Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- THREAT ATTRIBUTION: REMCOS
- SUBJECTS OBSERVED
- Payment Advice Notification
- SENDERS OBSERVED
- JPM Chase Payment Notification <donot-reply_notificationsr@alert-jpmchase.com>
- MALDOC FILE HASHES
- ACH Payment.xlsm
- 3b155af3c5f8cb9dcda8e4566d27abe4
- MALDOC DOWNLOAD URLs
- http://oficina24.online/king66/Protected%20Client.vbs
- PAYLOAD URL
- https://oficina24.online/king2/hold/manti/filet/uoyert/searty/Attack.jpg
- REMCOS C2
- UNKNOWN
- EMAIL BODY
- JPMorgan Chase
- This is a secure, encrypted message.
- Desktop Users:
- Open the attachment (Payment Advice.xlsm) and follow the instructions.
- Mobile Users:
- Open the attachment (Payment Advice.xlsm) on your PC and follow the instructions
- Need Help?
- Personal Security Image
- Your personalized image for:
- This personal security image will appear on secure email to you. If it's missing or unrecognized, please contact customer support. Learn more
- Disclaimer: This email and any attachments are confidential and for the sole use of the recipients. If you have received this email in error please notify the sender.
- Email Security Powered by Voltage IBE(tm)
- Copyright © 2015 JPMorgan Chase & Co. All rights reserved
Add Comment
Please, Sign In to add comment