API tools faq
paste
James_inthe_box

March Malspam Campaigns

James_inthe_box
Apr 1st, 2020
17,274
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 19.97 KB | None | 0 0
raw download clone embed print report
  1. Date,Details,Email Payload Type,Users Targeted
  2. 3/1/2020,RE: DHL Shipment Arrival Notification - AWB_844790342632; ace -> agenttesla continued to 3/2,Attachment,2
  3. 3/1/2020,RE: RE: 1st shipment; rtf -> formbook,Attachment,8
  4. 3/1/2020,Shipment Notification on Out:14:15:00; img -> agenttesla,Attachment,8
  5. 3/1/2020,Remittance Advice; img -> agenttesla,Attachment,2
  6. 3/1/2020,Payment confirmation; xlsx -> azorult,Attachment,3
  7. 3/2/2020,Request For Quotation (Pt Mulya Mandiri Jaya); rtf -> formbook,Attachment,20
  8. 3/2/2020,Order; img -> agenttesla continued to 3/3,Attachment,2
  9. 3/2/2020,T.HALK BANKASI A.S. 03.03.2020 Hesap Ekstresi; img -> agenttesla,Attachment,3
  10. 3/3/2020,PO No. SN-385/2020 & SN-386/2020; doc -> formbook,Attachment,3
  11. 3/3/2020,DHL ?? Shipment Notification; zip -> agenttesla,Attachment,2
  12. 3/3/2020,DHL Shipment Arrival Notification user@domain; doc -> formbook,Attachment,2
  13. 3/3/2020,RFQ of CFP Crude Oil Tank Project Equipments: 19P3792A-M11A.01A_Z1: CARBON STEEL SMLS PIPE for (A/G); rar -> agenttesla,Attachment,18
  14. 3/3/2020,All subjects contain Check; 4digit.doc; raccoon stealer,Attachment,2
  15. 3/3/2020,Invoice Due #<digits>; doc|xls -> dridex continured to 3/24,Attachment,34
  16. 3/4/2020,RE: RE: 1st container PO; iso -> guloader -> agenttesla,Attachment,6
  17. 3/4/2020,Re: Re: SM843256KA-TR,TNETV2840ZGU from Stonecroft; 7z -> guloader -> agenttesla,Attachment,22
  18. 3/4/2020,RE: Checking of beneficiary Account Details/packing list & bill of lading; zip -> agenttesla,Attachment,2
  19. 3/5/2020,RE: RE: RE: NOVADELTA / DNS KOREA - TR 009/2020; rar -> guloader -> agenttesla,Attachment,2
  20. 3/5/2020, INVoice's - Overdue Det/Dem Invoice(s)-Settlement Due Date: 23-02; rar ->lokibot,Attachment,5
  21. 3/5/2020,RE: INV 153-A PAYMENT DETAILS //; doc ->agenttesla,Attachment,5
  22. 3/6/2020,Re: Transfer Copy; zip -> agenttesla,Attachment,3
  23. 3/6/2020, Re: UPDATED STATEMENT OF ACCOUNT; zip -> agenttesla,Attachment,5
  24. 3/8/2020,Re: IBAN_NUMBER_COMPLETION.; Scann009765_pdf.gz -> lokibot,Attachment,32
  25. 3/8/2020,Votre commande N�147445744; cvfrgtrc.zip -> revenge rat,Attachment,3
  26. 3/9/2020,Re: complete invoice; rar -> lokibot,Attachment,22
  27. 3/9/2020,Neofuns PO102329_2020 ; rar -> formbook,Attachment,51
  28. 3/9/2020,PAYMENT TRANSFER DOCUMENT P.O. 20200207-1 S-000554; xlsx rtf -> lokibot,Attachment,27
  29. 3/9/2020,RE:PERFORMANCE_MARINE_NEW; PO08032457.doc -> hawkeye,Attachment,3
  30. 3/9/2020,ETA & Packing List|Request for business cooperation/quote: Doc34567887345-pdf.7z -> agenttesla,Attachment,3
