Date: Mon, 19 Aug 2013 20:24:27 +0000 [16:24:27 EDT]
From: "email@example.com" [firstname.lastname@example.org]
Subject: You have received a secure message
Attached is a file securedoc.zip which in turn contains a malicious executable securedoc.exe which has a very low detection rate at VirusTotal of just 2/46. The Malwr analysis (and also ThreatExpert) shows that the file first connects to [donotclick]frankcremascocabinets.com/forum/viewtopic.php (a hijacked GoDaddy domain on 184.108.40.206 (Secured Servers, US / Jolly Works Hosting, Philippines) as seen before here, and it then tries to downoad additional components from:
This second part has another very low VirusTotal detection rate of just 3/46. Malwr gives an insight into what the binary is doing, or alternatively you can look at the Comodo CAMAS report or ThreatExpert report.