Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- 1/10/2018 Malicious email campaign, "UPS Ship Notification,Reference Number 1: <digits>", doc -> hancitor -> pony -> evilpony -> pandabanker trojans, Attachment, 385
- 1/10/2018 Malicious email campaign, "PayAdvUS_Ven108726_Dtd_011118", link -> jar -> qrat, Link, 5
- 1/11/2018 Malicious email campaign, "Document No <digits>", 7z -> vbs -> globeimposter ransomware, Attachment, 1428
- 1/11/2018 Malicious email campaign, "Unpaid invoice [ID:<digits>]", 7z -> vbs -> globeimposter ransomware, Attachment, 621
- 1/21/2018 Malicious email campaign, evening "PO #368085 & 368125", jar -> adwind, Attachment, 15
- 1/22/2018 Malicious email campaign, Subjects contain " fattura|bonifico", xls -> exe -> pandabanker banking trojan, Attachment, 3
- 1/23/2018 Malicious email campaign, "New incoming eFax document from 1-888-<digits>", link -> rtf -> hancitor -> pony -> evilpony -> pandabanker trojans, Link, 4547
- 1/24/2018 Malicious email campaign, Subjects are all hijcked email threads, all contain Resume.doc -> doc -> ursnif, Attachment, 12
- 1/24/2018 Malicious email campaign, "New PO#25611", zip -> exe -> formbook, Attachment, 2
- 1/24/2018 Malicious email campaign, "Shipment status changed for parcel #<digits>!", link -> rtf -> hancitor -> pony -> evilpony -> pandabanker trojans, Link, 4004
- 1/24/2018 Malicious email campaign, "Compliance|Existing WU Agents Form", zip -> jar -> qrat -> jrat/jacksbot, Attachment, 44
- 1/25/2018 Malicious email campaign, "TT COPY OF USD86,300", zip -> lokbot, Attachment, 3
- 1/25/2018 Malicious email campaign, "eFax message from "unknown" - <digits> page(s), Caller-ID: +<phone number>", zip -> js -> exe -> dridex, Attachment, 12
- 1/26/2018 Malicious email campaign, "Deposit for acn090262|CANCELLATION -142099|Canadian Exchange Security Bulletin|MG Commission Report", zip -> jar -> qrat -> jrat/jacksbot, Attachment, 97
- 1/29/2018 Malicious email campaign, "RE <domain> scam", link -> doc -> hancitor -> pony -> pandabanker trojans, Link, 2100
- 1/29/2018 Malicious email campaign, "Agent Commision", zip -> jar -> qrat -> jrat/jacksbot continued into 1/30, Attachment, 100
- 1/30/2018 Malicious email campaign, "Delivery complete" and "Delivery complete for parcel # <digits>", link -> doc -> hancitor -> pony -> evilpony -> pandabanker trojans, Link, 3211
- 1/30/2018 Malicious email campaign, "SWIFT PAYMENT", jar -> adwind continued into 1/31, Attachment, 5
- 1/31/2018 Malicious email campaign, "Your document Receipt <digits> for <username> is ready for signature!", link -> doc -> hancitor -> pony -> evilpony -> pandabanker trojans, Link, 440
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement