Last active
April 11, 2025 13:41
-
-
Save silence-is-best/70f69b4a412b14c16e6fe9a29c82630a to your computer and use it in GitHub Desktop.
March Malspam Campaigns
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Date,Details,Email Payload Type,Users Targeted | |
| 3/1/2025,???? 2024/193; rar -> vipkeylogger,Attachment,8 | |
| 3/2/2025,Re: payment receipt; z -> vipkeylogger,Attachment,4 | |
| 3/2/2025,price quotation / new order CT-2501; z -> vipkeylogger,Attachment,4 | |
| 3/3/2025,Wire transfer; gz -> dbatloader,Attachment,2 | |
| 3/4/2025,Attachment name is hbl asnlru-20241001 & 20241002.zip; zip -> snakekeylogger,Attachment,5 | |
| 3/4/2025,Attachment name is payment receipt (po #1437) 1_ payment receipt (po #1437) 2.pdf.z; z -> lokibot,Attachment,4 | |
| 3/5/2025,RE: A PROFORMA INVOICE REQUEST FOR YOUR TODAY'S IMMEDIATE PAYMENT !!; zip -> snakekeylogger,Attachment,3 | |
| 3/5/2025,OOCL Arrival Notice At Final Destination: OOLU40541039482 | COSCO TAIWAN - 026E; zip -> originlogger,Attachment,3 | |
| 3/5/2025,RE: New order supply; rar -> xloader,Attachment,2 | |
| 3/6/2025,Re: DHL Notice of Arrival for AWB#20248791029; arj(rar); -> xloader,Attachment,2 | |
| 3/6/2025,Re: Payment invoice; library-ms -> asyncrat,Attachment,19 | |
| 3/8/2025,Updated Price List for 2025 Business; zip -> xloader,Attachment,2 | |
| 3/12/2025,New Quote; txz -> modiloader -> remcos,Attachment,3 | |
| 3/17/2025,Pre inventory list; tbz -> xloader,Attachment,6 | |
| 3/17/2025,FWD: 70% Transaction receipt; tbz -> xloader,Attachment,6 | |
| 3/17/2025,Attn: Open the sexy clips when you are alone; rar -> xloader,Attachment,8 | |
| 3/18/2025,Payment Advice - Advice; r09 -> snakekeylogger,Attachment,2 | |
| 3/24/2025,Price Inquiry (PO 211436); z -> vipkeylogger,Attachment,8 | |
| 3/24/2025,Payment 6273416981; bz2 -> originlogger,Attachment,2 | |
| 3/27/2025,Purchase Order No. TPE-PO-03-25-06460; rar -> vipkeylogger,Attachment,9 | |
| 3/30/2025,Attachment name is shipment doc_bill of lading.pdf.z.rar; rar -> vipkeylogger,Attachment,4 | |
| 3/31/2025,Attachment name is inquiry n. f-1676.25.pdf.z; -> vipkeylogger,Attachment,4 | |
| darkcloud, 60e7008e14d5a964504ea568d4626d32a20f2e68323c04b2eade9e7f1c054463, mail.boltonblinds.com | |
| guloader-vipkeylogger, 171899b7a9f3de492f097370a50d44724293a3a5bb9f878a01c648909cf0c11b, https://api.telegram.org/bot7040312407 | |
| guloader-xworm, c631b3586ae88b9952c7541fbc6d490f9906b870fc12397a8c7bb84e07eab6cd, 135.148.3.78:7001 | |
| lokibot, 92e6e90dd6fb4cd89fa077cde338876ccab7aea58cd213838be250ed83eb0247, http://touxzw.ir/fix/five/fre.php | |
| modiloder-remcos, 2eff33b0a978657dd00079c468ac2eef817b4e3f9c19fa442b5a4cf3afd34ab6, 192.227.246.70 | |
| originlogger, 0877b04273e885323c7e6485e348e39e92157343a4991ffcf7619128040b0f5a, mail.azmaplast.com | |
| originlogger, 143c0a3eb39da23c81043a3c1ef0a7e83321b467e2bb6f55102c87277f8fc79e, ftp.rvoccte.com | |
| originlogger, 1449295a7bc4cd9e8f68f0c12ecc3254afb9804785f18eb4cedcc9020bf77c8b, cp8nl.hyperhost.ua | |
| originlogger, 450dbd2f1a47625250fd1fd98b10dd5136a9088894aa04cf259bc25b7afcf40a, ftp://ftp.fosna.net | |
| originlogger, 73f84a24ad71c8218e35c8e832888d45a6595130d6aeae18ccd035f90cc91172, mail.azmaplast.com | |
| originlogger, 9844bc2feea19d53abd61aa595b1e0bad7bc4eec0b62445ee49ce978fc276f78, ftp://ftp.fosna.net | |
| originlogger, 9e29c46fe3ffdfa89ad5e40f134d6bf9460589a33ac36d200e8f25e716bde2dd, ftp://ftp.fosna.net | |
| originlogger, b264cf00761ea67d6c6e881988ba91d436aa801a778d2f640629542a4289f80c, mail.azmaplast.com | |
| originlogger, d5b49d6ed00ac319705490c3ee54d911875669f90f80f5b131e49acd9ea6b0e2, s4.serv00.com | |
| originlogger, fb247f5397ba1b2d9328d1acc2fd322181a91ced1953853abb41718dc21198ae, 162.254.34.31 | |
| remcos, a8c3857a246e30062a32ecc8d556967c9ff5ae01abfcee9082b50e8781b5db48, odumagamba.duckdns.org:47666 | |
| snakekeylogger, 0231d2d9b4bc4935dd4eed396ec39b0a6ed73bf239ccb2a049424175e42b42ce, https://api.telegram.org/bot7895118317 | |
| snakekeylogger, 0e5a768a611a4d0ed7cb984b2ee790ad419c6ce0be68c341a2d4f64c531d8122, mail.tonicables.top | |
| snakekeylogger, 0f509d4c022c142dd43f6cdf4b3a23196a5ce9eac448a7540e9e8ad709de6ce2, https://api.telegram.org/bot8147359814 | |
| snakekeylogger, 1598289ccbe1d7fd3cf803b3ec510df46a80f09d5d688538dc59876b1cf40a9a, https://api.telegram.org/bot7341566981 | |
| snakekeylogger, 1827dfee3f5db9c0924437ebc91434d916f36f7ed1be8b643d2df2fb9d7e07db, us2.smtp.mailhostbox.com | |
| snakekeylogger, 1d195fc76fbc246d74cc3b4da5020bd9adb1b03be3dd62c3d982d4d5cc1103f8, https://api.telegram.org/bot7899582317 | |
| snakekeylogger, 202dcbf549ca1e1b73dc53710405cd39b4904467f879d9219ee041e9d52946d5, https://api.telegram.org/bot8152393919 | |
| snakekeylogger, 28d9e03d159db1b214e2b5e2e4fae6ebe3b38edce8c87bb3d9dcd54d34961891, us2.smtp.mailhostbox.com | |
| snakekeylogger, 2a55ad3e88306641e6aa9b88c840b384bafe103445c5c5f44cf1f4c1648c894f, mail.bouttases.fr | |
| snakekeylogger, 3c7f61519b46af007450df7ef19b49df3a8b60d0b7c4fd82112068994262be6e, mail.bouttases.fr | |
| snakekeylogger, 43958be574c6a890961e38fa91710b15261d9b388d08c2b899219886f2ab710d, webmail.designhubconsult.com | |
| snakekeylogger, 566100e8280a66cd7a4a6bb2befb399f9c0bedb1206a34103f34d9572ffb5121, https://api.telegram.org/bot7570158401 | |
| snakekeylogger, 568ed2f1c14bb07e19ea22e96ad3ba077561c312438f4548c79052df64cafc3a, mail.bouttases.fr | |
| snakekeylogger, 5983574025dcd5b8f185e68bf5314c2a4b59179ccc70df2e869c2c7807609223, https://api.telegram.org/bot7570158401 | |
