API tools faq
paste
Advertisement
James_inthe_box

June 2019 Email Campaigns

James_inthe_box
Jul 1st, 2019
987
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 6.35 KB | None | 0 0
raw download clone embed print report
  1. Date,Summary ,Details,Remediation Steps,Category,Sub Category,Email Payload Type,Users Targeted
  2. 6/3/2019,Malicious email campaign; morning,"All subjects contain ""invoice-notification_""; doc -> dridex",PP caught all of these,Email,Malware,Attachment,30
  3. 6/4/2019,Malicious email campaign; morning,"Various subjects, .it sender; xls -> ursnif",PP caught all of these,Email,Malware,Attachment,10
  4. 6/5/2019,Malicious email campaign; morning,"""RE: Swift confirmation Payment Notice. {FOREIGN REMITTANCE}|MV.HIGH SPEED""; iso -> lokibot continured to 6/6",PP caught all of these,Email,Malware,Attachment,6
  5. 6/5/2019,Malicious email campaign; morning,"""Open Orders - URGENT""; doc -> agenttesla",PP caught all of these,Email,Malware,Attachment,6
  6. 6/6/2019,Malicious email campaign; morning,"""Request proposal for Modernisation of Socar Azerikimya Petrochemical Plant""; doc -> azorult continued to 6/7",PP caught all of these,Email,Malware,Attachment,14
  7. 6/9/2019,Malicious email campaign; morning,"""New Order #13910""; doc -> agenttesla",PP caught all of these,Email,Malware,Attachment,2
  8. 6/9/2019,Malicious email campaign; morning,"""Lpo-1037""; doc -> broken :(",PP caught all of these,Email,Malware,Attachment,4
  9. 6/10/2019,Malicious email campaign; morning,"All subjects contain ""invoice""; link -> trickbot",PP caught all of these,Email,Malware,Link,6
  10. 6/10/2019,Malicious email campaign; evening,"""Fw: EFT Remittance Advice: J.P. Morgan Bank Customer Advice""; zip -> lnk -> ps1 -> remcos rat continued to 6/12",PP caught all of these,Email,Malware,Attachment,2
  11. 6/11/2019,Malicious email campaign; morning,"""Orden para la semana # 24""; rar -> formbook",PP caught all of these,Email,Malware,Attachment,14
  12. 6/11/2019,Malicious email campaign; evening,"""RFQ for Broken Rice & black beans Grade A/200MT each of Shanghai Senke (China) Co., ltd""; rar -> formbook",PP caught all of these,Email,Malware,Attachment,4
  13. 6/12/2019,Malicious email campaign; morning,"""Invoice- Remittance Advice""; doc -> agenttesla",PP caught all of these,Email,Malware,Attachment,2
  14. 6/12/2019,Malicious email campaign; evening,"""Shipping Doc""; iso -> agenttesla",PP caught all of these,Email,Malware,Attachment,11
  15. 6/12/2019,Malicious email campaign; evening,"""EMAIL SWIFT""; rar -> lokibot",PP caught all of these,Email,Malware,Attachment,3
  16. 6/13/2019,Malicious email campaign; morning,"All subjects contain ""eFAX-""; doc -> dridex",PP caught all of these,Email,Malware,Attachment,4
  17. 6/13/2019,Malicious email campaign; morning,"""ENQ No. 0658/0319""; doc -> agenttesla",PP caught all of these,Email,Malware,Attachment,2
  18. 6/13/2019,Malicious email campaign; evening,"""RFQ for Shangai Senke China Co. Ltd for urgent shipment""; rar -> formbook",PP caught all of these,Email,Malware,Attachment,2
  19. 6/16/2019,Malicious email campaign; morning,"""INQ No. 0658/0319""; doc -> agenttelsa",PP caught all of these,Email,Malware,Attachment,2
  20. 6/16/2019,Malicious email campaign; morning,"""RFQ - Order rates for New Order""; doc -> agenttelsa",PP caught all of these,Email,Malware,Attachment,2
  21. 6/17/2019,Malicious email campaign; morning,"""REQUEST FOR QOUTATION""; zip & rar -> lokibot continued into 6/19",PP caught all of these,Email,Malware,Attachment,6
