Malware spam: "Please find attached the profile of Mr.X for a suitable role in your Organisation" leads to Locky

This spam comes with a malicious attachment, it appears to come from different senders and the referenced name varies, but the format is essentially the same.

From:    Effie Larsen
Date:    12 July 2016 at 20:07
Subject:    Profile

Dear [redacted],

Please find attached the profile of Mr.Welch for a suitable role in your Organisation


King regards,
Effie Larsen
Mexico Key Account Director

Attached is a ZIP file containing elements of the recipient's email address, the word "profile" and a random number. Contained within are a variety of malicious .js scripts beginning with "profile".

These two Hybrid Analysis reports [1] [2] show download locations at:

jstudio.com.my/wtxyf4
zakagimebel.ru/nrik9xq

This is somewhat consistent with the download locations for the earlier Locky ransomware spam as seen here. It is likely that the C2 servers are the same or at least overlap.