Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- Hello you can find below some "HAVEX-RAT" C&C:
- [2b2a2b6f962b5a69f880480dcb9646e2]
- hxxp://pekanin.freevar.com/include/template/isx.php
- hxxp://simpsons.freesexycomics.com/wp06/wp-includes/po.php
- hxxp://toons.freesexycomics.com/wp08/wp-includes/dtcla.php
- [979464521c927226ac683ec4c88c6218]
- hxxp://www.pc-service-fm.de/modules/mod_search/src.php
- hxxp://artem.sataev.com/blog/wp-includes/pomo/src.php
- hxxp://swissitaly.com/includes/phpmailer/class.pop3.php
- hxxp://mahsms.ir/wp-includes/pomo/dtsrc.php
- ------------------------------------------------------------------------------------
- Source: Russia
- Target: Energy sector
- Infection vector: Water-holes (based on multiple Java CVE)
- Detection: A file (TMPprovider*.dll) is dropped inside "ProgramData" directory
- ------------------------------------------------------------------------------------
- If you need you can find furthers information here
- "http://www.crowdstrike.com/sites/all/themes/crowdstrike2/css/imgs/platform/CrowdStrike_Global_Threat_Report_2013.pdf"
- anyway, Google is your friend... [or not? ;) ]
- Sug4r
- LAST UPDATE:20140310
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
