Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- Date,Summary ,Details,Remediation Steps,Category,Sub Category,Email Payload Type,Users Targeted
- 6/3/2019,Malicious email campaign; morning,"All subjects contain ""invoice-notification_""; doc -> dridex",PP caught all of these,Email,Malware,Attachment,30
- 6/4/2019,Malicious email campaign; morning,"Various subjects, .it sender; xls -> ursnif",PP caught all of these,Email,Malware,Attachment,10
- 6/5/2019,Malicious email campaign; morning,"""RE: Swift confirmation Payment Notice. {FOREIGN REMITTANCE}|MV.HIGH SPEED""; iso -> lokibot continured to 6/6",PP caught all of these,Email,Malware,Attachment,6
- 6/5/2019,Malicious email campaign; morning,"""Open Orders - URGENT""; doc -> agenttesla",PP caught all of these,Email,Malware,Attachment,6
- 6/6/2019,Malicious email campaign; morning,"""Request proposal for Modernisation of Socar Azerikimya Petrochemical Plant""; doc -> azorult continued to 6/7",PP caught all of these,Email,Malware,Attachment,14
- 6/9/2019,Malicious email campaign; morning,"""New Order #13910""; doc -> agenttesla",PP caught all of these,Email,Malware,Attachment,2
- 6/9/2019,Malicious email campaign; morning,"""Lpo-1037""; doc -> broken :(",PP caught all of these,Email,Malware,Attachment,4
- 6/10/2019,Malicious email campaign; morning,"All subjects contain ""invoice""; link -> trickbot",PP caught all of these,Email,Malware,Link,6
- 6/10/2019,Malicious email campaign; evening,"""Fw: EFT Remittance Advice: J.P. Morgan Bank Customer Advice""; zip -> lnk -> ps1 -> remcos rat continued to 6/12",PP caught all of these,Email,Malware,Attachment,2
- 6/11/2019,Malicious email campaign; morning,"""Orden para la semana # 24""; rar -> formbook",PP caught all of these,Email,Malware,Attachment,14
- 6/11/2019,Malicious email campaign; evening,"""RFQ for Broken Rice & black beans Grade A/200MT each of Shanghai Senke (China) Co., ltd""; rar -> formbook",PP caught all of these,Email,Malware,Attachment,4
- 6/12/2019,Malicious email campaign; morning,"""Invoice- Remittance Advice""; doc -> agenttesla",PP caught all of these,Email,Malware,Attachment,2
- 6/12/2019,Malicious email campaign; evening,"""Shipping Doc""; iso -> agenttesla",PP caught all of these,Email,Malware,Attachment,11
- 6/12/2019,Malicious email campaign; evening,"""EMAIL SWIFT""; rar -> lokibot",PP caught all of these,Email,Malware,Attachment,3
- 6/13/2019,Malicious email campaign; morning,"All subjects contain ""eFAX-""; doc -> dridex",PP caught all of these,Email,Malware,Attachment,4
- 6/13/2019,Malicious email campaign; morning,"""ENQ No. 0658/0319""; doc -> agenttesla",PP caught all of these,Email,Malware,Attachment,2
- 6/13/2019,Malicious email campaign; evening,"""RFQ for Shangai Senke China Co. Ltd for urgent shipment""; rar -> formbook",PP caught all of these,Email,Malware,Attachment,2
- 6/16/2019,Malicious email campaign; morning,"""INQ No. 0658/0319""; doc -> agenttelsa",PP caught all of these,Email,Malware,Attachment,2
- 6/16/2019,Malicious email campaign; morning,"""RFQ - Order rates for New Order""; doc -> agenttelsa",PP caught all of these,Email,Malware,Attachment,2
- 6/17/2019,Malicious email campaign; morning,"""REQUEST FOR QOUTATION""; zip & rar -> lokibot continued into 6/19",PP caught all of these,Email,Malware,Attachment,6
