GOOGLE phish running on alreef[.]org

1. Found: 2018-01-05 10:04:41
2. URL: http://m.alreef.org/cliffinternational/SGcompanies.zip
3. File: SGcompanies-m.alreef.org.zip
4. Domain: alreef.org
5. Target: GOOGLE
6. Name Size Date MD5 SGcompanies/verification.php 50081 2016-05-02 10:38:46 a5e518300a5bcef049485b3899e9c97a
7. File appears in 17 kits
8. SGcompanies/zVeXn4.php 1824 2017-12-06 19:20:50 bbd4cf1690b574cd5d1a8501ed95975a
9. SGcompanies/phone.php 1826 2017-12-06 19:20:26 b05c67c50a43f586d1b9e8a2e90c6e4e
10. SGcompanies/index.html 1880 2017-05-17 08:33:50 258c19a94e29c1b16c3d41807978df57
11. File appears in 5 kits
12. SGcompanies/oohay.php 1780 2017-01-30 18:35:52 85cbf34ee380b4d9fae7a7e3bdefa6e7
13. File appears in 19 kits
14. SGcompanies/loa.php 1770 2017-01-30 18:32:10 8abeb3dfb7d31895a1ba3eaf53d3efb8
15. File appears in 19 kits
16. SGcompanies/zVeXn1.php 1821 2017-12-06 19:21:10 973790756d9af9298e466322feaa1c65
17. SGcompanies/rehto.php 1755 2017-01-30 18:40:28 28054f06b8a9bb6451d05d77e2cd8287
18. File appears in 19 kits
19. SGcompanies/liamg1.php 1452 2017-01-30 17:08:26 7bdebc1dadf4b3dc05fd976f08eca2fe
20. File appears in 19 kits
21. SGcompanies/zVeXn6.php 1833 2017-12-06 19:20:38 9c9bd5e0d8d1d3a2aec677c1915c1d9d
22. SGcompanies/eciffo365.php 1870 2017-01-30 18:22:54 5c542939030913a58c155f4e3d5b6247
23. File appears in 19 kits
24. SGcompanies/zVeXn5.php 1813 2017-12-06 19:20:44 76039821302c6903bdbc71a6500a7977
25. SGcompanies/kooltuo.php 1979 2017-01-30 18:30:56 085106bed8db4b934d2cebf2564691cb
26. File appears in 19 kits
27. SGcompanies/liamg2.php 1810 2017-01-30 17:15:20 5f0eb953d2a63a8e5a7a34f75b68a71a
28. File appears in 19 kits
29. SGcompanies/zVeXn3.php 1832 2017-12-06 19:21:26 324dc733690b87d463d81e45cb95333c
30. SGcompanies/images/subomi.png 643 2017-01-30 18:24:36 8ee72998ff42c84685a2e6b6026dfa26
31. File appears in 50 kits
32. SGcompanies/images/oubody.png 12359 2017-01-30 18:25:56 306cc3508634cabb4ee8e00f83329c95
33. File appears in 48 kits
34. SGcompanies/images/qa.png 133794 2017-02-16 18:44:24 b9cca7e095284d875c03b78ead72adf0
35. File appears in 8 kits
36. SGcompanies/images/eciffo365body.png 17685 2017-01-30 18:23:46 b2ed602ce1f93fa5db7198892f791dd8
37. File appears in 50 kits
38. SGcompanies/images/foota.png 5651 2017-01-30 17:51:56 deea600f93c09d9bb3739c5beafc47bb
39. File appears in 24 kits
40. SGcompanies/images/liamg.ico 5430 2017-01-30 17:51:26 f3418a443e7d841097c714d69ec4bcb8
41. File appears in 65 kits and under 3 different file names
42. SGcompanies/images/a4.png 3837 2017-02-01 12:22:56 a4809882a99b1d3e0e921086ca469259
43. File appears in 18 kits
44. SGcompanies/images/oohay.ico 5430 2017-01-30 18:28:36 9796ed786d95606d51be9dab54fb5350
45. File appears in 101 kits and under 4 different file names
46. SGcompanies/images/outlooklogo.png 4041 2017-05-17 15:49:18 dd812ba3e7fcbf4e089ba2081afc4457
47. File appears in 8 kits
48. SGcompanies/images/googlelogo.png 2608 2017-05-17 15:49:10 167f3bfb24d202f83c587b12dc9b9f82
