funds.
Barclays Online Bank Customer Service
We apologize for any inconvenience this may have caused.
(c) Copyright 2015 Barclays Bank Plc. All rights reserved.
The file itself is an Upatre downloader, with poor detection rates   .
The Malwr report shows traffic to the following URLs:
Out of these 188.8.131.52 (Excell Media Pvt Ltd, India) is one you should definitely block. This downloader drops several files including (in this case) %TEMP%\sJFcN24.exe which has a VirusTotal detection rate of just 3/57 and is identified as Dyreza.C by Norman anti-virus.