  31. 3/10/2020,user@domain Purchase order; zip ->agemttesa,Attachment,11
  32. 3/10/2020,Request for Quotation against LUMS Lahore Requirement; rar -> nanocore,Attachment,54
  33. 3/10/2020,Confirmation of Payment; rar -> agenttesla,Attachment,10
  34. 3/11/2020,Purchase Order; img -> agenttesla,Attachment,3
  35. 3/11/2020,All subjects start with Your and contain invoice; doc<digits>.xlsb -> ostap,Attachment,8
  36. 3/11/2020,All subjects contain Cigna; link -> hancitor -> pony -> evil pony,Attachment,5
  37. 3/11/2020,OrderList/PO-Sheet_M00932018; iso -> guloader -> formbook,Attachment,14
  38. 3/11/2020,Re: $30, 000.00 USD CTM Request; gz -> lokibot,Attachment,35
  39. 3/12/2020,All subjects contain DHL; xls -> dridex,Attachment,98
  40. 3/12/2020,PO 8190311: Oferta AxFlow O. 325666-2 z. 28746; rar -> nanocore,Attachment,15
  41. 3/12/2020,new place order PO NO. 0051; gz -> formbook continued to 3/16,Attachment,37
  42. 3/12/2020,Our Ref : GB 1543; gz ->,Attachment,10
  43. 3/13/2020,Re: FW: Transfer Copy; zip -> agenttesla,Attachment,9
  44. 3/15/2020,Re:Re: Catalog#19800q; rar -> agenttesla,Attachment,2
  45. 3/15/2020,RE: Payment arrangements.; zip-rar -> hawkeye,Attachment,2
  46. 3/16/2020,New order 546353_426282(P426282)- Final Select; doc_546353426282.7z.zip -> agenttesla,Attachment,173
  47. 3/16/2020,Re: Confirmed Order; zip -> agenttesla,Attachment,3
  48. 3/16/2020,RE: PAYMENT SWIFT COPY FOR = USD 80,950.25; xlsx -> lokibot,Attachment,5
  49. 3/16/2020,Order; rar -> agenttelsa,Attachment,
  50. 3/16/2020,Automatically generated Summons notice to the Opponent; doc -> kpot,Attachment,7
  51. 3/16/2020,Payment <characters> is missing. Notification <digits> issued.; xlsm -> ostap,Attachment,14
  52. 3/16/2020,Swift Copy; zip -> agenttesla,Attachment,11
  53. 3/17/2020,Payment Notifcation; r10 -> agenttesla continued to 3/18,Attachment,110
  54. 3/17/2020,All subjects include Payment Needed ; doc -> kpot,Attachment,3
  55. 3/17/2020,Re : PRODUCT_ REQUEST.;gz -> lokibot continued to 3/18,Attachment,28
  56. 3/17/2020,Invoice's - Overdue Det/Dem Invoice(s)-Settlement Due Date: 10-03; gz -> agenttesla,Attachment,3
  57. 3/17/2020,RE: TE 37 GUANGZHOU PORT, SHIPMENT INVOICE, PACKING LIST AND OTHER SHIPPING; zip -> agenttesla continued to 3/18,Attachment,26
  58. 3/17/2020,PO 8190311: Rastek Technologies O. 325666-2 . 28746; rfq-004678q.rar -> nanocore continued to 3/18,Attachment,4
  59. 3/17/2020,Purchase Order for immediate attention; xlsx -> lokibot continued to 3/18,Attachment,3
  60. 3/17/2020,Shipping Docs [Commercial Inv. & Packing List]; gz -> formbook,Attachment,96
  61. 3/18/2020,All subjects contain DHL; xls -> dridex,Attachment,73
  62. 3/18/2020,PO 8190311: Oferta AxFlow O. 325666-2 z. 28746; rar -> nanocore,Attachment,14
  63. 3/18/2020,Re: FW: Transfer Copy; zip -> agenttesla,Attachment,6
