Created
February 3, 2025 16:33
-
-
Save silence-is-best/4a3558425ea7057e0e4e00d14a9cde78 to your computer and use it in GitHub Desktop.
January Malspam Campaigns
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Date,Details,Email Payload Type,Users Targeted | |
| 1/8/2025,Copy shipping docs/ PO EV1786/ LY ECO PAK/ EV1; z -> vipkeylogger,Attachment,4 | |
| 1/9/2025,Invoice; zip -> lumma ,Attachment,2 | |
| 1/9/2025,PO#17971; rar -> vipkeylogger,Attachment,4 | |
| 1/11/2025,Order Confirmation#011025; 7z -> xloader,Attachment,3 | |
| 1/13/2025,Enquiry - RFQ; z -> vipkeylogger,Attachment,4 | |
| 1/13/2025,QUOTATION REQUIRED_Enatel s.r.l.; rar -> vipkeylogger,Attachment,8 | |
| 1/13/2025,Re: Invoice AJL2024/12/13. - Payment Receipt (OCEAN HOPE LLC); 7z -> snakekeylogger,Attachment,4 | |
| 1/13/2025,Re: Payment Authourisation for Order9000168504; r15|r00 -> xloader,Attachment,2 | |
| 1/13/2025,RE: PI-KMM289108//Payment Transfer Issue; zip -> xloader,Attachment,2 | |
| 1/14/2025,PO No. 0146850827805 HSP00598420 - Jan-15- 2025; 001 -> xloader,Attachment,2 | |
| 1/14/2025,Attachment name is invoice no 1122207 pdf.pdf.z; z -> vipkeylogger,Attachment,4 | |
| 1/15/2025,ORDER-DOCU800147001; r01 -> azolrult,Attachment,3 | |
| 1/16/2025,Attachment name is 80++statement of accounts as of sep 11 2024.pdf.z; z -> vipkeylogger,Attachment,4 | |
| 1/16/2025,Attachment name is outstanding payment request.rar; -> vipkeylogger,Attachment,4 | |
| 1/17/2025,Re: order tubes; z -> xloader,Attachment,3 | |
| 1/21/2025,OOCL Arrival Notice At Final Destination: OOLU203880066721| CMA CGM ZEPHYR - 1TUA2J1MK; zip -> originlogger,Attachment,3 | |
| 1/21/2025,Statement Of Account; 7z -> snakekeylogger,Attachment,2 | |
| 1/21/2025,Attachment name is DEBIT NOTE.rar; rar -> vipkeylogger,Attachment,4 | |
| 1/22/2025,Attachment name is payment swift.pdf.z; z -> vipkeylogger,Attachment,4 | |
| 1/23/2025,Attachment name is new order list.pdf.z; z -> vipkeylogger,Attachment,4 | |
| 1/23/2025,MV. BRAVE SAILOR (V.1801) - AGENT NOMINATION at your port (Bunkering Only); rar -> snakekeylogger,Attachment,4 | |
| 1/24/2025,Attachment name is new medline order.pdf.pdf.z; z -> vipkeylogger,Attachment,4 | |
| 1/24/2025,payment information; zip -> xloader,Attachment,2 | |
| 1/25/2025,Attachment name is statement of accounts-xxxxx8892-250120252003289814.rar; rar -> snakekeylogger,Attachment,4 | |
| 1/26/2025,RFQ678903423_PROD & INQUIRY; lzh -> xloader,Attachment,2 | |
| 1/28/2025,"Attachment name is payment reciept 付款收据】 pdf.pdf.z., z -> vipkeylogger",Attachment,4 | |
| 1/29/2025,ITB 4422-Hail and Ghasha fields Project (UAE) - Onshore Facilities (HGD-PKG2)- RfQ; rar -> vipkeylogger,Attachment,3 | |
| 1/30/2025,Attachment name is new order 12960 inquiry.rar; rar -> vipkeylogger,Attachment,4 | |
