MalwareBazaar Database

abuse_ch

Malspam distributing unidentified malware:

HELO: mtk1.illnp.com
Sending IP: 45.95.171.171
From: DHL Express | United States <noreply@dhl.com>
Subject: [Shipment#US0271938432] Your shipment needs Urgent Attention!
Attachment: DHL SHIPMENT 0942002 VDATA FORM UPDATE.IMG (contains "DHL SHIPMENT #0942002 VDATA FORM UPDATE.exe")

Unknown RAT C2:
mitty1.freemyip.com:1996 (91.193.75.54)

Hosted on nVpn:

% Information related to '91.193.75.0 - 91.193.75.255'

% Abuse contact for '91.193.75.0 - 91.193.75.255' is 'abuse@privacyfirst.sh'

inetnum: 91.193.75.0 - 91.193.75.255
remarks: This prefix is assigned to The PRIVACYFIRST Project, which
remarks: operates infrastructure jointly used by various VPN service
remarks: providers. We have a very strong focus on privacy and freedom.
remarks: In case of abuse, we encourage all international law enforcement
remarks: agencies to get in touch with our abuse contact. Due to the fact
remarks: that we keep no logs of user activities and only share data when
remarks: it is legally required under our jurisdiction, it is very unlikely
remarks: for a demand of user information to be successful. Still, that
remarks: should not deter you from reaching out.
netname: PRIVACYFIRST-EU
country: EU
admin-c: TPP15-RIPE
tech-c: TPP15-RIPE
abuse-c: ACRO34258-RIPE
mnt-by: PRIVACYFIRST-MNT
mnt-by: RIPE-NCC-END-MNT
status: ASSIGNED PI
org: ORG-KHd1-RIPE
sponsoring-org: ORG-MW1-RIPE
created: 2012-06-04T11:05:55Z
last-modified: 2020-07-15T15:25:07Z
source: RIPE