Power Worm - Not your garden variety - This one uses Windows PowerShell.

Everyday is exciting in the security world


According to the article:- 

This particular threat arrives as an infected Word or Excel document, which may be dropped by other malware or downloaded/accessed by users. When opened, right away it downloads two additional components from two well-known online anonymity projects:  the Tor network, and Polipo, a personal web cache/proxy.


Using the installed Tor and Polipo software, it accesses its command-and-control server. The URL it uses contains two GUIDs, as seen below:

{C&C server}/get.php?s=setup&mom={GUID #1}&uid={GUID #2}

The link below has more information:-
http://blog.trendmicro.com/trendlabs-security-intelligence/word-and-excel-files-infected-using-windows-powershell