  64. 3/18/2020,DHL Shipment Notification : 3876666420; rar -> nanocore,Attachment,31
  65. 3/19/2020,REQUEST PO-012580 (New Vendor Requirements); rar -> nanocore,Attachment,32
  66. 3/19/2020,Subjects contain New order|target pending; 7z -> agentteslay,Attachment,193
  67. 3/19/2020,Order Confirmation for Order #<digits>; xls -> dridex,Attachment,8
  68. 3/20/2020,Order: PO-SK2003202011; gz -> formbook,Attachment,4
  69. 3/22/2020,urgent Invoice; z -> agenttesla,Attachment,2
  70. 3/23/2020,RE : Follow Up Orders; zip -> agenttesla,Attachment,2
  71. 3/23/2020,All subjects contain invoice reminder; xlsm -> ostap,Attachment,9
  72. 3/24/2020,All subjects start with Your and contain invoice; info 023.xls -> ,Attachment,33
  73. 3/25/2020,PURCHASE ORDER PO:9925534451 & ENQUIRY(BOHAENQ)CLOSING27.03.2020; po9925534451.zip -> asyncrat continued to 3/26,Attachment,10
  74. 3/25/2020,RE: 3304PD---URGENT - LPO# 18147; urgent.rar -> hawkeye,Attachment,2
  75. 3/26/2020,Past Due Account; xls -> dridex,Attachment,6
  76. 3/30/2020,Salini Impregilo's New Order; 7z -> agenttesla,Attachment,2
  77. 3/31/2020,STATEMENT OF ACCOUNT; rar -> agenttesla,Attachment,3
  78. 3/31/2020,Our Ref : GB_1692; zip -> lokibot,Attachment,36
  79. 3/31/2020,invoice; zip -> pony,Attachment,5
  80. 3/31/2020,All subjects contain Invoice Due #; xls -> dridex,Attachment,6
  81. 3/31/2020,All subjects contain fax; xls -> zloader,Attachment,19
  82. 3/31/2020,SanMar Order Confirmation for Order; xls -> dridex,Attachment,6
  83. 3/31/2020,RE: Review Invoice for Balance Payment.; gz -> agenttesla,Attachment,2
  84. 3/31/2020,Coronavirus � Border Closures and Global Freight Movement; rar -> agenttesla,Attachment,2
  85.  
  86. mar2/agenttesla/2/,mail.spamora.net
  87. mar2/agenttesla/3/,mail.cargoair.bg
  88. mar2/agenttesla/4/,mail.cargoair.bg
  89. mar2/agenttesla/5/,mail.cargoair.bg
  90. mar2/agenttesla/6/,smtp.arrmet.in
  91. mar2/agenttesla/7/,smtp.yandex.com
  92. mar2/agenttesla/,mail.miron.com.tr
  93. mar2/dridex/,217.160.4.118
  94. mar2/formbook/2/,www.wemanageatlantahomes.com
  95. mar2/formbook/,soygorrion.com.ar
  96. mar2/lokibot/,http://lucianogroup.xyz/Work5/fre.php
  97. mar3/agenttesla/2/,mail.elkat.com.my
  98. mar3/agenttesla/3/,smtp.yandex.com
  99. mar3/agenttesla/4/,mail.cargoair.bg
  100. mar3/agenttesla/5/,smtp.generce.com
  101. mar3/agenttesla/6/,smtp.yandex.com
  102. mar3/agenttesla/7/,www.plmaxvr.com
  103. mar3/agenttesla/,us2.smtp.mailhostbox.com
  104. mar3/formbook/,www.matlockroofing.com
  105. mar3/lokibot/2/,http://site-inspection.com/.well-known/acme-challenge/w.php
  106. mar3/lokibot/3/,http://cpf-th.com/dark/five/fre.php
  107. mar3/lokibot/,http://corpcougar.com/new/Panel/five/fre.php
  108. mar3/raccoon/,corp1.site
  109. mar4/agenttelsa/10/,smtp.yandex.com
