API tools faq
paste
Advertisement
James_inthe_box

Stats

James_inthe_box
Aug 31st, 2017
1,018
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 6.12 KB | None | 0 0
raw download clone embed print report
  1. Date Details Email Payload Type Users Targeted
  2. 8/1/2017 "Voicemail From 845-551-<digits>", zip, -> vbs -> globeimposter ransomware Attachment 1876
  3. 8/1/2017 "Voice Message Attached from <digits>|Emailing -|Your order has been despatched", zip -> exe -> emotet trojan Attachment 613
  4. 8/1/2017 "You have received a new document from user@domain" , link -> doc -> hancitor -> pony -> zloader Link 763
  5. 8/2/2017 "Voicemail From 845-551-<digits>", zip, -> vbs -> globeimposter ransomware Attachment 785
  6. 8/2/2017 "Invoice NIC<digits>", zip -> vbs -> globeimposter ransomware this continued into 8/3/2017 Attachment 980
  7. 8/2/2017 "MACRO WARNING<japanese characters>", xls -> urlzone and pushdo trojans Attachment 11
  8. 8/2/2017 "ADP Payroll Invoice 52888616 for month 07/01/2017 - 07/31/2017", link -> doc -> hancitor -> pony -> zloader trojan Link 446
  9. 8/3/2017 "Re: invoice <digits>", link -> doc -> hancitor -> pony -> zloader trojan Link 404
  10. 8/3/2017 "IMG_<digits>.PDF|GIF|BMP|JPG|JPEG", zip -> .js -> globeimposter ransomware this continued into 8/4/2017 Attachment 5146
  11. 8/7/2017 "Delivery halted for shipment #<digits>", link -> doc -> -> hancitor -> pony -> evilpony -> zloader Link 978
  12. 8/7/2017 "Re: Our inquiry", zip -> exe -> formbook trojan Attachment 3
  13. 8/8/2017 "IMG_<digits>.PDF|GIF|BMP|JPG|JPEG", zip -> .js -> globeimposter ransomware this continued into 8/9/2017 Attachment 2509
  14. 8/8/2017 "MACRO WARNING<japanese characters>", xls -> urlzone and pushdo trojans Attachment 29
  15. 8/8/2017 "New eFax from 490-<digits>", link -> doc -> -> hancitor -> pony -> evilpony -> zloader Link 1046
  16. 8/9/2017 "E 2017-08-09 <digits>", zip -> .js -> locky ransomware Attachment 2851
  17. 8/10/2017 "FedEx Shipment $<digits> Delivered", doc -> hancitor -> pony -> evilpony -> zloader trojan Attachment 699
  18. 8/11/2017 "Scanned|Document|Invoice", pdf -> docm -> locky ransomware Attachment 58
  19. 8/11/2017 "Emailing <digits>.pdf", zip -> locky ransomware Attachment 560
  20. 8/11/2017 "Document from <random name>", doc -> locky ransomware Attachment 66
  21. 8/11/2017 "IMG_<digits>.PDF", pdf -> docm -> locky ransomware Attachment 191
  22. 8/14/2017 "PAYMENT", rar -> js -> locky ransomware Attachment 63
  23. 8/14/2017 All subjects contain "invoice", link -> doc -> emotet trojan Link 8
  24. 8/14/2017 "You have received a <digits> pages document from <digits>", link -> doc -> hancitor -> pony -> evilpony -> zloader trojan Attachment 680
  25. 8/15/2017 "eFax", doc -> trickbot trojan Attachment 15
  26. 8/16/2017 "Voice Message Attached from <digits> - name unavailable", rar -> js -> locky ransomware, continued into 8/17/2017 Attachment 2824
  27. 8/16/2017 "PAYMENT", rar -> js -> locky ransomware Attachment 945
  28. 8/16/2017 All subjects contain "invoice", link -> doc -> emotet trojan Link 14
  29. 8/16/2017 "Emailing - <zip attachment name>", zip -> js -> locky ransomware Attachment 249
  30. 8/16/2017 "Your document Invoice <digits> is ready to be signed!", link -> doc -> hancitor -> pony -> evilpony -> zloader trojan Link 691
  31. 8/16/2017 "< No Subject >", rar -> js -> locky ransomware Attachment 482