| 1/31/2025,Attachment name is payment_details.zip; zip -> vipkeylogger,Attachment,4 | |
| azorult, 8f856e9882d312f6a51f265796c6a68c1914d1c51c59fc1964484fa5ac130f34, http://b2csa.icu/PL341/index.php | |
| lumma, 697e9c2868457f2721b82f27620c0ff21e1529e1dc247a6fd0792c782196195e, chipdonkeruz.shop | |
| originlogger, 6f094aa75a8322555241fae3063c17075a6ed5166bfb41c9055c390278178d6b, mail.stilbo.eu | |
| originlogger, b4ce91bdb3336fef3434454007575635a36024c050cf580ce5ce7c162f97e0d3, ftp://s4.serv00.com | |
| snakekeylogger, 13aef47049b6f723e3b24e8f794b9c09e18ed477f62436d1a8250951b4fe253e, https://api.telegram.org/bot7509254516 | |
| snakekeylogger, 303a9101194ca11bc42d20bb65f44b28252727315be094a09d724443564636e6, mail.bouttases.fr | |
| snakekeylogger, 316e5e19fa998509392801b0f285440b38c99c5853caff39011d12b5b7275253, webmail.netins.net | |
| snakekeylogger, 4120a4a8c8a1fb238464ad39e72baa8afcead746bab20e8979c427f09454df88, https://api.telegram.org/bot7800094213 | |
| snakekeylogger, 4b26e73d090b46a643637a99212391f48571bc58236504f6e43882b6f70776b4, mail.rafinadumai.co.id | |
| snakekeylogger, 4fc7cb2b1080330179c0164b3cbd8b5906375fcadaad566896a5b6468917a21a, https://api.telegram.org/bot8161619263 | |
| snakekeylogger, 7e1ad38a28e90dd0d9c52003b47929b83c99ea43560e9dca9db8cfdd167788d3, mail.npmmachinery.com | |
| snakekeylogger, 83b701ff5443094c497075463b217819c0b7915a156943e3877ce114a6279800, mail.privateemail.com | |
| snakekeylogger, 8eb955d1794fe1fd4c8e9bd91c280a69e09c11a9673c3e0fa2312a27520b3eb5, us2.smtp.mailhostbox.com | |
| snakekeylogger, 9781bed51fa317c05bdee10e39bb36691e55217983c133081f757f39e5d2a21d, webmail.active.by | |
| snakekeylogger, abc0b5e65132918208e06122ecfe2172c468494da7b0e48cc40f8475138153b2, us2.smtp.mailhostbox.com | |
| snakekeylogger, b16a07537092452ea8939b87bb8eaced5dad19fa44f93146e4ba8d8bd943dc83, mail.rafinadumai.co.id | |
| snakekeylogger, b8c8a5c0f597a8d34813ce8f5e6a24832ccdad7bd0fa76e3d1f9adaf4639e795, api.telegram.org/bot7825959937 | |
| snakekeylogger, b9f10bbaec165ee961fd1bfa4a18de52c97054ee962f842514eff1c5e21785c4, https://api.telegram.org/bot8130225934: | |
| snakekeylogger, d600290473f4e9503e14d8d988bcb58b11b103471a7515212356c3c0aecc6657, us2.smtp.mailhostbox.com | |
| snakekeyloggger, 500e0511666a6aced9ceb6e727bbe21cfaacefbf6529704848286238056f9875, jertcot.shop | |
| vipkeylogger, 0cac75f1f61f9fcca09695de695e469d62f7e73147ba678f7d6dcb4eea80389c, mail.aktagor-prom.by | |
| vipkeylogger, 109c796b316470b61df7a49a0250af8562f130e6365c702ea5559926c1aeacfb, https://api.telegram.org/bot8137547477 | |
| vipkeylogger, 1feae0629737f66256705d4b358b5ec4f78ad14c5dc196ed3ab0cba5b027c253, us2.smtp.mailhostbox.com | |
| vipkeylogger, 232a7e46e445365072b4a136330efec9284ce63b7b1525442a10f68a8ef02ee4, mail.ruchiraprinting.com | |
