Email address accounts known to have been involved in the campaign include:
anewone@criptext.com
alexane50@protonmail.com
darkness_su@protonmail.ch
Sample MD5s known to have been communicating with one of the domains include:
adcbf2ea5a9709b455fd2baf002b81ef
1aa2388ec405059bc27b177001c3b096
Sample domain portfolio includes:
hxxp://bluewavebookings.com
hxxp://ansonfamily.us
hxxp://successfullfreedom.us
hxxp://aquaworldmarine.com
hxxp://buycomplete1.com
hxxp://gqali.com
hxxp://clementmunns.com
hxxp://corp-gems.com
hxxp://be-liberty.com
hxxp://obey.su
hxxp://feltoninteractive.com
hxxp://skyrocketadv.com
hxxp://e-commt.net
hxxp://catalystechnologies.com
hxxp://bpoval.com
hxxp://darkness.su
hxxp://tananashvili.com
hxxp://axcelsp.com
hxxp://clickforsupport.us
hxxp://crunchycrew.com
hxxp://enuniq.com
hxxp://gotots.us
hxxp://bestmailonline.com
hxxp://germandise.com
hxxp://gldt.net
hxxp://sethyoufree.tv
hxxp://jy-partners.com
hxxp://iohex.com
hxxp://brit.tw
No comments:
Post a Comment