API tools faq
paste
Antelox

New Locky distribution sites - 15/07/2016

Antelox
Jul 15th, 2016
488
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 10.08 KB | None | 0 0
raw download clone embed print report diff
  1. *Email sample*
  2.  
  3. _Subject_:
  4.  
  5. scanned
  6. Fw:
  7. attached
  8. document
  9. RE:
  10. ATTN
  11. Need your attention
  12.  
  13. _Body_:
  14.  
  15. How is it going?
  16. Please find attached document you asked for and the latest payments report
  17.  
  18. Hope that helps. Drop me a line if there is anything else you want to know
  19.  
  20.  
  21. --
  22. Thank you.
  23.  
  24. Gabriela Holman
  25. Goldgenie
  26. Phone: +1 (248) 949-85-50
  27. Fax: +1 (248) 949-85-45
  28.  
  29.  
  30. In attachment a zip archive with a WSF file.
  31.  
  32. Javascript sample - MD5: bdf2d618e535d595f2fd3bec50268386
  33. VT: 2/55 - https://www.virustotal.com/it/file/68912674300ee43be4fc13db90b04c4c12bbc0f624f559f664a328061fecabeb/analysis
  34.  
  35. *Compromised domains (109)*:
  36. 16industries.com/ cekete
  37. 300tomoli.it/ 39w23pk
  38. 51939812.de.strato-hosting.eu/ o8n8b
  39. aberfoyledental.ca/ 97q0eu
  40. abligl.com/ qpihxic
  41. ac5diavoli.com/ glg7mdr0
  42. adsnight.com/ page8r
  43. agazoumi.com/ y5kbz
  44. alexiedb.home.ro/ zrb7z
  45. ares.net/ kp8d9f
  46. azmusclemart.com/ x6y0lc
  47. bbvogliadimare.it/ 4vrl8j
  48. blanquerna.eresmas.net/ z5yvl
  49. btgnj.com/ 313zg7wj
  50. btkdev.lgg.ru/ i2ekd8
  51. btkdevelopment.ru/ lggr5
  52. callatisinstitut.fr/ fytdty8o
  53. capitalwomanmagazine.ca/ r7c4ypa
  54. century21keim.com/ v6p7qnnl
  55. deangelis.co.uk/ 3f3hj27l
  56. desres.net/ 881ux1p
  57. domekdarlowo.republika.pl/ chq26
  58. dub3tv.com/ hapx9
  59. dugganinternational.ca/ 74bmk
  60. ebnmp.com/ htxmd
  61. edelweiss-secretariat.com/ jiojyvrf
  62. edilperle.it/ 2i1hg3e
  63. exclusive-closet.com/ wqcs8fk
  64. fabricbuild.com/ jiq6jv
  65. flaglerpower.com/ dft1ryn7
  66. focolareostuni.it/ 54c9p
  67. folkchata.pl/ fjk7n
  68. genius-versand.de/ 1ampr
  69. giftskeys.ts9.ru/ nk3gyv
  70. grantica.ru/ m0c22m1
  71. hate-metal.com/ 6gjlm
  72. hayan60.inodea.co.kr/ oihk01mp
  73. heonybaby.synology.me/ 0qbd9
  74. hiramteran.com/ 33z271
  75. hoosiernetwork.com/ 4ylqh97
