Malware spam FAIL: "Direct Debit Mandate from COMPANY NAME"

This morning's Dridex spam run spoofs a set of random companies. However, the attachment is malformed and cannot be downloaded.. at least in the samples I have seen.

From:    Hilton Castaneda
Date:    25 January 2016 at 09:40
Subject:    Direct Debit Mandate from NORTH ATLANTIC SMALL COS INV TST

Good morning

Please attached Direct Debit Mandate from NORTH ATLANTIC SMALL COS INV TST;
complete, sign and scan return at your earliest convenience.


Kind regards,

Hilton Castaneda
TEAM SUPPORT
NORTH ATLANTIC SMALL COS INV TST
t. 01897 566 634
f. 0856 814 1637

==========

From:    Stanford Rich
Date:    25 January 2016 at 08:39
Subject:    Direct Debit Mandate from SUNPLUS TECHNOLOGY CO LTD

Good morning

Please attached Direct Debit Mandate from SUNPLUS TECHNOLOGY CO LTD;
complete, sign and scan return at your earliest convenience.


Kind regards,

Stanford Rich
TEAM SUPPORT
SUNPLUS TECHNOLOGY CO LTD
t. 01899 146 416
f. 0818 208 3763

==========

From:    Jewell Chavez
Date:    25 January 2016 at 09:38
Subject:    Direct Debit Mandate from STELLAR DIAMONDS PLC

Good morning

Please attached Direct Debit Mandate from STELLAR DIAMONDS PLC;
complete, sign and scan return at your earliest convenience.


Kind regards,

Jewell Chavez
TEAM SUPPORT
STELLAR DIAMONDS PLC
t. 01723 748 961
f. 0849 101 7259

==========

From:    Louisa Nielsen
Date:    25 January 2016 at 09:08
Subject:    Direct Debit Mandate from HALMA

Good morning

Please attached Direct Debit Mandate from HALMA;
complete, sign and scan return at your earliest convenience.


Kind regards,

Louisa Nielsen
TEAM SUPPORT
HALMA
t. 01522 109 616
f. 0868 158 4319

I haven't had time to do any analysis on the b0rked attachments. I will try to post some updates later.