Dynamoo's Blog

This spam leads to Locky ransomware: From     rosalyn.gregory@gmail.com Date     Thu, 29 Sep 2016 21:07:46 +0800 Subject     Receipt ...

The attachment on this spam email leads to Locky ransomware: From : "Ambrose Clements" Subject : Temporarily blocked Date : T...

This spam leads to Locky ransomware. The sample I have seen have no body text, but have subjects in the format:  Bill for documents 3156...

This appears to be some sort of exploit kit leveraging hacked sites, for example: [donotclick] franchidiscarpa[.]com/index.php --> [...

It's one of those day where I haven't been able to look at Lock much, but here is some analysis of download locations from my usua...

This fake scanned document leads to Locky ransomware: Subject :     Attached:Scan(70) From :     Zelma (Zelma937@victimdomain.tld) To :...

This customer of OVH appears to be registered with fake details, and are distributing malware via a block at 178.33.217.64/28 . Currently,...

This spam has a malicious attachment leading to Locky ransomware: From :    Loretta Gilmore Date :    20 September 2016 at 08:31 Subj...

This fake financial spam has a malicious attachment that leads to Locky ransomware. Subject :     Order: 28112610/00 - Your ref.: 89403...

This spam has a malicious attachment: From :    Marla Campbell Date :    19 September 2016 at 09:09 Subject :    Express Parcel servi...

I haven't had a chance to look at Locky today, but here are the current campaign download locations (thanks to my usual source).. 1e...

This type of binary options scam spam comes in waves every so often: Subject :     Welcoming speech From :     jeffriesvx@mail2nancy.c...

These domains are part of a cluster, some of with are serving the EITEST RIG exploit kit (similar to that described here ). They all share...

This fake financial spam leads to Locky ransomware: Subject :     Tax invoice From :     Kris Allison (Allison.5326@resorts.com.mx) D...

This fake financial spam leads to Locky ransomware: From :    Lauri Gibbs Date :    12 September 2016 at 15:11 Subject :    Budget re...

This fake financial spam leads to malware: From :    Ignacio le neve Date :    9 September 2016 at 10:31 Subject :    Order Confirmat...

This spam appears to come from within the victim's own domain, it has a malicious attachment. The telephone number referred to will va...

This fake financial spam leads to malware: Subject :     Agreement form From :     Marlin Gibson Date :     Wednesday, 7 September 20...

This fake financial spam has a malicious attachment: From :    Tamika Good Date :    5 September 2016 at 08:43 Subject :    Credit car...

This spam has a malicious attachment: Subject :     old office facilities From :     Kimberly Snow (Snow.741@niqueladosbestreu.com) D...