| snakekeylogger, 6120349c01067dc971adef59b218b5842cf05b5841d6fd21510616f3535a56e9, mail.worldsky-logistic.com | |
| snakekeylogger, 6835f7bd3e098d471ddbfb311c51cdc99b244bfc572d5136fdb15eccf959a143, mail.mzgold.ir | |
| snakekeylogger, 98582996057c7dd314303f6119b6d34d03eaab62f53abe5487b64e9d8c9ac5d1, https://api.telegram.org/bot8152393919 | |
| snakekeylogger, 998ecbd6fa2654f86d0daa5fb0edfb63a8a6b19b4469d04dd2b4eb27e34ecd86, mail.mzgold.ir | |
| snakekeylogger, 9d09d34561d6de1f32ed4af12280fbddb2ab7864cedfdf7197ee269bfc7bd321, https://api.telegram.org/bot7899582317 | |
| snakekeylogger, a003b17d8065d71e25b3c612567713e67c54db3dd339e0e4a2e0aa5ffc836094, us2.smtp.mailhostbox.com | |
| snakekeylogger, a8c8e3adb2bef3f30d34591b2fe6a42d53038d9773938e6fa0a7b4f8b90e9f37, https://api.telegram.org/bot8055495510 | |
| snakekeylogger, bdb382389eefc500306dbec15a700729461619bfe143a4f3b3e3d590e4f575c7, https://api.telegram.org/bot7624982458 | |
| snakekeylogger, c0ec3ef1e22468d717bce638160e22bed6bad4a5c3b59e0aad27bf8c14dbda82, us2.smtp.mailhostbox.com | |
| snakekeylogger, cc4a4ef07f3bd645e83b6ab9b1b0966b7b8bc76f9327b244eadd5ee39f7a081d, https://api.telegram.org/bot5227573794 | |
| snakekeylogger, d6f09ba12672ac752d39a066a803df80ff964342d5235701d22d1cb2ddc7cda4, api.telegram.org/bot5227573794 | |
| snakekeylogger, ea0c32eb1b07b604286393d15aae41903485f8b1d4f2ab0d77f151323ec41b14, https://api.telegram.org/bot7785850878 | |
| snakekeylogger, f2204233cd8e2c7590c07fb3d468c25dfa7a31597d650352f352be21ac652ead, https://api.telegram.org/bot7090278007 | |
| snakekeylogger, f529e6efd5225df558fcde232bcc3ebd0fababcf80c44b200fb847e2448d5e1f, https://api.telegram.org/bot7785850878 | |
| snakekeylogger, fbb23eda9bc927cc72810831dde3e28ef4baffddc7f28ee016c1e6ccc133a275, mail.bouttases.fr | |
| snakekeylogger, fc49789a6bf991fbb9b3abfc8bcb3f648faea56874f0ecfcf66587c1ca746133, https://api.telegram.org/bot5227573794 | |
| snakekeylogger, fcaced686feba6d013cb3ba8b56992c3c16279b0eab884a15422848e46fccfc3, https://api.telegram.org/bot7090278007 | |
| vipkeylogger, 0d53038edfae7a4ff9c96ade284680a5a46c5958942262357c89f0740ad02458, mail.steadfastlogistics.in | |
| vipkeylogger, 1792b62467af9326272e0190ddd1e22c6217f23637ab47b9fbe0098ca3800c6d, mail.steadfastlogistics.in | |
| vipkeylogger, 27ac9f0dba8d7595be661d32a76830765f142319adb047a4bdf88842023e1eb7, https://api.telegram.org/bot7688589725 | |
| vipkeylogger, 2b4b87faf461d7fc3d1ca3344b9a5d0b52c98a63ef59ff5d53d9d9620cae98d4, https://api.telegram.org/bot7699178513 | |
| vipkeylogger, 2e233b4f99a6585ffc9423a418d4e5ebdfc46f1b4a50219a089c3d2285196e52, https://api.telegram.org/bot8194220836 | |
| vipkeylogger, 3d0bde2ca612434dfe1d424746fab484722f8e7cfae3cb47727815c15c7dee4a, smtp.cashmonni.com | |