- 6/17/2019,Malicious email campaign; morning,Various subjects; doc -> dridex,PP caught all of these,Email,Malware,Attachment,2
- 6/17/2019,Malicious email campaign; evening,"""PFA: VOUCHER COPY OF ILKFER""; doc -> agenttesla",PP caught all of these,Email,Malware,Attachment,2
- 6/17/2019,Malicious email campaign; evening,"""RE: [External] RFQ - Order rates""; doc -> agenttesla continued to 6/18",PP caught all of these,Email,Malware,Attachment,6
- 6/18/2019,Malicious email campaign; morning,"""RE:PURCHASE ORDER""; rar -> lokibot",PP caught all of these,Email,Malware,Attachment,3
- 6/18/2019,Malicious email campaign; evening,"All subjects contain ""Delivery-N"", doc -> dridex",PP caught all of these,Email,Malware,Attachment,5
- 6/18/2019,Malicious email campaign; evening,"""Invoice|Quotation""; docx -> lokibot",PP caught all of these,Email,Malware,Attachment,4
- 6/19/2019,Malicious email campaign; morning,"""RFQ - Urgent Inquiry for GUANGZHOU BFT CHINA CO.,LTD""; rar -> nanocore",PP caught all of these,Email,Malware,Attachment,2
- 6/19/2019,Malicious email campaign; morning,"All subjects contain ""invoice #<digits>""; link -> trickbot",PP caught all of these,Email,Malware,Link,46
- 6/20/2019,Malicious email campaign; morning,"""MOQ,FOB""; rar -> remcos",PP caught all of these,Email,Malware,Attachment,3
- 6/20/2019,Malicious email campaign; evening,"""Dhl SHIPMENT NOTIFICATION""; gz -> agenttesla continued into 6/21",PP caught all of these,Email,Malware,Attachment,2
- 6/22/2019,Malicious email campaign; morning,"""Purchase Order 75328 for JBS USA FOOD COMPANY""; iso -> formbook",PP caught all of these,Email,Malware,Attachment,24
- 6/23/2019,Malicious email campaign; evening,"""RFP INVAC/OW/SOW/2019/037 - Supply & Installation""; doc -> agenttesla",PP caught all of these,Email,Malware,Attachment,2
- 6/24/2019,Malicious email campaign; morning,"""Reconfirm Shipping Documents""; rar ->",PP caught all of these,Email,Malware,Attachment,2
- 6/25/2019,Malicious email campaign; morning,"""FDA REFUSAL KINDLY CORRECT FDA NUMBER""; zip -> formbook",PP caught all of these,Email,Malware,Attachment,26
- 6/25/2019,Malicious email campaign; evening,"""SAUDI ARAMCO TENDER NO. T01777/QC/TC/MP/20/19""; iso -> agenttesla",PP caught all of these,Email,Malware,Attachment,2
- 6/26/2019,Malicious email campaign; evening,"""Cargo Booking# 0399A08499: ATTACH DRAFT DOCS Telex Release JBS USA FOOD COMPANY""; iso -> formbook",PP caught all of these,Email,Malware,Attachment,4
- 6/27/2019,Malicious email campaign; morning,"Various subjects, .it sender; xls -> ursnif",PP caught all of these,Email,Malware,Attachment,2
- 6/27/2019,Malicious email campaign; morning,"""ACH FOR PROFORMA INVOICE 32332,23232 ""; iso -> formbook",PP caught all of these,Email,Malware,Attachment,11
- 6/27/2019,Malicious email campaign; morning,"""FW: SWIFT Transfer (103) 000OUTQ080519103""; docx -> doc -> agenttesla continued into 6/28",PP caught all of these,Email,Malware,Attachment,
- 6/27/2019,Malicious email campaign; evening,"""DHL CONGINMENT NOTIFICATION""; zip -> agenttesla",PP caught all of these,Email,Malware,Attachment,2
- 6/27/2019,Malicious email campaign; evening,"""ACH FOR PROFORMA PO32332,PO23232""; iso -> formbook",PP caught all of these,Email,Malware,Attachment,9
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement