malware_traffic

2020-04-30 - Link-based malspam pushing Dridex - 2 examples

Apr 30th, 2020
1,576
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. 2020-04-30 - LINK-BASED MALSPAM PUSHING DRIDEX - 2 EXAMPLES
  2.  
  3. DATE/TIME RANGE:
  4.  
  5. - Date: Thu, 30 Apr 2020 13:23:59 -0700
  6. - Date: Thu, 30 Apr 2020 14:35:30 -0700
  7.  
  8. SENDING MAIL SERVERS:
  9.  
  10. - Received: from collahahhaged.us ([104.168.254.248])
  11. - Received: from univerzamjw.us ([104.168.244.241])
  12.  
  13. SENDING EMAIL ADDRESSES:
  14.  
  15. - From: Bug Magazine <xutona@collahahhaged.us>
  16. - From: Minimizer's <jiwijyty@univerzamjw.us>
  17.  
  18. SUBJECT LINES:
  19.  
  20. - Subject: Dear Customer your Booking N_6056AT142312
  21. - Subject: Successful Payment Confirmation 92443TF81504
  22.  
  23. LINKS FROM THE MALSPAM:
  24.  
  25. - hxxp://aita.mrboatstudio[.]com/inc.php
  26. - hxxp://wkcanisius[.]nl/wp-content/plugins/email-log/include/Addon/api.lib.php
RAW Paste Data