| vipkeylogger, 3d2fedd2f28e48f4f2088037c85d52fa9fdfcdf94f5352450d7525221766648e, us2.smtp.mailhostbox.com | |
| vipkeylogger, 45058c52a1b3c9a5755be5783f3ceadec45cf9543e8ce0e2ce353f51cfc92a5b, smtp.cashmonni.com | |
| vipkeylogger, 4cb4dc0c1b0192fa850b3619a61e0724f5350a0de6d2077660322e19e4cfcff9, us2.smtp.mailhostbox.com | |
| vipkeylogger, 75e20fd451e3a81f7037d4e170300652d587412c3a811f87e9369e1a0fd00c43, https://api.telegram.org/bot7880695616 | |
| vipkeylogger, 858b05871417e4a87e4a6019beb128a9f6f924fc7a21ee24b5d6438dc1ebf3e8, https://api.telegram.org/bot7880695616 | |
| vipkeylogger, 867af082ab5f5e7468aab5bca97063c60877f44c2d39c0ad02f1a1e721c92260, mail.steadfastlogistics.in | |
| vipkeylogger, 8d4e282e2b9e5122ffb797a2d661a24e4ed8db6d42e64f7d24a545ee3e3678c0, https://api.telegram.org/bot7654725780 | |
| vipkeylogger, 8e4108d867c054d193cca6c2f9fcfa7288d7a1b9e6ac9e41ae60cfd15b1e0572, mail.steadfastlogistics.in | |
| vipkeylogger, 90ce5b85703d579348045ee2ca8267c064911fc1243878a67144cc5970305b15, https://api.telegram.org/bot7688589725 | |
| vipkeylogger, 97cd0ef04e9ffc2a234f4cea07e7b5309d60616983fa3970fedd3ac9da88a7a4, smtp.cashmonni.com | |
| vipkeylogger, a29feb5a19c2eb1dd0a09402eabca6d9a721c4f46e5f1ec013e36ee3069e0f3d, mail.steadfastlogistics.in | |
| vipkeylogger, ab68d4e831745aa5364ad14203a0a9669a5362913b09263eb4e06681f62007c5, mail.steadfastlogistics.in | |
| vipkeylogger, afac29b0653d3d3db1e6b889528414f799b919f8b8a984759bcd55d06dbd9137, https://api.telegram.org/bot7699178513 | |
| vipkeylogger, b4b3229c84109fb4ba68c65a10716945a8e1fde1a119b8a0788c414c43414c45, webmail.groupscrea.com | |
| vipkeylogger, c377d9c6553832c3b822cfa3db9a99634e3fb00c0c84bc07e7de7b0899164e68, https://api.telegram.org/bot8031910269 | |
| vipkeylogger, dd0ea32d37cbf879bb0e5d38a454650a32817df7e7df1dc1a13ade087e694b5d, mail.adtarchitets.com | |
| xloader, 0aade5a390c3f8e5fef65f6070f598b9b0baf0abec9787d8fa7f430b28593e68, http://www.031235045.xyz/k3cc | |
| xloader, 1a5d14c701d5d786f3940993cb3be259d29dae73e5af588d2acf439b40facd0e, ladproductreviews.shopmy18 | |
| xloader, 207ae4e29a4da7005e261b3da6c743e5e878ad53187d1b50068496a39d0aa137, www.777assistant.xyz/s1k7 | |
| xloader, 22d92af6c8a273dc5a9e69e37ccfb5ffe6e7d7f0c7a46ee6b9f7e5cb34402128, ukv3.online/mg63 | |
| xloader, 2dbc649f56dbbc3bc0b958929fd993b6a0dc60513c9cf95c9e577bc71534031c, cicotte.shop/my18 | |
| xloader, 314f23161204ff902b14e18a85daa205c6a756dbe263c77af6eea2b777534ca8, www.anyang-590303492.click/fqr5 | |
| xloader, 32e7f235e8984eb5c256274003623b080eff219af52c266d1e87c5247f1c13ca, http://www.playav.mobi/6rrl/ | |
| xloader, 3a150034f743320c85c890a29755032d9f850d0da9848c7a96c63bd2690e3495, http://www.hellosweetie.net/e7k4/ | |