  22. 6/17/2019,Malicious email campaign; morning,Various subjects; doc -> dridex,PP caught all of these,Email,Malware,Attachment,2
  23. 6/17/2019,Malicious email campaign; evening,"""PFA: VOUCHER COPY OF ILKFER""; doc -> agenttesla",PP caught all of these,Email,Malware,Attachment,2
  24. 6/17/2019,Malicious email campaign; evening,"""RE: [External] RFQ - Order rates""; doc -> agenttesla continued to 6/18",PP caught all of these,Email,Malware,Attachment,6
  25. 6/18/2019,Malicious email campaign; morning,"""RE:PURCHASE ORDER""; rar -> lokibot",PP caught all of these,Email,Malware,Attachment,3
  26. 6/18/2019,Malicious email campaign; evening,"All subjects contain ""Delivery-N"", doc -> dridex",PP caught all of these,Email,Malware,Attachment,5
  27. 6/18/2019,Malicious email campaign; evening,"""Invoice|Quotation""; docx -> lokibot",PP caught all of these,Email,Malware,Attachment,4
  28. 6/19/2019,Malicious email campaign; morning,"""RFQ - Urgent Inquiry for GUANGZHOU BFT CHINA CO.,LTD""; rar -> nanocore",PP caught all of these,Email,Malware,Attachment,2
  29. 6/19/2019,Malicious email campaign; morning,"All subjects contain ""invoice #<digits>""; link -> trickbot",PP caught all of these,Email,Malware,Link,46
  30. 6/20/2019,Malicious email campaign; morning,"""MOQ,FOB""; rar -> remcos",PP caught all of these,Email,Malware,Attachment,3
  31. 6/20/2019,Malicious email campaign; evening,"""Dhl SHIPMENT NOTIFICATION""; gz -> agenttesla continued into 6/21",PP caught all of these,Email,Malware,Attachment,2
  32. 6/22/2019,Malicious email campaign; morning,"""Purchase Order 75328 for JBS USA FOOD COMPANY""; iso -> formbook",PP caught all of these,Email,Malware,Attachment,24
  33. 6/23/2019,Malicious email campaign; evening,"""RFP INVAC/OW/SOW/2019/037 - Supply & Installation""; doc -> agenttesla",PP caught all of these,Email,Malware,Attachment,2
  34. 6/24/2019,Malicious email campaign; morning,"""Reconfirm Shipping Documents""; rar ->",PP caught all of these,Email,Malware,Attachment,2
  35. 6/25/2019,Malicious email campaign; morning,"""FDA REFUSAL KINDLY CORRECT FDA NUMBER""; zip -> formbook",PP caught all of these,Email,Malware,Attachment,26
  36. 6/25/2019,Malicious email campaign; evening,"""SAUDI ARAMCO TENDER NO. T01777/QC/TC/MP/20/19""; iso -> agenttesla",PP caught all of these,Email,Malware,Attachment,2
  37. 6/26/2019,Malicious email campaign; evening,"""Cargo Booking# 0399A08499: ATTACH DRAFT DOCS Telex Release JBS USA FOOD COMPANY""; iso -> formbook",PP caught all of these,Email,Malware,Attachment,4
  38. 6/27/2019,Malicious email campaign; morning,"Various subjects, .it sender; xls -> ursnif",PP caught all of these,Email,Malware,Attachment,2
  39. 6/27/2019,Malicious email campaign; morning,"""ACH FOR PROFORMA INVOICE 32332,23232 ""; iso -> formbook",PP caught all of these,Email,Malware,Attachment,11
  40. 6/27/2019,Malicious email campaign; morning,"""FW: SWIFT Transfer (103) 000OUTQ080519103""; docx -> doc -> agenttesla continued into 6/28",PP caught all of these,Email,Malware,Attachment,
  41. 6/27/2019,Malicious email campaign; evening,"""DHL CONGINMENT NOTIFICATION""; zip -> agenttesla",PP caught all of these,Email,Malware,Attachment,2
  42. 6/27/2019,Malicious email campaign; evening,"""ACH FOR PROFORMA PO32332,PO23232""; iso -> formbook",PP caught all of these,Email,Malware,Attachment,9
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!