API tools faq
paste
Advertisement
James_inthe_box

January Campaigns

James_inthe_box
Feb 1st, 2018
1,039
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 2.52 KB | None | 0 0
raw download clone embed print report
  1. 1/10/2018 Malicious email campaign, "UPS Ship Notification,Reference Number 1: <digits>", doc -> hancitor -> pony -> evilpony -> pandabanker trojans, Attachment, 385
  2. 1/10/2018 Malicious email campaign, "PayAdvUS_Ven108726_Dtd_011118", link -> jar -> qrat, Link, 5
  3. 1/11/2018 Malicious email campaign, "Document No <digits>", 7z -> vbs -> globeimposter ransomware, Attachment, 1428
  4. 1/11/2018 Malicious email campaign, "Unpaid invoice [ID:<digits>]", 7z -> vbs -> globeimposter ransomware, Attachment, 621
  5. 1/21/2018 Malicious email campaign, evening "PO #368085 & 368125", jar -> adwind, Attachment, 15
  6. 1/22/2018 Malicious email campaign, Subjects contain " fattura|bonifico", xls -> exe -> pandabanker banking trojan, Attachment, 3
  7. 1/23/2018 Malicious email campaign, "New incoming eFax document from 1-888-<digits>", link -> rtf -> hancitor -> pony -> evilpony -> pandabanker trojans, Link, 4547
  8. 1/24/2018 Malicious email campaign, Subjects are all hijcked email threads, all contain Resume.doc -> doc -> ursnif, Attachment, 12
  9. 1/24/2018 Malicious email campaign, "New PO#25611", zip -> exe -> formbook, Attachment, 2
  10. 1/24/2018 Malicious email campaign, "Shipment status changed for parcel #<digits>!", link -> rtf -> hancitor -> pony -> evilpony -> pandabanker trojans, Link, 4004
  11. 1/24/2018 Malicious email campaign, "Compliance|Existing WU Agents Form", zip -> jar -> qrat -> jrat/jacksbot, Attachment, 44
  12. 1/25/2018 Malicious email campaign, "TT COPY OF USD86,300", zip -> lokbot, Attachment, 3
  13. 1/25/2018 Malicious email campaign, "eFax message from "unknown" - <digits> page(s), Caller-ID: +<phone number>", zip -> js -> exe -> dridex, Attachment, 12
  14. 1/26/2018 Malicious email campaign, "Deposit for acn090262|CANCELLATION -142099|Canadian Exchange Security Bulletin|MG Commission Report", zip -> jar -> qrat -> jrat/jacksbot, Attachment, 97
  15. 1/29/2018 Malicious email campaign, "RE <domain> scam", link -> doc -> hancitor -> pony -> pandabanker trojans, Link, 2100
  16. 1/29/2018 Malicious email campaign, "Agent Commision", zip -> jar -> qrat -> jrat/jacksbot continued into 1/30, Attachment, 100
  17. 1/30/2018 Malicious email campaign, "Delivery complete" and "Delivery complete for parcel # <digits>", link -> doc -> hancitor -> pony -> evilpony -> pandabanker trojans, Link, 3211
  18. 1/30/2018 Malicious email campaign, "SWIFT PAYMENT", jar -> adwind continued into 1/31, Attachment, 5
  19. 1/31/2018 Malicious email campaign, "Your document Receipt <digits> for <username> is ready for signature!", link -> doc -> hancitor -> pony -> evilpony -> pandabanker trojans, Link, 440
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!