  110. mar4/agenttelsa/2/,smtp.lebchrom.com
  111. mar4/agenttelsa/3/,smtp.yandex.com
  112. mar4/agenttelsa/4/,mail.excellent.ba
  113. mar4/agenttelsa/5/,mail.excellent.ba
  114. mar4/agenttelsa/6/,us2.smtp.mailhostbox.com
  115. mar4/agenttelsa/7/,mail.cargoair.bg
  116. mar4/agenttelsa/8/,mail.cargoair.bg
  117. mar4/agenttelsa/9/,78.142.19.101
  118. mar4/agenttelsa/,us2.smtp.mailhostbox.com
  119. mar4/formbook/2/,http://www.4433742.com/ent01/
  120. mar4/formbook/,www.claimoffcukcz.info
  121. mar4/lokibot/2/,site-inspection.com
  122. mar4/lokibot/,http://hvdeveloppement-co.ml/BIGBAGMONEYZYX/fre.php
  123. mar4/nanocore/,moneydoctor231.duckdns.org
  124. mar4/remcos/,servr1.willbeban1fabuses.xyz
  125. mar4/zloader/,https://rizoqur.pw/milagrecf.php
  126. mar5/agenttesla/2/,mail.excellent.ba
  127. mar5/agenttesla/3/,mail.htsza.com
  128. mar5/agenttesla/4/,smtp.miketony-tw.com
  129. mar5/agenttesla/,us2.smtp.mailhostbox.com
  130. mar5/formbook/,www.anthonyelhajal.com
  131. mar5/lokibot/,http://www.matantalbenna.com/.legolass/fine/fre.php
  132. mar5/nanocore/,godofhost.fullstrap.us
  133. mar6/agenttesla/2/,smtp.mttfxgroup.com
  134. mar6/agenttesla/3/,smtp.yandex.ru
  135. mar6/agenttesla/4/,us2.smtp.mailhostbox.com
  136. mar6/agenttesla/5/,mail.miron.com.tr
  137. mar6/agenttesla/6/,mail.elkat.com.my
  138. mar6/agenttesla/,smtp.abcact.in
  139. mar6/qbot/,99.195.148.141
  140. mar7/agenttesla/2/,smtp.pipingzone.com
  141. mar7/agenttesla/3/,smtp.yandex.com
  142. mar7/agenttesla/,smtp.yandex.com
  143. mar7/nanocore/,91.189.180.193
  144. mar8/agenttesla/2/,smtp.yandex.com
  145. mar8/agenttesla/,mail.edifler.xyz
  146. mar8/lokibot/,http://185.144.82.236/dozlogs/logs/fre.php
  147. mar8/nanocore/,t6logs.sytes.net
  148. mar8/revenge/,lerouteurmegood.hopto.org
  149. mar9/agenttesla/10/,smtp.yandex.com
  150. mar9/agenttesla/11/,mail.smith-equipment.com
  151. mar9/agenttesla/12/,mail.victchem.com
  152. mar9/agenttesla/13/,smtp.yandex.com
  153. mar9/agenttesla/14/,smtp.yandex.ru
  154. mar9/agenttesla/2/,smtp.yandex.com
  155. mar9/agenttesla/3/,smtp.rankywise.com
  156. mar9/agenttesla/4/,smtp.pipingzone.com
  157. mar9/agenttesla/5/,smtp.pipingzone.com
  158. mar9/agenttesla/6/,us2.smtp.mailhostbox.com
  159. mar9/agenttesla/7/,smtp.yandex.com
  160. mar9/agenttesla/8/,mail.cargoair.bg
  161. mar9/agenttesla/9/,https://akhskneya.org/css/daffy/webpanel/inc/d1ffb612a8e887.php
  162. mar9/agenttesla/,us2.smtp.mailhostbox.com
  163. mar9/formbook/2/,www.ycjzqsg.com/cox/
  164. mar9/formbook/3/,www.itsofficiallycoachmo.com
  165. mar9/formbook/,www.sexy-slim-down-edwardsville.com
  166. mar9/hawkeye/2/,mail.privateemail.com
  167. mar9/hawkeye/,mail.privateemail.com
  168. mar9/lokibot/,185.144.82.236/dozlogs/logs/fre.php
  169. mar9/lokibot/2/,http://marroiq.com/mmc/pin.php
