malware_traffic

2020-08-05 - "Campaign 56" on amazonaws

Aug 5th, 2020
6,805
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. 2020-08-05 - "CAMPAIGN 56" ON AMAZONAWS
  2.  
  3. - hxxp://ec2-35-166-136-23.us-west-2.compute.amazonaws[.]com/landing.php?clickid=00aafbzc8xi3z3yeaf&campaign=56
  4. - hxxp://ec2-35-166-136-23.us-west-2.compute.amazonaws[.]com/landing.php?clickid=19a30bzc8xiwhdzf45&campaign=56
  5. - hxxp://ec2-35-166-136-23.us-west-2.compute.amazonaws[.]com/landing.php?clickid=1ef78bzc8j6ejfe992&campaign=56
  6. - hxxp://ec2-35-166-136-23.us-west-2.compute.amazonaws[.]com/landing.php?clickid=2294fbzc8xintwj033&campaign=56
  7. - hxxp://ec2-35-166-136-23.us-west-2.compute.amazonaws[.]com/landing.php?clickid=27320bzc8hqir8na1c&campaign=56
  8. - hxxp://ec2-35-166-136-23.us-west-2.compute.amazonaws[.]com/landing.php?clickid=28d9fbzc8d5vcblfe3&campaign=56
  9. - hxxp://ec2-35-166-136-23.us-west-2.compute.amazonaws[.]com/landing.php?clickid=297d9bzc8hqqn8n6e2&campaign=56
  10. - hxxp://ec2-35-166-136-23.us-west-2.compute.amazonaws[.]com/landing.php?clickid=2e2f2bzc8zwdu8ncdc&campaign=56
  11. - hxxp://ec2-35-166-136-23.us-west-2.compute.amazonaws[.]com/landing.php?clickid=2f73bbzc8xi9l02c0&campaign=56
  12. - hxxp://ec2-35-166-136-23.us-west-2.compute.amazonaws[.]com/landing.php?clickid=32edcbzc8xi1nwjf85&campaign=56
  13. - hxxp://ec2-35-166-136-23.us-west-2.compute.amazonaws[.]com/landing.php?clickid=38e6ebzc81ma53y570&campaign=56
  14. - hxxp://ec2-35-166-136-23.us-west-2.compute.amazonaws[.]com/landing.php?clickid=39017bzc81ma0wje01&campaign=56
  15. - hxxp://ec2-35-166-136-23.us-west-2.compute.amazonaws[.]com/landing.php?clickid=3b5fbbzc81m16vrbe1&campaign=56
  16. - hxxp://ec2-35-166-136-23.us-west-2.compute.amazonaws[.]com/landing.php?clickid=3b67abzc8xi8pi478a&campaign=56
  17. - hxxp://ec2-35-166-136-23.us-west-2.compute.amazonaws[.]com/landing.php?clickid=3d169bzc8hq1nbl41f&campaign=56
  18. - hxxp://ec2-35-166-136-23.us-west-2.compute.amazonaws[.]com/landing.php?clickid=3f90bbzc8xi6jwjc01&campaign=56
  19. - hxxp://ec2-35-166-136-23.us-west-2.compute.amazonaws[.]com/landing.php?clickid=61b7ebzc8xi1zwj3bf&campaign=56
  20. - hxxp://ec2-35-166-136-23.us-west-2.compute.amazonaws[.]com/landing.php?clickid=64c2cbzc8j6vcfe780&campaign=56
  21. - hxxp://ec2-35-166-136-23.us-west-2.compute.amazonaws[.]com/landing.php?clickid=71935bzc8d5bgi4c9d&campaign=56
  22. - hxxp://ec2-35-166-136-23.us-west-2.compute.amazonaws[.]com/landing.php?clickid=76724bzc8dvk2bla49&campaign=56
  23. - hxxp://ec2-35-166-136-23.us-west-2.compute.amazonaws[.]com/landing.php?clickid=86cb5bzc8dvgxwj77e&campaign=56
  24. - hxxp://ec2-35-166-136-23.us-west-2.compute.amazonaws[.]com/landing.php?clickid=8e850bzc8d5fvdz54b&campaign=56
  25. - hxxp://ec2-35-166-136-23.us-west-2.compute.amazonaws[.]com/landing.php?clickid=96d83bzc8d5g6wjae4&campaign=56
  26. - hxxp://ec2-35-166-136-23.us-west-2.compute.amazonaws[.]com/landing.php?clickid=9d209bzc8hqqebl133&campaign=56
  27. - hxxp://ec2-35-166-136-23.us-west-2.compute.amazonaws[.]com/landing.php?clickid=a8b75bzc8d5xs6o49b&campaign=56
  28. - hxxp://ec2-35-166-136-23.us-west-2.compute.amazonaws[.]com/landing.php?clickid=aaf5fbzc8j68r6o392&campaign=56
  29. - hxxp://ec2-35-166-136-23.us-west-2.compute.amazonaws[.]com/landing.php?clickid=b61cbbzc8d5syi491f&campaign=56
  30. - hxxp://ec2-35-166-136-23.us-west-2.compute.amazonaws[.]com/landing.php?clickid=b9dfbbzc8xik2vrd73&campaign=56
  31. - hxxp://ec2-35-166-136-23.us-west-2.compute.amazonaws[.]com/landing.php?clickid=c805dbzc8zwfvdz90b&campaign=56
  32. - hxxp://ec2-35-166-136-23.us-west-2.compute.amazonaws[.]com/landing.php?clickid=cd6e7bzc8xiftbld67&campaign=56
  33. - hxxp://ec2-35-166-136-23.us-west-2.compute.amazonaws[.]com/landing.php?clickid=d030abzc8zwtw6o8f6&campaign=56
  34. - hxxp://ec2-35-166-136-23.us-west-2.compute.amazonaws[.]com/landing.php?clickid=d2543bzc8j6oj0c0d&campaign=56
  35. - hxxp://ec2-35-166-136-23.us-west-2.compute.amazonaws[.]com/landing.php?clickid=d69e6bzc8hqsldzb70&campaign=56
  36. - hxxp://ec2-35-166-136-23.us-west-2.compute.amazonaws[.]com/landing.php?clickid=dd408bzc8hq2tblda9&campaign=56
  37. - hxxp://ec2-35-166-136-23.us-west-2.compute.amazonaws[.]com/landing.php?clickid=e5048bzc8xi9l6o1d5&campaign=56
  38. - hxxp://ec2-35-166-136-23.us-west-2.compute.amazonaws[.]com/landing.php?clickid=e7aacbzc8hqxidzc20&campaign=56
  39.  
  40. EXAMPLE OF DOWNLOADED EXE FROM ONE OF THE ABOVE LINKS:
  41.  
  42. - https://bazaar.abuse.ch/sample/bac870dacd14a7a51cafe456e93ae3dbcf1c3659f2863dd79ad1e8667cbe3b7f/
RAW Paste Data