Info collector

Archive for January 19th, 2017

Malware spam: “The Insolvency Service” / “Investigations Inquiry Notification” / chucktowncheckin.com / chapelnash.com

By on January 19, 2017 in Latest SPAM

This malware spam in unusual in many respects. The payload may be some sort of ransomware [UPDATE: this appears to be Cerber]. From: The Insolvency Service [mailto:service@chucktowncheckin.com] Sent: 19 January 2017 12:22 Subject: EGY 318NHAR12 – Investigations Inquiry Notification Company Investigations Inquiry Informing You that we have received appeal regarding your company which

Continue Reading »

61kx.uk-insolvencydirect.com (2017/01/19_13:05)

By on January 19, 2017 in Malware Domains

Host: 61kx.uk-insolvencydirect.com/sending_data/in_cgi/bbwp/cases/Inquiry.php, IP address: 35.166.113.223, ASN: 16509, Country: US, Description: leads to ransomware

Continue Reading »

daralasnan.com (2017/01/19_13:05)

By on January 19, 2017 in Malware Domains

Host: daralasnan.com/wp-content/plugins/mkazaqbya/vmywyvz4.php, IP address: 166.62.12.1, ASN: 26496, Country: US, Description: leads to ransomware

Continue Reading »

www.studiolegaleabbruzzese.com (2017/01/19_13:05)

By on January 19, 2017 in Malware Domains

Host: www.studiolegaleabbruzzese.com/wp-content/plugins/urxwhbnw3ez/flight_4832.pdf, IP address: 62.149.142.206, ASN: 31034, Country: IT, Description: ransomware

Continue Reading »

raneevahijab.id (2017/01/19_13:05)

By on January 19, 2017 in Malware Domains

Host: raneevahijab.id/adnin/box/workspace/, IP address: 103.24.13.91, ASN: 132644, Country: ID, Description: phishing site

Continue Reading »

Top