Cybercrime, “NEW ORDER” campaign conveys AgentTesla
The zip attachment contains an exe file: the malware itself. Stolen data is exfiltrated via SMTP.
Cybercrime, Lokibot is hidden in an email from India
The Ace attachment of the message contains an exe file: the malware itself.
Cybercrime, new Avemaria / WarZone RAT campaign via false firm PO
The img attachment contains an exe file: the malware itself. Objective: to steal information from the victim.
Cybercrime, DHL-themed AgentTesla campaign via Guloader
The email gz attachment contains an exe file: the loader. This contacts a url and downloads the final malware. Stolen data is exfiltrated via ftp.
Cybercrime: RemcosRAT campaign via fake bank remittance
The xlsx attachment contains an exe file: the malware itself.
Cybercrime, unknown malware spread via Guloader by DHL themed campaign
The gz attachment in a fake email from the courier contains an exe: the loader, which contacts a url and downloads the malware. However, the final payload is unknown.
Cybercrime, new Swift payment confirmation themed Formbook campaign
The email doc attachment downloads an exe: the malware itself.
Cybercrime, Formbook is hiding in a fake bank payment
The email iso attachment contains an exe file: the malware itself.
Cybercrime, second Emotet campaign via real stolen email conversation
The xls attachment directly contacts an internal list of URLs and downloads the dll, starting the malware infection.
Cybercrime, a real stolen email conversation spread Emotet
The zip attachment contains a file that runs a PS and downloads the dll from an internal list of url, starting the malware infection.