Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- THREAT ATTRIBUTION: HANCITOR
- BUILD=0212_78434
- SUBJECTS OBSERVED
- You got invoice from DocuSign Electronic Signature Service
- You got notification from DocuSign Electronic Service
- You got notification from DocuSign Service
- You received invoice from DocuSign Service
- You received invoice from DocuSign Signature Service
- You received notification from DocuSign Electronic Signature Service
- You received notification from DocuSign Service
- You received notification from DocuSign Service
- You received notification from DocuSign Signature Service
- You received notification from DocuSign Signature Service
- SENDERS OBSERVED
- b@frankstaropoli.com
- erppe@frankstaropoli.com
- ivtobye@frankstaropoli.com
- lbi@frankstaropoli.com
- lcyaz@frankstaropoli.com
- poythit@frankstaropoli.com
- se@frankstaropoli.com
- wilaxxa@frankstaropoli.com
- wuz@frankstaropoli.com
- MALDOC LANDING PAGE URLS
- https://docs.google.com/document/d/e/2PACX-1vQ31EQhZEjBM0nN1BN_ZIP5ZdSd5nYuFCqWF6oawVKcy4Wr-ATcHYbkmNdb5sbtG58_NoRWiDAYp-KM/pub
- https://docs.google.com/document/d/e/2PACX-1vR9rFM8j9JxE9THLI4OPOb9ofR4pviNEn3vn32MJfEX3ZuWZ1lXNWHMIIGuV290s8MHTyba9Ohax0qr/pub
- https://docs.google.com/document/d/e/2PACX-1vRQjnGJOLwC0cJOlX-m5suMujGx9U_07bM3te-x_CoFDRyqWSKN-my6FVbCnigL3D4SXEEjUP-p1mv4/pub
- https://docs.google.com/document/d/e/2PACX-1vS0jpGfngL3b9Qzh4uUYwNccHZIZMALTZhqX1UOXPToeCgrgwGndQxAHCh5yM26GLdN4B1vLsXanIiM/pub
- https://docs.google.com/document/d/e/2PACX-1vSLAiGV4xZ1f6NrIZYCJH42h929DjAlZE9A4EOfXxVGy7KA58Fx2TZHuaZIwgJmEs6juz4BwTPT3Cey/pub
- https://docs.google.com/document/d/e/2PACX-1vSS4h591AuuBq3IBzTMRvp0oyWYQ6k2aKmJaAvxjKEMivN4lzi4OOGOXuNKMu9SOESp4BqS-h0raeei/pub
- https://docs.google.com/document/d/e/2PACX-1vSuoaxE4p99-g4llV7DhceIEpfuQlv6GaIbUakCVkaOUAMzWRNKmS9tiR6nmjpVrV7VGvbe7UKgjw0T/pub
- https://docs.google.com/document/d/e/2PACX-1vTwiyXWXNze_MffgDAP8qq_RVnWbPYyt1eRixaqfioTFf-fXeRqsSQSQ69uPNnVnOR2QIoZHbFfhfSj/pub
- HANCITOR MALDOC DOWNLOAD URLS
- https://licambala.in/allergic.php
- https://newmaq.cl/lid.php
- https://airborne.pro/clamorous.php
- https://caamitrjain.com/shakes.php
- https://irchemicals.com/indent.php
- http://playground.digitalnoirtest.net.au/rosemary.php
- https://osciperj.org.br/limelight.php
- http://playground.digitalnoirtest.net.au/attention.php
- airborne.pro
- caamitrjain.com
- digitalnoirtest.net.au
- irchemicals.com
- licambala.in
- newmaq.cl
- osciperj.org.br
- HANCITOR MALDOC FILE HASHES
- 1202_4735106192.doc
- 7663c34a4c2a5c1900c0cc85e08712f7
- HANCITOR PAYLOAD FILE HASHES
- W0rd.dll
- a6a402c2998b0ae62842f88303715169
- HANCITOR C2
- http://behelzho.ru/8/forum.php
- http://eaussill.com/8/forum.php
- http://hossangerts.ru/8/forum.php
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement