

Rewterz Threat Alert – Three Phishing Campaigns Dropping the Emotet Malware – IoCs
March 8, 2019
Rewterz Threat Alert – Chase Themed Phishing Campaign
March 8, 2019
Rewterz Threat Alert – Three Phishing Campaigns Dropping the Emotet Malware – IoCs
March 8, 2019
Rewterz Threat Alert – Chase Themed Phishing Campaign
March 8, 2019Severity
Medium
Analysis Summary
Shipping themed Malspam campaign has been observed, dropping malicious files. Threat Indicators are given below.
Indicators of Compromise
IP(s) / Hostname(s) | 5.62.58[.]215 105.112.98[.]11 91.192.100[.]54 |
URLs | divinevilla.hopto[.]org |
Filename | opr sadesfc[.]lzh |
Email Address | tmalone[@]americanbuildsupply[.]com melissa.wooling[@]fairwayfreight[.]com compras[@]globalpremiumbrands[.]com |
Malware Hash (MD5/SHA1/SH256) | 9dec9ead4a957458af86db6ca89ddeec 75efc609d8d8b54fef19782e0bc68270 |
Remediation
Block the threat indicators at their respective controls.
Do not follow links or download files attached in unexpected emails.