XML_Dloader.A is a malicious XML file that may be downloaded unknowingly by a user when visiting malicious Web site(s).

It takes advantage of the following software vulnerability, which allows a remote malicious user or malware to download files on the affected machine:

Vulnerability in Internet Explorer Could Allow Remote Code Execution

However, instead of using Internet Explorer, it uses a specially crafted Microsoft Word document with an embedded ActiveX control.

The downloaded file is detected as HTML_DLOADER.AS.

Technical details can be found at this Trend Micro page.