  170. mar9/nanocore/,nuttara2020.ddns.net
  171. mar10/agentetesla/2/,us2.smtp.mailhostbox.com
  172. mar10/agentetesla/3/,us2.smtp.mailhostbox.com
  173. mar10/agentetesla/4/,smtp.pipingzone.com
  174. mar10/agentetesla/5/,mail.smith-equipment.com
  175. mar10/agentetesla/6/,smtp.yandex.ru
  176. mar10/agentetesla/7/,mail.cargoair.bg
  177. mar10/agentetesla/,mail.sonotelhotels.com
  178. mar10/blackrat/,hope.doomdns.org
  179. mar10/formbook/2/,www.waterfrontsportsbar.com
  180. mar10/formbook/,www.theelectricwarehouse.com
  181. mar10/hawkeye/2/,ftp.quickclickresume.com
  182. mar10/hawkeye/,mail.privateemail.com
  183. mar10/kpot/,corp8.site
  184. mar10/lokibot/,185.144.82.236/dozlogs/logs/fre.php
  185. mar10/lokibot/2/,fucksars.xyz/Work5/fre.php
  186. mar10/nanocore/,185.244.30.114
  187. mar10/nanocore/2/,185.244.30.114
  188. mar10/nanocore/3/,t6logs.sytes.net
  189. mar10/nanocore/4/,adikaremix.duckdns.org
  190. mar11/agenttelsa/2/,mail.htsza.com
  191. mar11/agenttelsa/3/,smtp.yandex.ru
  192. mar11/agenttelsa/4/,mail.cargoair.bg
  193. mar11/agenttelsa/,marinakornati.com
  194. mar11/formbook/,www.cartotb.com
  195. mar11/hawkeye/,mail.privateemail.com
  196. mar11/lokibot/2/,marroiq.com/mmc/pin.php
  197. mar11/lokibot/3/,http://23.95.132.48/~main/.isuoxiso/w.php/kQu2ydHo47PRx
  198. mar11/lokibot/4/,45.89.175.145/dozlogs/logs/fre.php
  199. mar11/lokibot/5/,http://castmart.ga/~zadmin/lmark/nk/link.php
  200. mar11/lokibot/,pmw-ch.com/duck/five/fre.php
  201. mar11/nanocore/,185.244.30.114
  202. mar11/ostap/,185.216.35.10
  203. mar12/agenttesla/2/,smtp.businesslogz.com
  204. mar12/agenttesla/,smtp.yandex.com
  205. mar12/dridex/,5.45.179.186
  206. mar12/formbook/,www.ecomcollege.com
  207. mar12/hawkeye/,go.prncontrol.com
  208. mar12/lokibot/2/,http://45.89.175.145/dozlogs/logs/fre.php
  209. mar12/lokibot/,http://castmart.ga/~zadmin/lmark/nk/link.php
  210. mar12/nanocore/,185.244.30.114
  211. mar12/remcos/,216.38.7.245
  212. mar13/adwind/2/,donko.duckdns.org
  213. mar13/adwind/,43.226.229.83
  214. mar13/agenttesla/2/,smtp.pipingzone.com
  215. mar13/agenttesla/3/,smtp.yandex.com
  216. mar13/agenttesla/4/,mail.gandi.net
  217. mar13/agenttesla/5/,smtp.mttfxgroup.com
  218. mar13/agenttesla/6/,smtp.yandex.ru
  219. mar13/agenttesla/7/,smtp.yandex.com
  220. mar13/agenttesla/,mail.cargoair.bg
  221. mar13/formbook/,www.beanonlinekey.degree
  222. mar13/kpot/,corp9.site
  223. mar13/nanacore/,nuttara2020.ddns.net
  224. mar15/adwind/,donko.linkpc.net
  225. mar15/agenttesla/2/,mail.cairo-solar.com
  226. mar15/agenttesla/3/,mail.spamora.net
  227. mar15/agenttesla/4/,smtp.yandex.com
  228. mar15/agenttesla/,smtp.yandex.com
  229. mar15/hawkeye/,mail.eagleeyeapparels.com
  230. mar15/nanocore/2/,209.58.149.73
  231. mar15/nanocore/,expensivewire.ddns.net