| vipkeylogger, 2bedd3f965d463529bb4096342c1741a19f28cbf7f2f222d2cb6513ddfe109bf, mail.npmmachinery.com | |
| vipkeylogger, 379b05a7d3bf9bc6976caf4e392bb9ce75eaa60b8ea83ed11bcad059fa9d990c, mail.covid19support.top | |
| vipkeylogger, 49ce4bee8e0c8178aad7c4c71abd4bc832b4696b84c5677cb5b30cc698ce8e8c, https://api.telegram.org/bot8066712820 | |
| vipkeylogger, 51a12dd99530488f1adc777e2479b57e984997635e2ba773d69ff27718bcb299, us2.smtp.mailhostbox.com | |
| vipkeylogger, 62c6436c72f6e31fe3598b4e79600f6262a5fcce63fe6a780e6644669f2b5e63, mail.norcalwholehousefans.com | |
| vipkeylogger, 64cd3410815c38b42b406a33697d44ac691ec2f3709ae429b2cc0c9555c4bc46, us2.smtp.mailhostbox.com | |
| vipkeylogger, 7e9b9833268dae6e33c83b582ec7fb353f0dc6514f869e3228f0effa161da00f, us2.smtp.mailhostbox.com | |
| vipkeylogger, 804cb8891f2829caf32366e9efbbeedd19eab55288ca94702d1c29ffded6d463, mail.aktagor-prom.by | |
| vipkeylogger, 924f984282e8cdcc20d74a26af3f94488c0a5a22c153dd6ed1f6b5e4deaac1f2, us2.smtp.mailhostbox.com | |
| vipkeylogger, a8c8535f49c3869518e9d62f95086e5ac36526ea61d4203aa8d2077d33ae9faa, https://api.telegram.org/bot8066712820 | |
| vipkeylogger, b30e339a7ecbbf9ea338c915cf1e3f8e6b6740b314ef1d08e38b1694e3446163, https://api.telegram.org/bot7761905719 | |
| vipkeylogger, b3d5e0501023486fe1f2af3ecd075b98710331cc60268eda247c3ee41ee072a4, us2.smtp.mailhostbox.com | |
| vipkeylogger, c024729558cdf11515cc4024d0f3118d8313a86c68d48846376c55b8ec97c0e4, us2.smtp.mailhostbox.com | |
| vipkeylogger, c3290e5cf7ebc77727f778129c3e235bbb23bdf2cc6136e4a442e7034da7abe5, us2.smtp.mailhostbox.com | |
| vipkeylogger, d67780a7f2fc2ded85c2ccdffdac398e9dac01759260536d61ef40744505ca91, us2.smtp.mailhostbox.com | |
| vipkeylogger, df43f86a6dd300e47ac8d57aeb24bb4037165fcbff954d91379773474e2481f2, us2.smtp.mailhostbox.com | |
| vipkeylogger, e47486f4fec646f2e17005349fa8ace874ed5ec254f12e7633691a4d19e9bc6d, mail.npmmachinery.com | |
| vipkeylogger, ece7de25d48e50e93d3d60f600a7676fe24a520916844f6826b4837ac8dd7ebc, us2.smtp.mailhostbox.com | |
| vipkeylogger, ee6993e7afbf9a039db981542c0250e22fcaa01434db911732851c9e52bb38b6, us2.smtp.mailhostbox.com | |
| xloader, 0198cc6636a1c05da00eb7457f498c6e1743fe0a9e3d50fc106621f862bf04dd, eniorshousing05.shop/a01d | |
| xloader, 10b78bea9f7acc71be5868fb39e4941c06ec08c4b0ea25b0957ec6b63fe37e20, nnovate.host/b02a | |
| xloader, 13459f962b92ab2171c46e7cec234141a47b4bdd3f101785bf4d2376121f3294, www.44756.pizza/a59t | |
| xloader, 19c20b84bd28cc534ea649747488dff45cb53539aaedc936ee2854f93cd6e368, eniorshousing05.shop/a01d | |
| xloader, 282a05d5e79cd8a8fecb470cdde28f483cc6fa7d70785f6e6e5e3de3dc39a979, www.rtphajar4d.art/o73p | |
| xloader, 28a65019d2736dd82fdb229c9e6f5ff053c25e095d118ae03359238f44ba22d7, coplus.market/a02d | |