  76. hotstreams.ru/ 77vtdp
  77. idd00dnu.eresmas.net/ sz7o77m
  78. ilbalconcino2011.it/ 2st9pai8
  79. ingstroymash.ru/ grpca5u
  80. intracorp.ca/ wf5oo4
  81. ipfnamur.be/ 122oi0
  82. jem-111.com/ stwxldg
  83. kakinomiaiki.web.fc2.com/ rh3l4d
  84. khalifacapital.com/ e0jnn2
  85. lerens.com/ 9i9gk7
  86. lifecare-hc.com/ 8v4jr
  87. mana114.takara-bune.net/ iqfywp
  88. marchandedidees.fr/ 36laa
  89. minocki.republika.pl/ wqcbyei
  90. modband.com/ 2hb0bj
  91. mvco.de/ 73i38
  92. mystyleparrucchieri.com/ b1wm24b
  93. newgeneration2010.it/ 2ig26hv
  94. nmfabb.com/ rgrna1gc
  95. nuovo.shaolinsoccer.it/ 8lffws
  96. oavb.com/ 4dbqz
  97. oleanderhome.com/ xly4vg
  98. olgastudio.ro/ e5sbrz
  99. optlife.gooside.com/ yh4ev
  100. osteopathcanada.com/ geg6gv
  101. pernelkul.hu/ 9vjw6hak
  102. restautrement.com/ dt55xq
  103. right-livelihoods.org/ rpvch
  104. rough-orange.com/ wurbrl
  105. rue-de-champagne.com/ qdcps5
  106. sabplatform.com/ rkjrw
  107. sejinfurnace.com/ ~test1/ dt0pl5
  108. seroca.com/ 8f72pw
  109. sfabinc.com/ advvll
  110. shintyaku.ame-zaiku.com/ 60pxmpar
  111. shintyaku.ame-zaiku.com/ zjg39kpn
  112. sichenia.omniadvert.it/ 7xxsn8
  113. skocz-meble.za.pl/ hi19jls
  114. snowbu.net/ g67ajv
  115. sobczuk.republika.pl/ cb4z6
  116. sophoula.com/ e6yscv
  117. strstudio.pl/ iloss7m
  118. sturminvestigations.com/ 9dg4z9
  119. tabskillersmachine.com/ ajn1lz
  120. uas-aas.ca/ 11xwlkd
  121. uitindrachten.nl/ a55fgn8
  122. ukrasnogomosta.ru/ i2660mp
  123. upfrontjournal.com/ jtjo2z
  124. vanmeerendonk.eu/ lbkzg
  125. visite-grece.com/ st1yof
  126. vova318.vline.ru/ vvsrr9
  127. wizcad.co.za/ pevnzl7
  128. www.astool.com/ vqxpamkb
  129. www.digi9.in/ vx9x9
  130. www.estreetshuffle.it/ k0vyfdl
  131. www.fabricemontoyo.com/ v8li8
  132. www.finkeyhangszer.hu/ yr9z10p
  133. www.fotosdelburgo.com/ w24ee
  134. www.guapaweb.jazztel.es/ o54b6
  135. www.istruiscus.it/ xx8efy3
  136. www.italius.com/ ph18xm0
  137. www.landscape.hu/ 5tipxga
  138. www.mystyleparrucchieri.com/ ci05l2a
  139. www.rgtalp14.it/ jsao6f
  140. www.ruyssinck-demeyer.be/ sec1n5x6
  141. www.vedasrestaurant.com/ tv3mmzc
  142. zarabotaina.yomu.ru/ haw3kly1
  143. zarabotat.yomu.ru/ kngld
  144. zckupila.republika.pl/ xr1zutd
  145.  
  146. MD5 Hashes:
  147.  
