Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- 2016-07-25 #locky phishing email camapign "7h8gbiuomp" / Emailing: Photos
- Subject: Emailing: Photo 25-07-2016, 89 57 75
- Body:
- ---------------------------------------------------------------------------------
- Your message is ready to be sent with the following file or link
- attachments:
- Photo 25-07-2016, 89 57 75
- Note: To protect against computer viruses, e-mail programs may prevent
- sending or receiving certain types of file attachments. Check your e-mail
- security settings to determine how attachments are handled.
- ---------------------------------------------------------------------------------
- Attachment "Photo 25-07-2016, 89 57 75.rar"
- Attachment contains .js downloader that downloads from (the urls have ?<randomstring>=<randomstring> suffix):
- http://0urkarachi.atspace.com/7h8gbiuomp
- http://cantrell.biz/7h8gbiuomp
- http://czemarserwis.home.pl/7h8gbiuomp
- http://exploromania4x4club.ro/7h8gbiuomp
- http://finaledithon.web.fc2.com/7h8gbiuomp
- http://koushuen.co.jp/7h8gbiuomp
- http://moehakiba.web.fc2.com/7h8gbiuomp
- http://ostseeurlaub-tk.homepage.t-online.de/7h8gbiuomp
- http://topmanagers.claas.fr/7h8gbiuomp
- http://tutomogiya.web.fc2.com/7h8gbiuomp
- http://vplegat.dk/7h8gbiuomp
- http://www.aproso.de/7h8gbiuomp
- http://www.isleofwightcomputerrepairs.talktalk.net/7h8gbiuomp
- http://www.louislechien.net/7h8gbiuomp
- http://www.motoslittetrecime.com/7h8gbiuomp
- http://www.sistronic.com.co/7h8gbiuomp
- http://www.tridi.be/7h8gbiuomp
- http://www.vakantiehuisjeameland.nl/7h8gbiuomp
- http://www.westline.it/7h8gbiuomp
- http://zemlya.web.fc2.com/7h8gbiuomp
- Malware: https://www.reverse.it/sample/3d8c754b6620c68d7c5f2bfe69a609282fc595220d7203fdaf30a9582e2882f6?environmentId=100
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement