The email on an fake invoice contains an xlsm attachment. This contacts a random link from an internal list and downloads the dll, which starts the malware infection.
New global malspam campaign. The attachment, a .doc file, contacts a random link from an internal list of eight and downloads a DLL, which starts the malware infection.