Found: 2018-06-07 17:15:09.218000 URL: http://gillespieclan.com/Myoffice/365online/logn/outlook/outlook.zip File: gillespieclan.com-outlook-outlook.zip Domain: gillespieclan.com Target: MICROSOFT Name Size Date MD5 outlook/files/Converged1033.css 87903 2017-11-19 01:49:22 1ad0dae66feea9e8d693843c824abe01 outlook/files/ConvergedLoginPaginatedStrings.js 14357 2017-11-19 01:49:22 cb5e660228f6e00a03786f8c87b7691f outlook/files/ConvergedLogin_PCore.js 285261 2017-11-19 01:49:22 4fc09b5fc77d6f436e28cded8ef1d190 outlook/files/microsoft_logo.svg 3651 2017-11-19 01:49:22 ee5c8d9fb6248c938fd0dc19370e90bd File appears in 29 kits and under 2 different file names outlook/files/prefetch.htm 3309 2017-11-19 01:49:22 fa9d9422f13f1eb1fd7cbf23061c7eb1 outlook/files/prefetch_data/boot.css 230786 2017-11-19 01:49:22 b4beabf2cee90a2b9e0dda151c989df0 outlook/files/prefetch_data/boot.js 650798 2017-11-19 01:49:22 863973d4e728ec1de8b962df46781a15 outlook/files/prefetch_data/boot_002.js 653514 2017-11-19 01:49:22 0e8f963ae925e2954398f16a775e2846 outlook/files/prefetch_data/boot_003.js 656706 2017-11-19 01:49:22 98665efcf4825184a59df5d4187e84e6 outlook/files/prefetch_data/boot_004.js 649008 2017-11-19 01:49:22 130bc5d6fd1728f8789e3a85f7f679e0 outlook/files/prefetch_data/sprite1.css 7604 2017-11-19 01:49:22 e9ba472d2ddb09fb3ec536dc240b1976 File appears in 5 kits outlook/files/prefetch_data/sprite1.png 16664 2017-11-19 01:49:22 2835f067dcf4c8a12464856267ca8ff7 File appears in 25 kits and under 2 different file names outlook/login.php 30223 2018-04-30 06:23:12 b34a6ea789e76bd8476e256a8bc0c755 outlook/pass.php 31036 2018-04-30 06:28:06 31f6f286b616d653dd18a874234b1df2 outlook/processing.php 849 2018-05-01 12:29:28 243a0f2c8ae271e2bde4233814940df3 1 Email addresses found: box4logss@yandex.com https://texasmalwareblog.blogspot.com @phish_total