Dealing with an interesting Snowshoe Exploiter. All US IP addresses;
and more controlled instead of the usual "Brazil Blast" that I see down
here.
The body always contains:
The important information for you. See the attachment to the email.
It carries a payload that is always named "request.zip". Probably
IcedID or Konni malware.
Just FYI,
-- Jared Hall
and more controlled instead of the usual "Brazil Blast" that I see down
here.
The body always contains:
The important information for you. See the attachment to the email.
It carries a payload that is always named "request.zip". Probably
IcedID or Konni malware.
Just FYI,
-- Jared Hall