From: HSBC SecureMail [HSBCRepresentative_WilliamsBlankenship@hsbc.co.uk]Attacked is a file HSBC_Payment_87441653.zip which in turn contains a malicious executable HSBC_Payment_87441653.exe, this has a VirusTotal detection rate of 4/56.
Date: 16 September 2015 at 13:13
Subject: You have received a secure message
UPDATE: The Hybrid Analysis report shows network traffic to a familiar Nigerian IP of 18.104.22.168 which I strongly recommend you block. The traffic pattern is indicative of Upatre dropping the Dyre banking trojan.