↓
 

My Online Security

Keep yourself safe online

  • Home
  • Useful Information
    • How to protect yourself and tighten security
      • Phishing and Malware protection in your browser
      • Why you should set your folder options to “show known file types”
      • Login Directly Into Windows Without Entering a Username or Password
      • Using a standard User Account with high UAC settings in Windows
    • Malformed or infected word docs with embedded macro viruses
    • Embedded documents in PDF files that can easily infect you
    • The risks of Social Media
  • Site Information
    • About us
    • Privacy Policy
    • Terms and Conditions of use
  • Malware submission Form
Log in

Tag Archives: Azorult

Making it Bleeding Obvious

My Online Security Posted on 5 February 2019 8:46 am by Myonlinesecurity5 February 2019 8:46 am  

Some days we have lots of problems trying to decide what malware is being delivered. Today is an exception. The bad actor has made it bleeding obvious by his use of the file names & url paths. I suppose this semi-clueless Skiddie has purchased an off the shelf exploit kit and either can’t read instructions or doesn’t care enough to change the file names & url paths. So we definitely have Pony and probably an Azorult control panel. They are using email addresses and subjects that will scare or entice a user to read the email and open the attachment. A … Continue reading →

Posted in macro virus, Malware, Scam, Spam | Tagged Azorult, fareit, Macro, malware, pony, quotation | Leave a reply

Fake Fax message email delivers Azorult trojan

My Online Security Posted on 18 November 2018 9:12 am by Myonlinesecurity18 November 2018 9:12 am  
Extracted fake Fax zip file when hide file extensions is set

An email with the subject of Fax Message ID: 8118 896 972 coming from Hunt Sharon <kekhang@kekhang.hu>  with  a zip attachment containing 2 files arrived to an email address on my server yesterday. This malware attack is slightly unusual and I don’t think very effective. However it is very interesting. When you open the zip file, you see 2 files inside it: A word doc named Fax_ID_45436426.doc that appears to be password protected and a .js file called Password. Now when you have Windows set to its stupidly set, dumbded down, default state of do not show file extensions you see this on … Continue reading →

Posted in Malware, Spam | Tagged Azorult, fax, javascript, malware | Leave a reply

False Invoice Due email with password protected attachment delivers malware

My Online Security Posted on 17 August 2018 6:25 am by Myonlinesecurity17 August 2018 6:25 am  

This generic email with the subject of “Invoice Due”  coming from  help@simplexhealthcare.info with a malicious password protected word doc attachment  does eventually deliver some sort of malware. Recently password protected word docs have been delivering some sort of Ransomware frequently Hermes Ransomware via Azorult intermediate download. This is probably Azorult on the first stage, based on the file name azo.exe but I can’t see any encryption happening using the online sandboxes. It probably is Hermes ransomware based on the file names. These criminals don’t tend to be very original. The details in this campaign do match the details shown in this … Continue reading →

Posted in macro virus, Malware, Ransomware, Scam, Spam | Tagged Azorult, Hermes Ransomware, invoice, Macro, malware, Password protected word docs, Ransomware, scam, spam, word | Leave a reply




Search this Site

Have you found something bad or suspicious? Do your bit to help!

Report malicious links to:
  •  Google report malware Safebrowsing
Report phishing links to:
  •  Phishtank
  • Google Safebrowsing
  • Netcraft Anti-Phishing
  • ESET Anti-Phishing
  • Gdata
  • Action Fraud
Find What Ransomware:
  • ID Ransomware

Follow me on Twitter

My Tweets

Subscribe to Blog via Email

Enter your email address to subscribe to this blog and receive notifications of new posts by email.

Join 14,125 other subscribers.

Has Ransomware or other malware got past your AntiVirus

  • Have you been attacked and compromised by Ransomware or other malware?
  • Is your existing Antivirus slow, annoying and not very effective?

Try Emsisoft Anti Malware for extremely good protection from Ransomware and other threats

Emsisift Anti-Malware
* This is an affiliate link, I receive a small commission for purchases made. I honestly recommend Emsisoft and use their products even without this affiliation.

 

If you have been infected by any malware try the Emsisoft Emergency Repair Kit
Emsisoft Emergency Repair Kit

Archives

Categories

useful links

  • Action Fraud
  • Dynamoo's Blog
  • Eset Online Scanner
  • Graham Cluley
  • HPHosts
  • Kaspersky security news
  • Krebs on Security
  • malwareBytes Blog
  • Microsoft Security page
  • Security Garden
  • System Lookup
  • Tech Support Guy
  • Techhelp list
  • We Live Security, ESET blog

Admin

  • Log in
  • Entries RSS
  • Comments RSS
  • WordPress.org
Contact: security@myonlinesecurity.co.uk | Most screenshots in blog posts have been created using SnagIt Screen Capture Software
©2019 - My Online Security - Weaver Xtreme ThemePrivacy Policy
↑
This website uses cookies to improve your experience. We'll assume you're ok with this, but you can opt-out if you wish.Accept Reject Read More