  32. 8/17/2017 "IMG|PIC|JPEG|SCAN_<digits>", 7z -> vbs -> locky ransomware Attachment 2428
  33. 8/17/2017 "RE: qb invoice", link -> doc -> hancitor -> pony -> evilpony -> zloader trojan Link 630
  34. 8/17/2017 "Outstanding Invoices email 1 of 2", doc -> locky ransomware Attachment 603
  35. 8/18/2017 "Scanned image from MX-2600N|Scanned Image from a Xerox WorkCentre", rar -> vbs -> locky ransomware Attachment 1190
  36. 8/18/2017 All subjects involve adult message, zip -> js -> tofsee trojan Attachment 54
  37. 8/22/2017 "Fax from: (digits) digits", rar -> locky ransomware Attachment 2389
  38. 8/22/2017 "<digits w -> has sent you a new eFax", link -> doc -> hancitor -> pony -> evilpony -> zloader trojan Link 393
  39. 8/23/2017 "Your Invoice AUG<digits> is ready for your review." , link -> doc -> hancitor -> pony -> evilpony -> zloader trojan Link 571
  40. 8/23/2017 "Payment has been made", doc -> trickbot trojan Attachment 10
  41. 8/23/2017 Subjects contain "Fatura", xls -> zloader trojan Attachment 161
  42. 8/23/2017 "Copy of invoice", link -> pdf -> docm -> locky ransomware Link 3012
  43. 8/24/2017 "Your Sage subscription invoice is ready", link -> rar -> vbs -> locky ransomware, continued into 8/25/2017 Link 2675
  44. 8/24/2017 "New voicemail from <digits>." , link -> doc -> hancitor -> pony -> evilpony -> zloader trojan Link 506
  45. 8/24/2017 "Bill-<digits>", link -> pdf -> docm -> locky ransomware Link 232
  46. 8/25/2017 "New voice message digits in mailbox digits from "digits" <digits>", rar -> vbs -> locky ransomware Attachment 2329
  47. 8/28/2017 "IMG_<digits>", zip -> vbs -> locky ransomware Attachment 2666
  48. 8/28/2017 "scans|photos|please print|documents", zip -> vbs -> locky ransomware Attachment 2400
  49. 8/28/2017 "user@domain.com PAYMENT COPY", rar -> pony trojan Attachment 9
  50. 8/28/2017 "Your document Settlement <digits> is ready for signature!" link -> doc -> hancitor -> pony -> evilpony -> zloader trojan Link 211
  51. 8/29/2017 "Emailing: Payment_201708-<digits>", 7z -> js -> locky ransomware, continued into 8/30/2017 Attachment 3083
  52. 8/29/2017 "You have received a scan from AT Management", zip -> vbs -> locky ransomware Attachment 27
  53. 8/29/2017 "Overdue BT bill" , zip -> vbs -> locky ransomware Attachment 15
  54. 8/29/2017 "Message from G10PR0151001.domain.com" , zip -> zip -> vbs -> locky ransomware Attachment 333
  55. 8/29/2017 "Canadian Imperial Bank of Commerce", doc -> trickbot trojan Attachment 22
  56. 8/29/2017 "USPS Confirmation - your mail is being held", link -> doc -> hancitor -> pony -> evilpony -> zloader trojan Link 41
  57. 8/30/2017 "Emailed Invoice - <digits>:1", 7z, -> vbs -> locky ransomware Attachment 2340
  58. 8/30/2017 "E-invoice for your order #<digits>" 7z, -> js -> locky ransomware Attachment 1715
  59. 8/30/2017 "Your order DELTA<digits> has been approved!", link -> doc -> hancitor -> pony -> evilpony -> zloader trojan Link 1819
  60. 8/30/2017 "PayPal Security Department informs", doc -> trickbot trojan Attachment 28
  61. 8/31/2017 "Please verify your email address", link -> js -> locky ransomware Link
  62. 8/31/2017 "August Payment", 7z, -> vbs -> locky ransomware Attachment 504
  63. 8/31/2017 "RE: domain.com services price list", link -> doc -> hancitor -> pony -> evilpony -> zloader trojan Link 516
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!