  232. mar16/adwind/,43.226.229.83
  233. mar16/agenttesla/10/,us2.smtp.mailhostbox.com
  234. mar16/agenttesla/2/,us2.smtp.mailhostbox.com
  235. mar16/agenttesla/3/,smtp.mttfxgroup.com
  236. mar16/agenttesla/5/,mail.homesmart.hk
  237. mar16/agenttesla/6/,smtp.yandex.ru
  238. mar16/agenttesla/7/,us2.smtp.mailhostbox.com
  239. mar16/agenttesla/8/,us2.smtp.mailhostbox.com
  240. mar16/agenttesla/9/,mail.cargoair.bg
  241. mar16/agenttesla/,mail.cargoair.bg
  242. mar16/azorult/,xratfrd.duckdns.org
  243. mar16/hawkeye/,mail.privateemail.com
  244. mar16/kpot/,http://corp10.site/
  245. mar16/lokibot/2/,allenservice.ga
  246. mar16/lokibot/,http://seacrafts.ru/presh2/Panel/fre.php
  247. mar16/nanocore/,williamsgraig68.ddns.net
  248. mar16/ostap/,185.159.82.238
  249. mar16/revenge/,lerouteurmegoodvvvv.hopto.org
  250. mar17/adwind/2/,185.244.30.14
  251. mar17/adwind/,godbless.camdvr.org
  252. mar17/agenttesla/6/,smtp.yandex.com
  253. mar17/agenttesla/7/,smtp.yandex.com
  254. mar17/agenttesla/8/,mail.homesmart.hk
  255. mar17/agenttesla/,zstcznz.org
  256. mar17/kpot/,corp11.site
  257. mar17/lokibot/2/,pmw-ch.com/duck/five/fre.php
  258. mar17/lokibot/3/,http://45.89.175.145/dozlogs/logs/fre.php
  259. mar17/lokibot/4/,http://kitchenraja.in/mex/Panel/five/fre.php
  260. mar18/agenttesla/1/,smtp.bnb-spa.com
  261. mar18/agenttesla/2/,smtp.yandex.com
  262. mar18/azorult/,http://cantecme.xyz/aliandsimbi/index.php
  263. mar18/dridex/,185.234.52.170
  264. mar18/firebird/,172.94.4.82
  265. mar18/formbook/2/,www.gosilife.com
  266. mar18/formbook/3/,www.chilogae.com
  267. mar18/hawkeye/,privateemail.com
  268. mar18/lokibot/,http://kitchenraja.in/mex/Panel/five/fre.php
  269. mar18/nanocore/,185.19.85.147
  270. mar18/pony/,http://mecharnise.ir/ca17/gate.php
  271. mar19/dridex/,185.234.52.170
  272. mar19/firebird/,172.94.4.82
  273. mar19/hawkeye/2/,mail.privateemail.com
  274. mar19/hawkeye/3/,mail.privateemail.com
  275. mar19/hawkeye/,mail.privateemail.com
  276. mar19/lokibot/2/,http://castmart.ga/~zadmin/lmark/nk/link.php
  277. mar19/lokibot/,http://hojokk.com/mmc/pin.php
  278. mar19/nanocore/,185.244.30.114
  279. mar19/new/formbook/,www.ehlikeyfkekikkremi.net
  280. mar19/pony/,mecharnise.ir
  281. mar19/remcos/,remcozy.duckdns.org
  282. mar19/zloader/,wgyvjbse.pw
  283. mar1/agenttesla/2/,mail.cargoair.bg
  284. mar1/agenttesla/3/,smtp.ociii.net
  285. mar1/agenttesla/4/,mail.gandi.net
  286. mar1/agenttesla/5/,mail.arabianwebdesigner.com
  287. mar1/agenttesla/6/,mail.cargoair.bg
  288. mar1/agenttesla/7/,mail.cargoair.bg
  289. mar1/agenttesla/,smtp.futurepipes.net
  290. mar1/azorult/2/,dev.crwilladmin.com
  291. mar1/azorult/3/,dev.crwilladmin.com
  292. mar1/azorult/5/,http://yx1.duckdns.org/q3-home/index.php
  293. mar1/azorult/,dev.crwilladmin.com
  294. mar1/formbook/,
