Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- THREAT ATTRIBUTION: TA505
- SUBJECTS OBSERVED
- PLEASE READ: Important new Guidance Document - REVISED Privacy Policy
- Updated Finance Dept. Assignments
- SENDERS OBSERVED
- aleksandr[.]koivistoinen@idavesi[.]ee
- contact@camping-romarin[.]com
- info@erenhasgroup[.]com
- kdsouza@capital-corp[.]com[.]uy
- kdsouza@clearcutcomputing[.]com
- kdsouza@etrog[.]net[.]il
- kdsouza@flatschart[.]at
- kdsouza@grupoep[.]es
- kdsouza@methylcorp[.]com
- kdsouza@pacific-regency[.]com
- kdsouza@paisagismopenseverde[.]com[.]br
- kdsouza@saude[.]mg[.]gov[.]br
- kdsouza@songhai[.]org
- kdsouza@teppanyaki-sawafuji[.]com
- kdsouza@ug-jezewo[.]lo[.]pl
- kdsouza@vander[.]co[.]uk
- orders@huastecagrill[.]com
- smart@mail[.]pmf[.]tw
- MALDOC FILE HASH
- None
- PAYLOAD FILE HASH
- None
- MALDOC LANDING PAGE URLS
- hxxp://abi83-schramberg[.]de/p6nawpw[.]html
- hxxp://creditperformance[.]com[.]br/3dawp2[.]html
- hxxp://creditperformance[.]com[.]br/yt2f[.]html
- hxxp://mcsgrp[.]com/gtzkt[.]html
- hxxp://mwt[.]net/~blainee/6lim[.]html
- hxxp://papageienseite[.]de/5fas[.]html
- hxxp://petzel[.]be/rlcgklh[.]html
- hxxp://sauna-verdeclub[.]jp/5g2bx7n[.]html
- hxxp://sauna-verdeclub[.]jp/ilew[.]html
- hxxp://staceydodge[.]com/jio7ohc[.]html
- hxxp://tomsonguitars[.]co[.]uk/nk0j7r[.]html
- hxxp://travelhub[.]com[.]sg/psi50zi[.]html
- hxxp://www[.]skegness[.]net/jr7ad[.]html
- MALDOC DISTRIBUTION URLS
- Directs here to get the xls file:
- hxxps://dl1[.]tremd-space[.]com/?hfjkdnv-djdjueu733-dnfhdf738-df5-6-7-676dgfgfg-445-01
- hxxps://dw[.]long-space[.]com/?hdhgjkfd-oiewourour-395-039-jfk-39485-swrkf
- TA505 C2s
- transff-reddon[.]com
Add Comment
Please, Sign In to add comment
