API tools faq
paste
Advertisement
Antelox

New Locky distribution sites - 12/07/2016

Antelox
Jul 12th, 2016
520
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 3.28 KB | None | 0 0
raw download clone embed print report
  1. *Email sample*
  2.  
  3. _Subject_: Fw:
  4.  
  5. _Body_:
  6.  
  7. hi [NAME],
  8.  
  9. Here's that excel file (latest invoices) that you wanted.
  10.  
  11.  
  12. Best regards,
  13. Darnell Hansen
  14. Group CEO
  15.  
  16.  
  17. In attachment a zip archive with a javascript file.
  18.  
  19. Javascript sample - MD5: 2cc72f8c2c1722cabcc8612c4d647c21
  20. VT: 3/54 - https://www.virustotal.com/en/file/c9662190357968e8aa163a87ed1009700393f6d6104b9eeae0051589d60e49a5/analysis
  21.  
  22. *Compromised domains (46)*:
  23. acepipesdeli.com.br/ tffx7
  24. aerosfera.ru/ h5vkp87
  25. agbiz.co.za/ x2evw01
  26. choogo.net/ qi7j7f
  27. control3.com.br/ 57nhtzkv
  28. dealsbro.com/ 4qtc20
  29. diablitos.no/ ogmrgs
  30. doisirmaosturismo-rj.com.br/ jxdlzcf
  31. eskuvotervezo.hu/ 3kbgy9a
  32. eusekkei.co.jp/ tdts0
  33. ferozsons-labs.com/ 52sf0l
  34. games4games.com.br/ ubabtp
  35. globaldveri.ru/ i4a3l0
  36. hanaweb.xsrv.jp/ be6o4g6
  37. heonybaby.synology.me/ 41sx3e
  38. ialri.net/ tughk
  39. jsbaden.jemk.ch/ xyn8moxt
  40. jstudio.com.my/ 5mkejwj4
  41. kveldeil.no/ opca2v2
  42. maihama.2jikai-p.net/ 5mkejwj4
  43. mcpf.co.za/ ffq1mq
  44. mphooseitutu.com/ tfq5e5d2
  45. mywebhost.nichost.ru/ g53y7
  46. nicesound.biz/ 42did
  47. omnitask.ba/ ac5f6
  48. ostrovokkrasoty.ru/ x7lcd
  49. ppf.com.pk/ 5z2sk
  50. quaint.com.br/ divme5d
  51. repair-service.london/ uywgi7v
  52. revengeofsultans.com/ 9cu7bsw
  53. richard-scissors.com/ wife8eaf
  54. rigoberto.com.br/ nqum54t
  55. samaju.se/ fsqrtgrm
  56. sindsul.com/ h02sujs
  57. sirimba.com.br/ qiovtl
  58. stylespiritdubai.com/ be1id
  59. tvernedra.ru/ lob9x
  60. valsystem.cl/ v4db1wd
  61. wacker-etm.ru/ jfbmxlhy
  62. wineroutes.ru/ hrzl8dw5
  63. www.cristaleriadominguez.com/ fxcx6ep
  64. www.inextenso.hu/ xc3739l
  65. www.ital.com.mx/ xswj9
  66. zachphoto.7u.cz/ 0jyhh
  67. zakagimebel.ru/ krcsvf
  68. zoomwalls.com/ zghpzv2f
  69.  
  70. MD5 Hashes:
  71.  
  72. 01d7d0666d8894b4b7757e7755e404d2
  73. 03bd2441639bfca4d4cab82182b13259
  74. 1ba8443c770d197c4637af57645baa5b
  75. 1cc933aaf7f974f248077929ab08966e
  76. 1f969bc14b47f74e3d89490406602329
  77. 218ccfd206bfc627fb62999ee18c831b
  78. 23ae38bff24b441101931aeac266f91d
  79. 2911ff9cf53d0f63abe8449bff199e4b
  80. 2c641d77cc7ad576c351f8e33125b602
  81. 2cc72f8c2c1722cabcc8612c4d647c21
  82. 311d35de7967969bca0b9e449db37d04
  83. 37692dc630ec80459f8f97c1cdb94df5
  84. 41a5c668efb0bb4968db5f1d3ae8aaf7
  85. 4c7675bca5e9098223a94f99dc2669ba
  86. 5076fdf1c68b770a5134e05d120e02d4
  87. 593abc2caa50d7eae2564a5b644178ed
  88. 5c84852b839715359ba35cff6d92a919
  89. 6391237947b65877aff8dab5b4d0fc81
  90. 67b0dc635a407997a35ac7b3b44e07cb
  91. 69e1504fe58aea24b8176d12468d0083
  92. 6d8566ae39760bc7928efb174525f75f
  93. 72318e26401a03b103b7eac41dc6b317
  94. 74c701fe0bb0e096acf74e7bdd8bf1e1
  95. 78fce7895b9df71f95fb8319f7701f6f
  96. 84e5243838213d1826d8d3333f0db4c3
  97. 89aa5cda2d264866afd6912dd299bfd6
  98. 8ab7b9b043df6a8c4680845f74cc75b9
  99. 8d4ecd90c31546522cfc3c9c2ccc0b3b
  100. 8ffc22504accfb8a9e890e5d563e8e88
  101. 9294034a48654fa4f31b74d009c90b3f
  102. 95870e27147b5767f29370609dcf552f
  103. 981bf21648e5b6f53de170b4265b67c3
  104. ab45937a7acaf9a541928258c03a51ed
  105. b0c01c692d6867e3167a0b3075f8cd1f
  106. c02607f2417620bed327e8974451ffbc
  107. cd853bc211138cffb815b7420513f816
  108. cde8b2582a940aafb72f20e21e572f03
  109. d6622ecd2cbb9dc635dbfc28c9b8f9bf
  110. d8a680a32a6a8a6251d526b02d0ed49f
  111. d95f77ccf08dbf1c74e6dc11eaeffa9c
  112. e2408e8f0539a3cf3842dc978e505778
  113. e5862593c3b2cafc60a622b07cf1283f
  114. e64d9f1df9ac4cb2a9714edbdedb5df2
  115. f55c2928edf51378a9a3d340f1172e70
  116.  
  117. *Sampled downloaded and decoded*:
  118.  
  119. File Name: tbb7itlAhl0.exe
  120. MD5: 98279DCF61AA13DFC55F3298C3DFDA02
  121. VT 2/54 - https://www.virustotal.com/en/file/39a3b9fb661b5316c46d0125621c2b622cd99f8f5c500d32a63a37a70a9ef8ac/analysis/
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!