Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- #Shade #Troldesh #Ransmoware
- ----------------------------------
- 31-07-2019
- ----------------------------------
- Main object- "36a1d9dae56f1fcdd86ef4b5afb7b222c09c19e23eb7066d6f6b44328a8cd376.bin.gz"
- sha256 6d48f84b44c8789bb97b1e8d4fac4d35e6ed7ae5d6f84174ead522c3dc8fb180
- sha1 793911941dde1cf97e327189678306884c7b847f
- md5 c2f2e45417702f8339076130b4f02864
- Dropped executable file
- sha256 C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LH043OAM\1c[1].jpg e4da415068c83a1710c3eda4818cb6a990a0405c123d32e9b78daea10d04fc92
- DNS requests
- domain whatismyipaddress.com
- domain www.bdtkd.co.uk
- domain whatsmyip.net
- Connections
- ip 109.203.124.201
- ip 194.109.206.212
- ip 154.35.32.5
- ip 212.51.129.49
- ip 173.249.8.113
- ip 86.59.21.38
- ip 217.79.179.177
- ip 104.16.155.36
- ip 104.18.34.131
- HTTP/HTTPS requests
- url http://www.bdtkd.co.uk/wp-content/themes/bluestreet/customizer/1c.jpg
- url http://whatismyipaddress.com/
- url http://whatsmyip.net/
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
