Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- https://www.hybrid-analysis.com/sample/07ccbcf3a112bf3d6292d97a4473c2c3549316f86b9078081b1b34d12b9ae46c?environmentId=100
- https://www.hybrid-analysis.com/sample/362dc8fbd28ef512c8ee5805774181e03ce7743f807668d0de0082ee11aeee97?environmentId=100
- #word doc loader URLs:
- www.root-c.ru/Download
- xn--80aanbpjywq.xn--h1asdmg1a.xn--p1ai/Download/
- salvleoni.com/Download/
- spectrumoffers.us/Download/
- knockme24.com/Download/
- www.isdb-ppp.com/Download/
- #payload URLs:
- hxxp://www.donghodinhvigps.com/h/
- hxxp://ajaxtube.com/tFUIADP/
- hxxp://www.selphy.co.uk/RFot/
- hxxp://www.zenzion-shiatsu.fr/OUCF/
- hxxp://www.shop.cakrawalastore.com/uFdANoqw/
- #additions thanks to @nelsonsecurity
- www[.]qixiaoli[.]top/DARDJKRJK/
- www[.]simpleachievements[.]com/nOXubLyf/
- medicinedistributor[.]com/UVRJ/
- shopnz[.]in/fg/
- cabletvinternet[.]us/fFQiRYu/
- #additions thank to @James_inthe_box
- http://punjabgrammarschoolsystem.com/Invoice/
- http://www.medicinedistributor.com/UVRJ/
- #C2 Proxy:
- 41.72.140.141:8080
- #Emotet v4 checkins (post drop C2 comms)
- db.mediaforge.fi
- 78.47.56.164
- rees.default.rees.uk0.bigv.io
- 213.138.101.212
- novomariinsk.ru
- 95.163.86.154
- ns19.deltasystem.cl
- 190.3.183.19
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
