SHARE
TWEET

2019-08-22 - info on malspam pushing Shade ransomware

malware_traffic Aug 22nd, 2019 1,463 Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. DESCRIPTION:
  2.  
  3. - Example of malicious spam (malspam) used to distribute Shade (Troldesh) ransomware seen on Thursday 2019-08-22.
  4.  
  5. MALSPAM:
  6.  
  7. - Date: Thursday, 2019-08-22 11:58 UTC
  8. - From: ЭКСИМЕР ОПТИКС <msteffen@officeinstallations.com>
  9. - Subject: О заказе
  10. - Attachment name: Красильников45.rar
  11. - Paste of sanitized email: https://pastebin.com/u8qQrL6g
  12.  
  13. ASSOCIATED MALWARE:
  14.  
  15. - SHA256 hash: 53576ddd391f7334ea579e7fdaf5ce3ec695caadf3c369819f67025a89a9ae43
  16. - File size: 10,852 bytes
  17. - File name: Красильников45.rar
  18. - File description: Email attachment - password-protected RAR archive (password: 43)
  19.  
  20. - SHA256 hash: 286245ca8c289a1cdae5b7097b31b95e7236f46398b509f0b4e71cbeea865575
  21. - File size: 15,528 bytes
  22. - File name: 1.js .2019-08.21.docx.js
  23. - File description: JS downloader to designed retrieve Shade (Troldesh) ransomware EXE
  24.  
  25. - SHA256 hash: 335c62dc05588d1de881ce67951b7183aba57f746262d34085b8b6d43c789094
  26. - File size: 1,412,784 bytes
  27. - File location: hxxp://demo7.mon-application[.]com/wp-content/languages/plugins/2c.jpg
  28. - File location: hxxp://www.ddfiesta[.]com/wp-content/themes/lovecraft/genericons/font/2c.jpg
  29. - File description: Shade (Troldesh) ransomware EXE
RAW Paste Data
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy. OK, I Understand
 
Top