  295. mar1/lokibot/,site-inspection.com
  296. mar1/remcos/,185.244.30.90
  297. mar20/formbook/,www.xoowe.com
  298. mar22/agenttesla/2/,smtp.yandex.ru
  299. mar22/agenttesla/3/,smtp.yandex.ru
  300. mar22/agenttesla/4/,smtp.yandex.com
  301. mar22/agenttesla/,mail.privateemail.com
  302. mar22/formbook/2/,www.arkaniom.com
  303. mar22/formbook/3/,www.kxocg.info
  304. mar22/formbook/,www.stacisart.com
  305. mar22/lokibot/2/,http://kitchenraja.in/mex/Panel/five/fre.php
  306. mar22/lokibot/,kitchenraja.in/cjay/Panel/five/fre.php
  307. mar22/nanocore/,t6logs.sytes.net
  308. mar22/remcos/,ucto-id.cz
  309. mar23/agenttesla/2/,smtp.yandex.ru
  310. mar23/agenttesla/4/,mail.privateemail.com
  311. mar23/agenttesla/6/,mail.eagleeyeapparels.com
  312. mar23/agenttesla/7/,mail.privateemail.com
  313. mar23/agenttesla/9/,smtp.empromae.com
  314. mar23/agenttesla/,mail.alaried.com
  315. mar23/dridex/,grars.com
  316. mar23/formbook/,www.gosselinj.biz
  317. mar23/hawkeye/,mail.privateemail.com
  318. mar23/lokibot/2/,http://kitchenraja.in/links/Panel/five/fre.php
  319. mar23/lokibot/,http://23.95.132.48/~main/.isuoxiso/w.php/kQu2ydHo47PRx
  320. mar23/ostap/,someredastoinmgoedrcvi.traxer
  321. mar23/pony/,mecharnise.ir
  322. mar23/raaloader-modirat/,rdp3.dgsn.fr
  323. mar24/agenttesla/2/,ftp.marketsales.6te.net
  324. mar24/agenttesla/3/,smtp.yandex.ru
  325. mar24/agenttesla/4/,us2.smtp.mailhostbox.com
  326. mar24/agenttesla/,smtp.yandex.com
  327. mar24/formbook/,www.hackyewu.com
  328. mar24/hawkeye/,us2.smtp.mailhostbox.com
  329. mar24/zloader/,https://wgyvjbse.pw/milagrecf.php
  330. mar25/agenttesla/2/,77.83.117.234
  331. mar25/agenttesla/3/,77.83.117.234
  332. mar25/agenttesla/4/,smtp.yandex.ru
  333. mar25/agenttesla/5/,ike2020.xyz
  334. mar25/agenttesla/6/,smtp.bnb-spa.com
  335. mar25/agenttesla/7/,smtp.generce.com
  336. mar25/agenttesla/8/,smtp.yandex.ru
  337. mar25/agenttesla/,mail.criticalstopbd.com
  338. mar25/asyncrat/,51.75.154.242
  339. mar25/formbook/,www.siteons.com/h0d/
  340. mar25/hawkeye/2/,mail.eagleeyeapparels.com
  341. mar25/hawkeye/,mail.privateemail.com
  342. mar25/modi/,homodwanouli.publicvm.com
  343. mar26/adwind-wshrat/,pluginsrv2.duckdns.org
  344. mar26/agenttesla/2/,mail.ntmakina.net
  345. mar26/agenttesla/4/,smtp.generce.com
  346. mar26/agenttesla/5/,smtp.yandex.ru
  347. mar26/agenttesla/6/,smtp.generce.com
  348. mar26/dridex/2/,http://owenti.com/fprl.bin
  349. mar27/adwind/,fmnumaq.giize.com
  350. mar27/agenttesla/1/,mail.privateemail.com
  351. mar27/agenttesla/2/,mail.privateemail.com
  352. mar27/agenttesla/3/,mail.privateemail.com
  353. mar27/agenttesla/4/,mail.foodcoindia.com
  354. mar27/agenttesla/,mail.privateemail.com
  355. mar27/pony/,http://mecharnise.ir/ca17/gate.php
  356. mar27/zloader/,waitupdate.xyz
