These are minor variants of each other, sending emails with attachments related to Taxation, such as The_reporting_of_taxes.zip or To_reduce_the_tax.zip. Once again, these archives contain executable files with misleading icons.
Some of the archives are ZIP files, some of them are RAR files and some of them are ZIP files with a .RAR extension. The wrong extension is used by the virus apparently because some gateway filters might fail to unpack such files while many unpackers used by end users will unpack them fine.
For the record: F-Secure Internet Gatekeeper, F-Secure Anti-Virus for Microsoft Exchange and F-Secure Anti-Virus for Firewalls are able to unpack such archives fine.
