Cybercrime, Netwire hides behind the purchase of a property
The email 7z attachment hides an executable inside. This is the malware itself.
Cybercrime, Agent Tesla conveyed to Italy by a false order
The email gz attachment contains an exe: the malware itself. Stolen data is exfiltrated via ftp.
Cybercrime, new Hancitor campaign via DocuSign email
The doc attachment is downloaded each time from a different url and contains the dll with the malware. The final payalod is unknown.
Cybercrime, new Agent Tesla campaign via fake automatic invoice email
The img attachment contains an exe: the malware itself. Stolen data is exfiltrated via smtp.
Cybercrime, “Hiello Dear” campaign to convey Nanocore
The email has no text, but contains two attachments: an executable and a zip with an exe inside. The files are identical and are the malware itself.
Cybercrime, new Hancitor campaign via DocuSign
The email doc attachment is downloaded each time from a different url and contains the dll with the malware. The final payalod is unknown.
Cybercrime, false e-mail on RFQ/purchase order conveys Agent Tesla
The email gz attachment contains an exe: the malware itself. This, if opened, activates the infection chain. Stolen data is then exfiltrated via smtp.
Cybercrime, fake purchase orders from Serbia-UAE spread Formbook
The email doc attachments have different names but are identical. If opened, they contact a single url and download the dll, which starts the malware infection.
Cybercrime, new Formbook campaign via RFQ
The zip attachment contains an exe: the malware itself. This, if opened, activates the infection chain. Objective: to steal sensitive data from victims.
Cybercrime, Hancitor is back hidden in a DocuSign email
The doc attachment is downloaded each time from a different url and contains the dll with the malware. The final payalod is unknown.