SHARE
TWEET

2019-08-21 - malspam pushing Shade (Troldesh) ransomware

malware_traffic Aug 21st, 2019 1,267 Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. 2019-08-21 - INFO ON MALSPAM PUSHING SHADE (TROLDESH) RANSOMWARE
  2.  
  3. MALSPAM SUBJECT:
  4.  
  5. о заказе
  6.  
  7. PASTES OF TWO MALSPAM EXAMPLES:
  8.  
  9. - https://pastebin.com/HbCYTnP2
  10. - https://pastebin.com/CnFihaH2
  11.  
  12. ATTACHMENT INFO:
  13.  
  14. - SHA256 hash: dd3774b45962050a293132152071220166c7edb75468672719fd5867f5ecefd2
  15. - File size: 10,804 bytes
  16. - File name: Попов701.rar
  17. - File description: Password-protected RAR archive from malspam (password: 67)
  18.  
  19. - SHA256 hash: a3d469526f984519a300d2866a14cb74d36453b51a74691a7a3b0eabbd4004ba
  20. - File name: Петухов386.rar
  21. - File size: 10,772 bytes
  22. - File description: Password-protected RAR archive from malspam (password: 67)
  23.  
  24. - SHA256 hash: d6351891f4fd41e85bb460648279762258a2b6e0da241c16058c80e12eb9eb44
  25. - File size: 15,598 bytes
  26. - File name: Информация о заказе.2019-08.20.docx.js
  27. - File description: JS file extracted from Попов701.rar
  28.  
  29. - SHA256 hash: e5bc00b65d80274af7e0b1e18917e8eb46f0be0ec7c46172ebc9d85ad832364d
  30. - File size: 15,472 bytes
  31. - File name: Информация о заказе.2019-08.20.docx.js
  32. - File description: JS file extracted from Петухов386.rar
  33.  
  34. URLS GENERATED BY THE .JS FILES:
  35.  
  36. hxxp://entre-pote.mon-application[.]com/external/smart-banner/1c.jpg
  37. hxxp://axionapp.mon-application[.]com/app/configs/1c.jpg
  38. hxxp://www.kssthailand[.]com/wp-admin/css/colors/blue/1c.jpg
  39. hxxp://pleijers[.]nl/BloemenRingen/res/1c.jpg
RAW Paste Data
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy. OK, I Understand
 
Top