Cybercrime, Raccoon Stealer hidden in a fake complaint about a purchase
The link points to a page from which you download an xll file: the loader. This then in turn downloads a zip with the malware inside.
Cybercrime, new zgRAT campaign via AgentTesla and fake offer list
The rar attachment contains an exe file: the first malware, that downloads the second payload.
Cybercrime, Formbook conveyed via false hotel booking
The email rar attachment contains an exe file: the malware.
Cybercrime, multi-malware campaign via fake purchase order
The xls attachment of the email first downloaded Putty and now Formbook. It is not excluded that it is targeted.
Cybercrime, “Re: Fw: Urgent Inquiry” spreads AgentTesla
The Img attachment contains an exe file: the malware. Stolen data is exfiltered by smtp to an email address.
Cybercrime, new Lokibot campaign via SWIFT transfer
The doc attachment contacts a url from which it downloads the malware. The campaign is not geofenced and there are no blacklists.
Cybercrime, Emotet still in Italy with a document-themed campaign
The email xls attachment contacts a link from an internal list and downloads the dll, using the epoch 4 botnet, starting the malware infection.
Cybercrime, double AgentTesla campaign with a courier / shipper theme
The emails contain a link that downloads an iso with the malware inside or directly a 7z with the malicious exe.
Cybercrime, The mail “RE: Purchase Inquiry: KPC / PU-231 (MECH) NBI / 20-22” bait for Lokibot
The message rar attachment contains an exe file: the malware itself.
Cybercrime, “RE: Inovice no MUMXX NPVPXX” bait for Formbook
The email xlsx attachment contacts a link and downloads the malware via DBatloader.