| xloader, 3bef08b46892e9c54a56910287894fb232910b8cb3ff20a65dd414156b8ecc3a, www.dualbitcoin.xyz/blz0 | |
| xloader, 3f616f7935f4c97239699196e64056b45be53e73d02a0b70e482c886e3a13965, ladproductreviews.shop/my18 | |
| xloader, 3f6f83bb975f8b3c8ad23b715569cb2ebac4cee81f88c80262f624cc59de4e0d, www.cjokfbvd.net/vslr | |
| xloader, 40a02794b61fb32fcad4b270141967d6ed82253085ba80599c2e6559679d0a00, http://www.madebyveronika.art/0plp/ | |
| xloader, 4232371b8118e24cd64ca0d0d75d490506da032a2cc5ad6302fdbb1874549eb4, http://www.kedutaan.xyz/uzoe/ | |
| xloader, 4499c00b92a2830d6b775fc8c833a661f646272881c6b2229e38ba238d3fb36b, ukv3.online/mg63 | |
| xloader, 492a81335095e6e593954df9c0248e1bb9b992f7b6fc3b0c07d405d86cdabb8e, www.progressreport.sbs/shhk | |
| xloader, 52eb6516d6851a1f228abaa42737d19bb97d2aa8f62d92f81f501dd43eb14d1a, ladproductreviews.shopmy18 | |
| xloader, 54902efb04a961959a6ac354c9c54fa1cd59172ae5f713c3a0bfa30448217af3, cicotte.shop/my18 | |
| xloader, 575398c7fc2c460fbfba428791f2cd100f9699d6c16d6b3e200ae2fe8cb63e96, www.mslgdkor.xyz/v65o | |
| xloader, 5db99b1623132fa31c9958fd3ac6231649d543b8a0ead176d1e854560af1d4f4, http://www.superlog.net/hhjx/ | |
| xloader, 5df3cc983cea806c5bda3747bce97f051997d14cf692f2128fb2ad575e56f049, ukv3.online/mg63 | |
| xloader, 6654e909452d713f3f51aa800e0633bbc63e859bb3f63f5c833273e516f1c3d3, ladproductreviews.shop/my18 | |
| xloader, 68eeebf088677c025da067485a8448bfa38f4b13c61e5e2c2ed717701df74222, ukv3.online/mg63 | |
| xloader, 6f8e85f3704f0179d0854b1c278784441b0e555f6cbbd7af19a677afaefef004, ladproductreviews.shop/my18 | |
| xloader, 77295a1c2d8172b2a2eb3f5f20a2880c168dd10f01830227e4f9ae6d4a5c9a19, nfluencer-marketing-13524.bond/a03d | |
| xloader, 7948d6bc00bb389e09c76ae4428fea70cbca1a58eacdf98295faba9d1b1b34be, http://www.vaishnavi.xyz/lfjm/ | |
| xloader, 7c255e1da5023e24d8932926c2bef9335a210eae149d1e5236c92c9b5c89e9bc, cicotte.shop/my18 | |
| xloader, 87723c1d0c921c43c3e6c8128624e2e473782ee165a964ab675286da78dad694, cicotte.shop/my18 | |
| xloader, 8bfeb9063f966fbd361b6b239d6e61d882a0c835ba83ec50ac65c5f5925ca76f, http://www.garan.shop/wys7 | |
| xloader, a128cac179ca257c86a410cc655eca39eb8dfc239f6716ff4d4dc03ee96127f4, http://www.031232899.xyz/do0s/ | |
| xloader, a779cf3623ccd0238d0b5d3f01dcc911e1538a1c0a656442234b4c3335453607, nfluencer-marketing-13524.bond/a03d | |
| xloader, abbf3ca6ba1cfc464fec6b4b7e448218d424747c1ed35af22972efe9a32a984c, http://www.superlog.net/hhjx/ | |
| xloader, b351ba351fe5a38cceb3dab65e81ef7c3267f16da67681c9f61a22809878eb67, www.podnimi.online/s0zb | |
| xloader, b3843932843d3f7defdd4d53b3a84adb76ad53a4c8b6dee866a88f3e3d2b1d95, http://www.vaishnavi.xyz/h7uj/ | |
| xloader, b50f7a9f1d86f988e480374a6f2bf9a9ed5773db6b2a6e84c4713748ec7a1271, llink.netbopi | |
