API tools faq
paste
Advertisement
James_inthe_box

Mar 2018 Campaigns

James_inthe_box
Apr 2nd, 2018
831
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 3.09 KB | None | 0 0
raw download clone embed print report
  1. 3/5/2018,Malicious email campaign; morning, "bill|invoice|receipt no. <digits>", zip -> link -> smb share -> js -> quantloader, Attachment, 3240
  2. 3/6/2018,Malicious email campaign; morning, "Emailing: CC<characters>", zip -> link -> smb share -> js -> quantloader, Attachment, 1497
  3. 3/7/2018,Malicious email campaign; morning, All subjects start with "Paypal", link -> doc -> hancitor -> pony -> evilpony -> pandabanker, Link, 154
  4. 3/8/2018,Malicious email campaign; morning, Highjacked email threads, doc -> ursnif, Attachment, 20
  5. 3/9/2018,Malicious email campaign; morning, "Wu Reconciliation|western union reconciliation", zip -> jar -> qrat , Attachment, 81
  6. 3/12/2018,Malicious email campaign; morning, "Transaction unsuccessful|Mg Funding Advice", zip -> jar -> qrat, Attachment, 31
  7. 3/13/2018,Malicious email campaign; morning, "CP|CPY|COPY<digits>", zip -> url -> js -> quantloader, Attachment, 391
  8. 3/14/2018,Malicious email campaign; morning, All subjects contain XPRESS, zip -> jar -> qrat, Attachment, 63
  9. 3/14/2018,Malicious email campaign; morning, "Past-due|Overdue payment notification from Invoicely", link -> doc -> pony -> evilpony -> pandabanker, Link, 183
  10. 3/15/2018,Malicious email campaign; morning, "Re:|Fwd:<japanese characters>", xls -> ursnif/urlzone, Attachment, 31
  11. 3/15/2018,Malicious email campaign; morning, "Notice from central bank", zip -> jar -> qrat, Attachment, 5
  12. 3/15/2018,Malicious email campaign; morning, "Fwd: fattura", xls -> pandabanker, Attachment, 3
  13. 3/16/2018,Malicious email campaign; morning, "Your Ticket|Your Order|Order #<digits>", 7z (lies is zip) -> js -> gandcrab ransomware, Attachment, 32
  14. 3/19/2018,Malicious email campaign; morning, "Urgent Request For Quotation QU43789054", rar -> lokibot, Attachment, 33
  15. 3/21/2018,Malicious email campaign; morning, "Wu Reconciliation Report", zip -> jar -> qrat , Attachment, 18
  16. 3/22/2018,Malicious email campaign; morning, "Commission statement of March|TT# CADUSD125111900896-CANCELLATION", zip -> jar -> qrat, Attachment, 52
  17. 3/23/2018,Malicious email campaign; morning, "Statement Information", doc -> remcos rat, Attachment, 11
  18. 3/23/2018,Malicious email campaign; morning, " eFax Encrypted Message from unknown - 4 page(s), Caller-ID:", doc -> link -> trickbot, Attachment, 12
  19. 3/27/2018,Malicious email campaign; morning, Subejcts include "PO|Purchase Order|Quot", zip -> smb link -> wsf -> quantloader -> gandcrab ransomware, Attachment, 1673
  20. 3/28/2018,Malicious email campaign; morning, "Important secure information about your NatWest account", doc -> link -> trickbot, Attachment, 4
  21. 3/29/2018,Malicious email campaign; morning, Subjects include "Bill No|Unpaid invoice|invoice_|Ticket|Your ticket" zip -> smb link -> wsf -> quantloader -> flawedammy rat, Attachment, 68
  22. 3/29/2018,Malicious email campaign; morning, "Please DocuSign the attached Business Activity Statements", doc -> dridex, Attachment, 21
  23. 3/30/2018,Malicious email campaign; morning, All subjects contain "copy", zip -> smb link -> wsf -> appeard to be benighn file, Attachment, 169
  24. 3/30/2018,Malicious email campaign; morning, Various subjects, link -> exe -> emotet, Link, 600
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!