  357. mar29/agenttesla/2/,smtp.yandex.com
  358. mar29/agenttesla/3/,smtp.yandex.com
  359. mar29/agenttesla/4/,smtp.yandex.com
  360. mar29/agenttesla/,smtp.yandex.com
  361. mar29/hawkeye/,mail.leadasiacoaching.com
  362. mar29/lokibot/2/,http://castmart.ga/~zadmin/lmark/nk/link.php
  363. mar29/lokibot/,http://chacert.gq/ggg/five/fre.php
  364. mar2/nanocore/,iconboss26.ddns.net
  365. mar30/agenttesla/2/,77.83.117.234
  366. mar30/agenttesla/3/,smtp.yandex.com
  367. mar30/agenttesla/4/,77.83.117.234
  368. mar30/agenttesla/5/,smtp.seawaygroup-bd.com
  369. mar30/agenttesla/6/,smtp.bilsglobal.com
  370. mar30/agenttesla/7/,smtp.yandex.ru
  371. mar30/lokibot/2/,http://castmart.ga/~zadmin/lmark/nk/link.php
  372. mar30/lokibot/,wardia.com.pe
  373. mar30/nanocore/,kissmeifucan.ddns.net
  374. mar30/remcos/,185.140.53.154
  375. mar31/agenttesla/10/,mail.privateemail.com
  376. mar31/agenttesla/11/,smtp.yandex.com
  377. mar31/agenttesla/12/,smtp.seawaygroup-bd.com
  378. mar31/agenttesla/13/,https://acaness.com/storm/webpanel/inc/799fb5f15148b8.php
  379. mar31/agenttesla/2/,smtp.yandex.com
  380. mar31/agenttesla/3/,smtp.uae-messefrankfurt.com
  381. mar31/agenttesla/4/,smtp.yandex.ru
  382. mar31/agenttesla/5/,smtp.yandex.com
  383. mar31/agenttesla/6/,mail.technomatic.in
  384. mar31/agenttesla/7/,smtp.yandex.com
  385. mar31/agenttesla/8/,mail.privateemail.com
  386. mar31/agenttesla/9/,us2.smtp.mailhostbox.com
  387. mar31/agenttesla/,smtp.yandex.com
  388. mar31/dridex/,185.47.129.30
  389. mar31/lokibot/,http://108.170.31.41/dozlogs/logs/fre.php
  390. mar31/nanocore/2/,185.244.30.10
  391. mar31/nanocore/,frankhobbes34.sytes.net
  392. mar31/pony/,http://kanavagronomy.in/star/panel/gate.php
  393. mar31/zloader/,https://paxtontranter.xyz/rv24t2
  394.  
  395. agenttesla & hawkeye email exfils
  396. RCPT TO:<[email protected]>
  397. RCPT TO:<[email protected]>
  398. RCPT TO:<[email protected]>
  399. RCPT TO:<[email protected]>
  400. RCPT TO:<[email protected]>
  401. RCPT TO:<[email protected]>
  402. RCPT TO:<[email protected]>
  403. RCPT TO:<[email protected]>
  404. RCPT TO:<[email protected]>
  405. RCPT TO:<[email protected]>
  406. RCPT TO:<[email protected]>
  407. RCPT TO:<[email protected]>
  408. RCPT TO:<[email protected]>
  409. RCPT TO:<[email protected]>
  410. RCPT TO:<[email protected]>
  411. RCPT TO:<[email protected]>
  412. RCPT TO:<[email protected]>
  413. RCPT TO:<[email protected]>
  414. RCPT TO:<[email protected]>
  415. RCPT TO:<[email protected]>
  416. RCPT TO:<[email protected]>
  417. RCPT TO:<[email protected]>
  418. RCPT TO:<[email protected]>
  419. RCPT TO:<[email protected]>
  420. RCPT TO:<[email protected]>
  421. RCPT TO:<[email protected]>
  422. RCPT TO:<[email protected]>
Advertisement
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!