49. File appears in 8 kits
50. SGcompanies/images/ori.png 16391 2017-01-30 17:52:02 009722a854532eb41eb44f47884d53fa
51. File appears in 39 kits
52. SGcompanies/images/a6.png 5226 2017-02-01 12:23:20 9beb3ce22f5b651cf1fe89a8926e25fe
53. File appears in 18 kits
54. SGcompanies/images/gmbody1.png 17568 2017-01-30 18:21:20 42e79def8853f48e8df6219bab58b931
55. File appears in 48 kits
56. SGcompanies/images/logsogo.png 71116 2017-01-30 17:51:48 abcf64c9e28d96026d6e2d921e1659a5
57. File appears in 39 kits
58. SGcompanies/images/kooltuo.ico 17174 2017-01-30 18:25:26 12e3dac858061d088023b2bd48e2fa96
59. File appears in 233 kits and under 8 different file names
60. SGcompanies/images/klik.png 134 2017-01-30 17:53:08 374addb11c47033a6a97d70a15217dde
61. File appears in 49 kits
62. SGcompanies/images/a2.png 5161 2017-02-01 12:22:36 40641588664ea4365c86e6dd0ba9fbc9
63. File appears in 18 kits
64. SGcompanies/images/a5.png 9309 2017-02-01 12:23:04 d19fea5a28ccf0ea963aedcc5c7feae3
65. File appears in 18 kits
66. SGcompanies/images/background2.png 304252 2017-05-17 15:49:04 a9fd4696dbfc19941aaf4fd633d2acf5
67. File appears in 8 kits
68. SGcompanies/images/bode.png 50351 2017-01-30 17:52:28 c113fe0d26c38140a2227b306d14c1f7
69. File appears in 20 kits
70. SGcompanies/images/aollogo.png 919 2017-05-17 15:49:00 0f97d4347e72b1627571960627e5e8d3
71. File appears in 8 kits
72. SGcompanies/images/weblogo.png 583 2017-05-17 15:49:22 a194ae5f481bfef3b98e10ec650d5e1a
73. File appears in 8 kits
74. SGcompanies/images/images.zip 167755 2017-02-01 16:00:16 535ba189526cd54d006ab2c8c6fdb60b
75. File appears in 16 kits
76. SGcompanies/images/loa.ico 1150 2017-01-30 18:27:06 b1aa5134d39c9a8c7dc8b40bc680e5ac
77. File appears in 54 kits and under 3 different file names
78. SGcompanies/images/yahoologo.png 4066 2017-05-17 15:49:26 546c769032b4a0a8dba9498c4bee2457
79. File appears in 8 kits
80. SGcompanies/images/a1.png 8004 2017-02-01 12:14:36 fcca55035109f87f50612092439f7289
81. File appears in 18 kits
82. SGcompanies/images/otbody.png 14511 2017-01-30 18:28:20 bdbcc8184b07945f63b31113e282cc8f
83. File appears in 49 kits
84. SGcompanies/images/yabody.png 16089 2017-01-30 18:28:40 b0d5dbe296b77a6c35308ad33156af92
85. File appears in 48 kits
86. SGcompanies/images/gmbody2.png 23602 2017-01-30 18:48:46 87408d00257961f79a21a35e70c98732
87. File appears in 48 kits
88. SGcompanies/images/a3.png 5976 2017-02-01 12:22:48 a7be1af01c884d2237dd863a852ce6ed
89. File appears in 18 kits
90. SGcompanies/images/aobody.png 15944 2017-01-30 18:27:30 4ee6b6147ead7b12e03cbcfff1a6a88e
91. File appears in 48 kits
92. SGcompanies/images/officelogo.png 8863 2017-05-17 15:49:14 deb7f9906db086a862369a68752ccf04
93. File appears in 8 kits
94. SGcompanies/zVeXn2.php 1760 2017-12-06 19:21:06 4543e0d1789a61208a9fd9cba99f569a
95.  
96. 2 Email addresses found:
97. result@omadarail.com
98. wirez@googledocs.org (appears in 112 kits)
99.  
100.  
101.  
102. https://texasmalwareblog.blogspot.com @phish_total