Info from SantanderBillpayment.co.uk, SantanderBillPayment_Slip. Thank you for using BillPay email with an attached SantanderBillPayment_Slip malicious ZIP file.
Subject: Info from SantanderBillpayment.co.uk
Attached to the email is a Zip file:
Thank you for using BillPay. Please keep this email for your records.
The following transaction was received on 22 January 2015 at 09:18:37.
Payment type: VAT
Customer reference no: 7975402
Card type: Visa Debit
Amount: GBP 4,777.00
For more details please check attached payment slip.
Your transaction reference number for this payment is IR7975402.
Please quote this reference number in any future communication regarding this payment.
Inside the Zip file is a windows executable: (Note the double extension)