The Kasidet bot, also known as Neutrino, is being spread via macros in Microsoft Office documents. Researchers claim the same VBA (Visual Basic for Applications) macros in Office files that are being leveraged to drop Dridex are also being dropped by the same technique. Both are using attachments masquerading as scanned documents in spearphishing emails to spread the malware. The malware steals information from users machines in two ways: memory scraping and browser hooking.
Source: https://threatpost.com/attackers-dropping-kasidet-bot-via-office-macros/116090/