  148. 00ee2c41c4700428286650d60bc36456
  149. 076deac3b3c2050127b6f3456c7638c7
  150. 07b72c8f141337f320a492293f0cb79e
  151. 07ec5b2afcdebfc1af383e275872edea
  152. 08fcedc8fed724744414813b443956bc
  153. 09853eb3dc2b10c349035aed9ea5c557
  154. 0cca0290015a8f4dd035f3cb433cb309
  155. 0cf08fecc32d5e66a0b412b69f937f0d
  156. 12255f2cc64ec79b9900ec5f7017ea46
  157. 12987b4fcb295ffa9d21420c3df5fcae
  158. 138514b1c013ab92f3ea87796956a759
  159. 149f9dbe8f5bed77de6e4e57f8ab1064
  160. 14e683506bf527b34a54dcbef409a552
  161. 1503e93e84054033723721c1b6c6b9c3
  162. 16d1568d7a60a0e87bc60865a2993615
  163. 16e34d1c88115e0c283f7ace54e01fc8
  164. 16ea2a69bb51fd5723a6bc1e5f2f1bf5
  165. 18b9d2dfbfbed6ed9e65fc74f53bf6ef
  166. 195b5a145479929a2781a2114a69b070
  167. 1a9446384e8d646006f9c6fc8d36c14f
  168. 1b78339754c5c6e84aa8f2a5776dc981
  169. 1bec6bda3dfbe8a6ac7a8ce0f06a0b90
  170. 1de2724ae1fca00b31a0ee830bac23ed
  171. 1dfd3415f5929c1f8d1df7dbb382b900
  172. 1ec8e0dca0b0cf4e6e7d2b92b65ff79f
  173. 2141d04d19963d40f188657ddeb43846
  174. 214a5cc2f189578f61106038f2404c39
  175. 234c29c40077382f69cc80e42f55d173
  176. 2388fbaa3988ffc9f5d7b300fce9d6da
  177. 23cebf44f1e5cb4df097f18fbfcfbd6a
  178. 26ebaf78e36388aefd180c324f090b31
  179. 27cb196c080ea830755e5df5dc4b1e78
  180. 29988f4c256ba7634cb722df597c1c3f
  181. 2a00db62efdcfec209645af6ca4af40c
  182. 2c65abf7487b1e817222ac55ce57f0e7
  183. 2d5fbef27e72780c1e70a5da9bcefad0
  184. 3244b365a3e12e895f997ce1e656e6a3
  185. 32701607674627dd4c64c1972501a028
  186. 3447af8ba4e33df56a3723ee2747a75e
  187. 34c3e4197276a1608040d91d49c8afc1
  188. 373b6fbc3cc58e0490b513a8cd9991c2
  189. 38705b18bcf1c85935ba4be0851368b6
  190. 389458120e15b4fa919a070310322e2e
  191. 39b89446e0f57750a1989793ea83c9ea
  192. 39e6f170114819d23c82820937465488
  193. 3a52b4b8a76b5a54399e244272dfef19
  194. 3aadd8dacdb56b9c973abfa13492954d
  195. 3b25461e9239b11f1fe7b55d401e1d6d
  196. 3c09c9ebb1c9bd784a196707dc100805
  197. 3f2ec1af59ed0bd29c34fd52b4d1f604
  198. 3fb8c2cc9d3c45b719a7c3af53bb5260
  199. 3fbc57bbc7c9345892d6250c74b08788
  200. 4253cd29e3b2eca6f815c61299e070a9
  201. 430adb52072b9aeaf92cec170a1b1f53
  202. 44031d0431abe941d836365d96a63aa8
  203. 4531de65e51d5df50754b8c345f6e959
  204. 45a07d404b07e3289fe9b6ec060cdea1
  205. 46112b7c748576bd86ebdad8a88f2b37
  206. 475206f3b86cb024e8f434eb0e15136c
  207. 47ef66191256fca31037a32ced016985
  208. 491a0442f83d8970b6751e1754f8ce87
  209. 49abb00a68da336d1801c13927755436
  210. 4a67b4f1896166e3f7178d63f2af5bfe
  211. 4b47a534116ddc5b4a1b5ddf440b533a
  212. 4bebcc67baa9677b15805934930f996a
  213. 4c222cff1e3ddad4315113fbada0811f