| xloader, 2ded7ae6526b0a58dbeb50d575c13c84f76751f15a81ffb81d4a4d7f9d8539ce, www.menekankan.xyz/wohk | |
| xloader, 31e7559f21054aca8a1cd2287e322f22e03ac6cbc84e1265c8ac1a3367403989, coplus.market/a02d | |
| xloader, 339c521fe6235de8b0b912c9fffcad6cc2eab721902ac095bafa510d68868c97, oofing-jobs-74429.bond/a02d | |
| xloader, 36c3f143edb273d0d6cd6738e0357ddc19b86857de46871ba96bcb1a8256b1ac, nnovate.host/b02a | |
| xloader, 44c3fc308875ed0c6fcf4a10068e2790eb3397bb441b38ede833361312f74997, http://www.vibrantoul.life/pp15/ | |
| xloader, 44e897b05ea6fc3eff3b2db584a2817cab6ca6e81193396abd21d83ce72fffa5, nfluencer-marketing-13524.bond/a03d | |
| xloader, 467d77d35a6fc815ecbd60b0b320d7ca06e0f8a340c2c3285de4c0430517f8e7, oodchoices.xyz/b02a | |
| xloader, 4c9850cad6a1efce3f23362ff3f68fe5fee556e3e344e867f16ac821701e90ad, http://www.weilaishijie.xyz/y30e/ | |
| xloader, 4cdf02c1b083272780e0c67d4c31c728d79dcf3624752c659e6e7e401fd6df0e, www.enoughmoney.online/ttkm | |
| xloader, 4d49933551f01cc730f63fd290ecb61f4bfa880a0660f0ec7363e148ef85645a, nfluencer-marketing-13524.bond/a03d | |
| xloader, 51c1cf58f48a4cdad053a881d872925ec79a5a72f07d67a9b79bb13abaf636d3, www.aihuzhibo.net/rdtl | |
| xloader, 51f6f6e72cfb335f6e1d7936e91362c7993253ed665b772099327f90e5119682, coplus.market/a02d | |
| xloader, 52588fe73383ccdb5d715ecff941d1ae169a57d49deddcc8e3c06536f2c56795, www.enoughmoney.online/ttkm | |
| xloader, 5b8c940e7f96bb5a24df909430686b650f0067a8df045633f6d131ca65372ad6, www.promocao.info/zaz4 | |
| xloader, 5ce2f5a8a0b1ce232214fcbe96e0b3780e9409321d70fd1c0b33d22f23efb004, www.stellub.site/hp40 | |
| xloader, 65eec1c8b80867cf1ba83ea9b2dddb7d6704568f3a264200074599611f91b02f, www.44756.pizza//a59t | |
| xloader, 6f706398207b1fd3a00de5f859dc840cf8e100175fdabe260ebb96db5980f03c, nfluencer-marketing-13524.bond/a03d | |
| xloader, 73c0f45b365444e09376cbea6f71b5f877af98eec65f809a6b078f206a6d4430, coplus.market/a02d | |
| xloader, 75db64719f3225f1e42a86bb7cca56871f757076f81c42802e22a83629ac4fbb, http://www.shlomi.app/378r/ | |
| xloader, 79a83acd6e34d187228950510e8bdcb36f0d3cc6dd9d6d35d40d37651454c1a3, www.rtphajar4d.art/o73p | |
| xloader, 7a531101bc8522d52f45933945d6b8728ad7b7f3c9aaefd2d18742f8ec4000cb, nfluencer-marketing-13524.bond/a03d/ | |
| xloader, 7ea98bae6d7f0176c1ae6cecc9bfbc8611304fe007899d8d989425c7b13f3339, www.rtphajar4d.art/o73p | |
| xloader, 7f10867f8a37f96369cf305b122fa7f5fb3f61e0a98dc35d66a7206530557c1d, http://www.l87741.xyz/afna/ | |
| xloader, 8594ad5320778ada73fe6b8685babfb300f62b4d71bbde1814742132011fc27a, host=www.promocao.info/zaz4/ | |
| xloader, 8bd60c5add862eb634b15fad4020a9afcf8ed6f523485665c80044f90bc8b305, oofcarpenternearme-jp.xyz/a02d | |
