Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- Malicious Urls
- *******
- *******
- Email with ".z" file extension attachment
- Inside the ".z" was a ".jar" file
- Inside the ".jar" file executed Java code that downloaded these files and executed them.
- The files were then saved as
- c:\users\myname\mypcff.twerk
- c:\users\myname\mypctt.twerk
- c:\users\myname\mypc.twerk
- They were also executed with rundll32.exe
- *******
- hxxp://mods1401a.webcindario.com/fetiche/p64.png
- hxxp://mods1401a.webcindario.com/fetiche/pg.png
- hxxp://mods1401a.webcindario.com/fetiche/s64.png
- hxxp://mods1401a.webcindario.com/fetiche/p32.png
- hxxp://mods1401a.webcindario.com/fetiche/pg.png
- hxxp://mods1401a.webcindario.com/fetiche/s32.png
- *******
- *******
- *******
- More FROM @neonprimetime security
- http://pastebin.com/u/Neonprimetime
- https://www.virustotal.com/en/USER/neonprimetime/
- https://twitter.com/neonprimetime
- https://www.reddit.com/USER/neonprimetime
Add Comment
Please, Sign In to add comment