API tools faq
paste
Advertisement
James_inthe_box

Stuff

James_inthe_box
Mar 12th, 2018
448
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 0.61 KB | None | 0 0
raw download clone embed print report
  1. #Pony
  2.  
  3. TNT shipping invoice themed emails with the following as an attachment:
  4.  
  5. File Name: TNT Original Invoice Receipt_pdf.gz
  6. MD5: 2E69213F821DADAEEC60899F97140382
  7.  
  8. Contains:
  9.  
  10. File Name: TNT Original Invoice Receipt_pdf.pif
  11. MD5: 3FD2A13C659EAF84BA1E2A63541560FB
  12. No listing on VT.
  13.  
  14. Calls out to:
  15.  
  16. veezer[.]club/kc3settings/settings/settings/settings/gate[.]php
  17. 70[.]39[.]232[.]160
  18.  
  19. open dir at veezer[.]club/update (source: @JaromirHorejsi)
  20.  
  21. also hosted at 70[.]39[.]232[.]160:
  22.  
  23. klk[.]host
  24. svit-zer[.]com
  25.  
  26. even more badness, check out their registrant emails.
  27.  
  28. #Lokibot in the mix there as well.
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!