  214. 4cb1dcc6e63f536da6761d4774d9a50f
  215. 4d29c25def97bb905b55e9ff38ee7ce3
  216. 4d7c37a35a4783c8d4e62513d2258a0f
  217. 4e94aa5022dbe2e9db5cf5c397265a1c
  218. 4ef91df369e1471d13b28ca6f7d2d4e1
  219. 506a26a440a9c8b5f5b8fc3294114a49
  220. 51c676bd0ca5cba8fe800cfd603636d7
  221. 5204df6341326e80b622c54eb8d142eb
  222. 5242242b5e264cfdf1741d8789e33061
  223. 5307d1a2787b2fe613e9a40c0cd1a6d4
  224. 556a2b475045bf4b39f34bc9ff163cc2
  225. 5599a413458406ebc1848fb8369c2c9c
  226. 566fecfde5b12ef9e542ac157eed4d40
  227. 5681b503f340131c6922208322368307
  228. 57eec09365908c85330f1268dd5db964
  229. 5a2df68ce612fbbf0a7bc5c217c66923
  230. 5c5abb973a947c327206417a69c507a9
  231. 5ca3410549c0a00d2275a7fef9ff43cc
  232. 5cad03c991fcc1ba98ac723bb0661a22
  233. 5f8eb95572791acd41b441d2fca33c6c
  234. 5fccc7dd4a98311fd5bfb3497d41090f
  235. 61a9635c7413ff381f3097f938680491
  236. 650f1f13cf3cceb9f6735e85dbadb391
  237. 650fab3227e0a42f19dbfbc69a02f64e
  238. 65677268ba9c6c87e9d377d7783c0569
  239. 657da46b2acc46941679ab5bd6100727
  240. 69d0e60637628b3da404d1398b8deb30
  241. 6c6d0cd8d5ab015ea574bdb2904b27e7
  242. 6d2bd4bd0d5818e8a010310b776abeec
  243. 6d8edf4f43e16e57a27693de69115790
  244. 70c6ed5813ecb97086dcd52e66efd020
  245. 720d0d552b8a89a357d9d9e91cfdcf80
  246. 7340efcb3b352cd228a77782c74943a4
  247. 73ac6c37ce1f44de081aacd5376f54c9
  248. 73bfcdff60fdded2c763d869c1e1c5f2
  249. 74c5d76298a0234ef14d2eb088e1ce06
  250. 76df2b6048c3962ba3579c010a1dabed
  251. 780d30408200bb6bf37a1a8d30c336c5
  252. 789cc49f189a90bf34ac9633dafcd6a6
  253. 7b03ef680b87a8360ed515c46409b799
  254. 7e1d3f351fe834ac60f81b45cf2a18da
  255. 7fea82f7af9a9d10013c4b875d6dd7f6
  256. 80d74f7f551a2de74e117ebf22d65b6b
  257. 85046c09620e875f37d34839a92c3a02
  258. 865d5d5ea97d8b6e37e321e57cf50d57
  259. 87451dfa0a8620da8abec23b673c30a6
  260. 88fe7455ca387caa1eb3d2552b86c9d2
  261. 8b3b9b5626b53aec933e246ff8f1fb6c
  262. 8c43a1fe693b9b69914faaa54a7cdb84
  263. 8d43d3a3cdc85a29dab38069fe99dc5f
  264. 8e627515fb97d6493ecf4fa74cd5f345
  265. 9053d6057e456ca48b9772c57199a6a4
  266. 9148858eb40ed7ee5de1eb55fa41ff46
  267. 96771ae65a584da21790c27158db82ea
  268. 9a06cc65541a331dd40ccc743b71daa8
  269. 9a1e403f7cb0d8a641a0e9797868ab0e
  270. 9c5f4baa3c1a8717ac3639d66892f4f8
  271. a09f55511e93aeff2d5b01d1d3368680
  272. a0a0c730782ea7c214431b7584d8e643
  273. a1689b451fb04a211bf8f3b7c6da05ee
  274. a52880a3ed45819757c18e0779c89d64
  275. a60188b57384d71274719c4dff0ef6d6
  276. a6ea7eececfca008455fd79ebf34de4c
  277. a8be8e773a3d3669d6155570696c98c0
  278. a8cd4cf75cb3bf73cd37b8b2c434c6f3
  279. a90b490f109112a671f72b3ff41de87e
  280. aab195f0638e80f832a969b57fa1dd5a
  281. acbd1a9b779fc271e5e93766c8e3235e
  282. ad1d0e43fb9a134dbe716ba1a92e1b4e
  283. adcb628c9e8d329ac76ec5b6e7d6a0ea
  284. addbf279d721e2ab584b4c571be3f46e
  285. af315ffa51c75002f41f84b273699f54
  286. b0c208b68e221225cf38873d912734b0
  287. b2b1d35db44961b09990fb7cff1dfb55
  288. b3fc902e584611e187de8b06cf1ab11a
  289. b45728973fc3af1d772e31e6d92939ba
  290. b9157b1bad6083659952178f20a1513e
  291. ba0910fc911a8776a5d2e52d1998a36a
  292. bb82703014f294c5b4d3cdf1795a1e6b
  293. bb90f6f91f1c117748cdfb857ff28596
  294. bcaeabd92bf86a4b4228ff57f9c51f11
  295. bcdc2f6904b2d3620bc34865e147d5c1
  296. bd89040ba2bcd1867e00bbd102abf104
  297. bf521642ed8db535c69c47fce3f6d265
  298. c0332794021ed50e9fe9700551b2d15d
  299. c0ff805d50cc27351382794c9f95f892
  300. c3ebcd8fbbb1c017148bb108aeef6624
  301. c403ec7b8d8b898cdc25b4d6fe552aac
  302. c663dbd71631b9b8aea1a07848a1ffba
  303. c6f46a6fa6d5716070ee74389ff48062
  304. c8b92e2e8a7feedd47b4a0aa353d375c
  305. cbb5294250a502c8333893a13210f66d
  306. cd5a1bb8f036c2908af08c377a428b7b
  307. cf313949b3f3baae34d2c037e865d4fe
  308. d0d10bf7154c095990c06f2d25039ef8
  309. d20f8794f68f6af3151be090b14d06f7
  310. d445df95b3bcbafc342ea0261defb308
  311. d5ad05a044dd417197bccd6346c39980
  312. d761d4ce864f069ec46296c12a88bb45
  313. da1d1fbc333478a4bdbf6d77ca99e34a
  314. dbb54ca1d1368f026f734a6bdc7ed97f
  315. dbe5ac338eda68c4de6bb95329a23357
  316. dc1b4f7e314c042a2e3cf2752646d5fe
  317. e197b2a5d4e63b828b748bf30da371ab
  318. e21e942ea65c381815c14987b284663a
  319. e2a0545087278940943db673ada68d49
  320. e31f657bca9ebc8b7f55b51466363a5c
  321. e383e35304cd3c51921c5d98ef7ea9d3
  322. e4ae52cab80bd0c36f0bd5814f8b954a
  323. e968caf8afc3539709358809a2deb558
  324. e9cd448573b70a8cbd509323e8a2165c
  325. ec9644d63d35c9d8d3eae208044c484c
  326. ece0c9980411561b865993a661021747
  327. edbecf9931d0e683933f3b53e713a9b0
  328. ee5b9b37a609e90d800a2725b29c0c41
  329. ee8eca3eafc7ec5dce5d0847505effbd
  330. efea76f508386b057833de990327e091
  331. efeaf21fcd83ef55db58dba3a67c48a3
  332. f120d8937f604c5614d7ac5276fdcddf
  333. f233c693868b60c477e24da2320660cb
  334. f55eb4730fc7b288c5f4a725e65cc894
  335. f576990ad47960f9354849b6866ea1f5
  336. f6dd3cd423556ea298a226157e6fd724
  337. f9d1a27413eaf8a2a7d798f77676c557
  338. ff8bbaf241c876b83429d7b5921195c1
  339. *Sampled downloaded and decoded*:
  340.  
  341. File Name: dJI0k93cF.exe
  342. MD5: 14E8F9BF173042EA3E4AF4972FEACF16
  343. VT 14/53 - https://www.virustotal.com/it/file/2661a984c5962ba7e9d13fbf73c7f76502ef527c1a984d5a412554d3e0b163e0/analysis/
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!