| xloader, b81f074c11d54ccc1947cbe1c42fbbb9cbc338c7bbd18d7ca2e6903755d3126f, http://www.quo1ybjmkhdqljoz.top/rtzx/ | |
| xloader, b96b39428f0eeea593f2b68faa42e478b315b4e80f937662f5520e98a1ba0f0c, cicotte.shop/my18 | |
| xloader, bd211d6a43f210cdd04cef6132c53362a79d7859570266a37655aafc574415c9, ukv3.online/mg63 | |
| xloader, c138dcce995bcb87de5c31ef500b0d24e10cc7971ca94cef4821486d86159d2d, www.eternal.house/4q9j | |
| xloader, c25af148d844a284434907e6a60abe904c462fa48fb7fa4ea145a435ab106afa, http://www.vaishnavi.xyz/h7uj/ | |
| xloader, c6cb4c060744e0d85eef881dd7e4a1095acc65e73bf672d78301b0c93164a3ea, http://www.gellyhall.shop/t7bc | |
| xloader, c991a3ee832bc707306f68c46786afc17de14163f8d3c757516bac9953ad6f3b, http://www.duxrib.xyz/a03d/ | |
| xloader, cea7de59cf54019d818a1a1622e0dd0a28693a61f03b8a5d5d9f21b8ef0d451f, http://www.mayaheenterprise.shop/xzl0 | |
| xloader, cea7de59cf54019d818a1a1622e0dd0a28693a61f03b8a5d5d9f21b8ef0d451f, http://www.mayaheenterprise.shop/xzl0/ | |
| xloader, d0387872c43a63fc0a157c84edc3a99abde2af204ba4f25969209ce38d7ed15f, ladproductreviews.shopmy18 | |
| xloader, d30a1c8e49151c602211ce4919f9fbe8ab2011a48b889c99bc5cef3716db4826, ukv3.online/mg63 | |
| xloader, d81cdc05bbdfb91fc71ba23c937f0d41525948a651cad091d7248c324c78a7fe, http://www.boldove.website/q63r/ | |
| xloader, d8c0f4739b6a46ee8c46a6af4622158b9a866b6eabd1dd6a88228856520b714d, ladproductreviews.shopmy18 | |
| xloader, db67f7640e0c5ac641b498a1cc142c99b30ab551f8e07f4eebe65af5b7059cef, http://www.hellosweetie.net/e7k4/ | |
| xloader, ee888cbdcfea8296d9a839157d62b73229bf06f0446567b529867181bb807a77, ukv3.online/mg63 | |
| xloader, f2d754008958e2c90dbac5f60958e0add5403563e51f5414599d35f88cd0db2b, ladproductreviews.shop/my18 | |
| xloader, f38a008406f2bca311aa8014976f27669d52d494286f3dbc1dd10259f8382324, ladproductreviews.shop/my18 | |
| xloader, f53311af739ec974405d290baaf24e14f06f6ebd9176bc716fee384777907b34, www.loonerverse.app/wuv4 | |
| xloader, f5bf548a92e16ade13e22e9def6ba5bc424c9ff797570e5992b615d9adce311c, ladproductreviews.shop/my18 | |
| xloader, f9f4df8b0dec45180e507d5fb6fdfd852823cbbad16cd662950d0b748a6baff0, ladproductreviews.shop/my18 | |
| xloader, fb171513b327007051a9d8f18b06c92bbf33577034060dc0a725a57eba5c03a0, ladproductreviews.shopmy18 | |
| xworm, 212aec982ca4346c020f3e809c0a9d4f740ccec80df8d335690eded8d6de0921, bin12.ydns.eu:4050 | |
| xworm, 37cc05f717c3a3adf6da31e0f45847f4948f56bb44dca171f8532d4ca6e0ff95, evolution007.hopto.org:7789 | |
| [email protected] | |
| [email protected] | |
| [email protected] | |
| f2241_dod | |
| [email protected] | |
| [email protected] | |
| [email protected] | |
| [email protected] | |
| [email protected] | |
| [email protected] |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment