Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- 2016-09-07 #locky email phishing campaign "Invoice #xxxxx-2016"
- Email sample
- -----------------------------------------------------------------------------------------------------
- From: "Houston Porter"
- To: [REDACTED]
- Subject: Invoice #e861e-2016
- Dear [REDACTED], we have attached the debt payment invoice. Please view the due amount.
- Respectfully,
- Houston Porter
- -----------------------------------------------------------------------------------------------------
- Attached file <random_hexachars>.zip contains 2 identical files "<8_hexachars> debt payment invoice ~pdf.js" and "<8_hexachars> debt payment invoice ~pdf - 1.js"; a JScript downloaders
- Download sites:
- http://canonsupervideo4k.ws/3yiqvg7v
- http://donttouchmybaseline.ws/ggh1aunf
- http://listofbuyersus.co.in/bkkpz
- http://tradesmartcoin.xyz/4q1hb
- http://videoconvertermac.in/4kzlfgm
- None of the domains actually successfully resolves or connects. The domains are subset of domains in "Agreement form" run earlier today (http://pastebin.com/mDSH1Kah).
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement