API tools faq
paste
ExecuteMalware

2020-09-22 ZLoader IOCs

ExecuteMalware
Sep 22nd, 2020
2,772
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 1.08 KB | None | 0 0
raw download clone embed print report
  1. THREAT ATTRIBUTION: ZLOADER
  2.  
  3. SUBJECTS OBSERVED
  4. Given invoice clarification, ID7992
  5. Given invoice information, id#9751
  6. Invoice 4459
  7. Payment id 8401 details
  8. This is your Reminder for Invoice
  9. Your Service Invoice# 3171
  10.  
  11. SENDERS OBSERVED
  12. britkanlava86984@aol[.]com
  13. diejecri325134@aol[.]com
  14. golfpurtixi734041@aol[.]com
  15. heralu452163@aol[.]com
  16. jenniferadams689@aol[.]com
  17. stevennelson287@aol[.]com
  18.  
  19. EXCEL FILE HASHES
  20. 69cd0d8dce170b749a0a397d8c221ded
  21. ecc1472f5924f68ba3248529cf197ac9
  22. a301847a50ce12de68966fe28cdf1cc0
  23. 94e0b5238b8643145dafb1a459d04de5
  24.  
  25. EXCEL FILE NAMES
  26. DE[.]2615[.]xls
  27. EXI_8401.xls
  28. R-9751[.]xls
  29. CM[.]3171[.]xls
  30.  
  31. ZLOADER PAYLOAD FILE HASHES
  32. None
  33.  
  34. ZLOADER PAYLOAD URLs
  35. hxxps://loveleigh[.]seo-and-web-design[.]com/wp-touch[.]php
  36. hxxps://marketingblueprints[.]club/wp-touch[.]php
  37. hxxps://polyet-store[.]com/wp-touch[.]php
  38. hxxp://msbibo[.]ch/wp-touch[.]php
  39. hxxps://chuguadventures[.]co[.]tz/wp-touch[.]php
  40. hxxps://cirabelcr6dito[.]com/wp-touch[.]php
  41. hxxps://digitalseven[.]net[.]co/wp-touch[.]php
  42. hxxps://dortome[.]net/wp-touch[.]php
  43.  
  44. ZLOADER C2s
  45. Unknown
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!