This Metasploit module generates a malicious Microsoft Word document that when loaded, will leverage the remote template feature to fetch an HTML document and then use the ms-msdt scheme to execute PowerShell code.
dfd70a501deb66860bda3d2c8fb70eb21aec791b445093014e637e57d9f6c39c