Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- MD5 (11-5-2018.isfb.client.decoded.vk.dll) = f1125c01f1333c70a4a20eec83b5efd0
- MD5 (11-5-2018.isfb.loader.decoded.vk.dll) = d3a1694a9046b9eb36ff84dbf2aeb0d0
- Bot ['2.17']
- Build ['39']
- Botnet/Group ID ['3098’, '3099']
- DGA TLDs ['com', 'ru', 'org']
- Server [’12’]
- Encryption key ['10291029JSJUYNHG']
- DGA CRC ['0x4eb7d2ca']
- DGA Base URL ['constitution.org/usdeclar.txt']
- Domains ['legicalpan.com ', 'dhsiwyqdlskwsqo.com', 'hq92lmdlcdnandwuq.com']
- Path: ['/images/']
- ISFB 2nd Stage Domains:
- wolthorifi.com/TYJ/wwnox.php?l=juxe[1-10].xap
- yaticaterm.com/TYJ/wwnox.php?l=juxe[1-10].xap
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement