Malware spam: "Please check the attached invoice and confirm me if I sent the right data" leads to Locky
Tags
| country: | Netherlands Germany |
| attack-pattern: | Data Malware - T1587.001 Malware - T1588.001 |
Common Information
| Type | Value |
|---|---|
| UUID | 68efb6ef-3325-446f-b457-b6a187858553 |
| Fingerprint | 2046e8f70b166d8f |
| Analysis status | DONE |
| Considered CTI value | 0 |
| Text language | |
| Published | July 28, 2016, 11:13 a.m. |
| Added to db | Jan. 18, 2023, 8:26 p.m. |
| Last updated | Sept. 2, 2024, 8:59 a.m. |
| Headline | Dynamoo's Blog |
| Title | Malware spam: "Please check the attached invoice and confirm me if I sent the right data" leads to Locky |
| Detected Hints/Tags/Attributes | 18/2/56 |
Source URLs
| Redirection | Url | |
|---|---|---|
| Details | Source | https://blog.dynamoo.com/2016/07/malware-spam-please-check-attached.html |
URL Provider
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | Domain | 1 | chazsmedley.com |
|
| Details | Domain | 1 | 01ad681.netsolhost.com |
|
| Details | Domain | 2 | 12-land.co.jp |
|
| Details | Domain | 1 | arabian-horse-highlights.homepage.t-online.de |
|
| Details | Domain | 1 | bajasae.grupos.usb.ve |
|
| Details | Domain | 1 | baldwinhistory.portalstream.net |
|
| Details | Domain | 1 | billy-hanjo.homepage.t-online.de |
|
| Details | Domain | 1 | blanquerna.eresmas.net |
|
| Details | Domain | 1 | burkersdorf.eu |
|
| Details | Domain | 1 | campustouren.de |
|
| Details | Domain | 1 | christilipp.com |
|
| Details | Domain | 1 | creartnet.com |
|
| Details | Domain | 1 | dev12.gammat.net |
|
| Details | Domain | 2 | exclusive-closet.com |
|
| Details | Domain | 3 | fc2.com |
|
| Details | Domain | 1 | idd00dnu.eresmas.net |
|
| Details | Domain | 1 | it4cio.servicos.ws |
|
| Details | Domain | 1 | jozefow.cba.pl |
|
| Details | Domain | 1 | karumaengeki.web.fc2.com |
|
| Details | Domain | 1 | kbridge.web.fc2.com |
|
| Details | Domain | 1 | lacrima.ru |
|
| Details | Domain | 1 | luzdevelas.es |
|
| Details | Domain | 1 | mbiurorachunkowe.republika.pl |
|
| Details | Domain | 1 | motorkote.org |
|
| Details | Domain | 1 | okhtinka.ru.hoster-ok.com |
|
| Details | Domain | 1 | papamama.com.sg |
|
| Details | Domain | 1 | piggy.riffle.be |
|
| Details | Domain | 1 | robertstefan.home.ro |
|
| Details | Domain | 1 | sav-krelingen.de |
|
| Details | Domain | 1 | schefman.info |
|
| Details | Domain | 1 | slit.xxxxxxxx.jp |
|
| Details | Domain | 1 | sv-r.ru |
|
| Details | Domain | 1 | www.acheri.it |
|
| Details | Domain | 1 | www.andyschwietzer.homepage.t-online.de |
|
| Details | Domain | 1 | www.chantale.force9.co.uk |
|
| Details | Domain | 1 | www.clefranceitalie.org |
|
| Details | Domain | 1 | www.inari.net |
|
| Details | Domain | 1 | www.kan-therm.ru |
|
| Details | Domain | 1 | www.marinoderosas.com |
|
| Details | Domain | 1 | www.panella.org |
|
| Details | Domain | 1 | www.rgtalp14.it |
|
| Details | Domain | 1 | www.ruyssinck-demeyer.be |
|
| Details | Domain | 1 | www.schwarzer-baer-kastl.de |
|
| Details | Domain | 1 | www.uasm.de |
|
| Details | Domain | 1 | yourparty.cba.pl |
|
| Details | Domain | 1 | zckupila.republika.pl |
|
| Details | 1 | harrison.59349@chazsmedley.com |
||
| Details | File | 1 | cba.pl |
|
| Details | File | 2 | republika.pl |
|
| Details | File | 1 | schefman.inf |
|
| Details | File | 3 | _dispatch.php |
|
| Details | IPv4 | 1 | 83.235.64.44 |
|
| Details | IPv4 | 1 | 178.78.87.8 |
|
| Details | IPv4 | 1 | 178.62.232.244 |
|
| Details | IPv4 | 1 | 193.124.180.6 |
|
| Details | IPv4 | 1 | 139.59.147.0 |