| xloader, 8f41896e69d1f83408cf68e4d6fc56849a6ee6b86145e7cc68d6caed660ac582, eniorshousing05.shop/a01d | |
| xloader, 92beab1ebf4cb74018b11571a5db867c2ec9d7bb0231a93a898cc3b7799558eb, nfluencer-marketing-13524.bond/a03d | |
| xloader, 9410ad58ad07e9b3ed28bc9be7a567ed733e14ca0de9faa470cc7c200ddd917a, www.l87741.xyz/cp3l | |
| xloader, 94fbf90615b1baf84da26854c9c7b72115eaa12eb8392d898c7689f433980120, eniorshousing05.shop/a01d | |
| xloader, 9bf5d73a9924bd9e616336e200767e575569869d7d0ab959de9c7ebb37914dfc, subur88wap.sbs/3nop | |
| xloader, 9c6efdf85dc3cbbae08955a2d6e744f34c1f7148b60a92bc165503500bfcc53c, http://www.zenitlow.xyz/c6ro/ | |
| xloader, a117f2f0d37c6e467b308cb625140d64edab045f59a422c2c7ae671098a52748, www.grimbo.boats/kxtt | |
| xloader, a3af3dcfd89b655982b6e044b681b140dcefbe0606d69b0b7839b8cda28ccc91, eniorshousing05.shop/a01d | |
| xloader, acc906177a946e3e7fca9b9d962336e9e4d828297eb86761f610284f57fbf394, nfluencer-marketing-13524.bond/a03d | |
| xloader, ae7281168b47231a75898d1f8efddd33209a3a3842d35a683f88f323f7d55117, www.grimbo.boats/kxtt | |
| xloader, b022e4df0d9e6c8eeea122e642708a9d13b8a7e861a4d121e0c54e80a28a1cc4, www.promocao.info/zaz4 | |
| xloader, b225f4ef997754cc29f699ca3a8aa9aa1d39661d7c3dbc6f36a7c7a5bca235ab, nfluencer-marketing-13524.bond/a03d | |
| xloader, b73b18876f5bcefc703154fb97f8747b2e385ef0d494e4b7642a0a5879ffe260, rtfosters.net/a38m | |
| xloader, bcfeb4ec31e731899a0ddd0a608aa7ecbfbdbf37f4ac3810b275ba6905a1969b, nfluencer-marketing-13524.bond/a03d | |
| xloader, d0d2ac5af6ecfdf27de6c45ab86d521294350c5a64942cd15bb5d9a1ae23b0f1, oodchoices.xyz/b02a | |
| xloader, d2934dafa20010b814ef03d80e356d61ca23e54d1b6ec551d60bfe550c7dcd43, www.kx22368.shop/ca6n | |
| xloader, d559ba871d675e0176c7d49cc66baeab4f6d0f23215a883a5972c3cf7b7d0826, www.promocao.info/zaz4 | |
| xloader, da8f006e36cc66990a1a1f43539bebc73fc9531413ba2960180db55927552014, www.rtphajar4d.art/o73p | |
| xloader, e69d37275cc3b52a9d3a26f76073191ab8f59901781b5ef2859f33dee2252ddc, oofcarpenternearme-jp.xyz/a02d | |
| xloader, ea20978f89522f8e94225e2edc06a1e0c5dff2b81751963d17149716bab8a8f3, www.grimbo.boats/kxtt | |
| xloader, eca3e3a869dee81023d04034fdc14383bceb58d79aa4d5bc6b2f4378e4a01acb, www.jrcov55qgcxp5fwa.top/jpjz | |
| xloader, ee55e7f496b05d9bf98cc381e621483f549f9452d94d6ce32d4f3b59c67bec57, http://www.08081.pink/cmh0/ | |
| xloader, efd65e32b20afe5bd0541a097bb5f4e7f741875b2c65cab7f08c04a645ccdf6f, coplus.market/a02d | |
| xloader, f42de693aaae005ec4dcf3514621f8573b422f3a3ad1bb1af370acc7c5cba233, nfluencer-marketing-13524.bond/a03d | |
| [email protected] | |
| [email protected] | |
| f2241_dod | |
| [email protected] | |
| [email protected] | |
| [email protected] | |
| [email protected] |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment