From: mereway kitchens [firstname.lastname@example.org]Attached is a file K-DELC-28279.doc which comes in two different versions, both of which are poorly detected by AV vendors   and which contain one of two malicious macros   [pastebin]. These attempt to download a file from one of the following locations:
Date: 20 January 2015 at 08:24
Subject: Delivery Confirmation
This payload is identical to the one found in this spam run which preceded it.
UPDATE 2015-01-23A second spam run is underway, and although the email and attachment name are the same, the malicious macro itself is rather different. Both Word documents have zero detection rates   and contain malicious macros   that download another component from:
This binary has a VirusTotal detection rate of 3/57. It probably drops the Dridex banking trojan, but analysis is inconclusive.