Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- THREAT ATTRIBUTION: TA505
- SUBJECTS OBSERVED
- Pension certificates
- SENDERS OBSERVED
- Roger[.]Dickenson@acse77[.]fr
- Roger[.]Dickenson@piccionigroup[.]it
- Roger[.]Dickenson@24telekom[.]com
- Roger[.]Dickenson@novotny-reality[.]cz
- Roger[.]Dickenson@nanumsem[.]com
- Roger[.]Dickenson@koperasimadani[.]co[.]id
- Roger[.]Dickenson@ttr[.]com[.]tr
- Roger[.]Dickenson@satius[.]com[.]ar
- Roger[.]Dickenson@goline[.]com[.]cn
- Roger[.]Dickenson@grauvogl[.]org
- Roger[.]Dickenson@transatlantic[.]is
- MALDOC LANDING PAGE URLS
- hxxp://eduthermas[.]sk/vz0s4[.]html
- hxxp://falcon1[.]net/~carolb/eedvmpj[.]html
- hxxp://jqtrias[.]com/v61vd[.]html
- hxxp://lewell[.]fr/2au7x[.]html
- hxxp://razor[.]arnes[.]si/~osjkranjkr/h2j6x2n[.]html
- hxxp://verkeersovertredingen[.]nl/ozkk1g5[.]html
- hxxp://www[.]newmedia[.]plus[.]com/bu2a8o[.]html
- hxxp://www[.]scottofyork[.]plus[.]com/ouwd7q[.]html
- MALDOC DISTRIBUTION URLS
- hxxps://dl[.]river-store[.]com/
- (currently down)
- SUPPORTING EVIDENCE
- https://urlhaus.abuse.ch/url/427135/
Add Comment
Please, Sign In to add comment