API tools faq
paste
ExecuteMalware

2020-07-08 ZLoader IOCs

ExecuteMalware
Jul 8th, 2020
2,853
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 0.96 KB | None | 0 0
raw download clone embed print report
  1. SUBJECTS OBSERVED
  2. Additional information about receipt id#315
  3. Contract No. 472 data
  4. Invoice reminder
  5. Invoicing id 136 information
  6.  
  7. SENDERS OBSERVED
  8. hopcondegnarh1@aol[.]com
  9. janailla[.]tuldo@aol[.]com
  10. toidecanshinybarrel26@aol[.]com
  11. walredvooshnak@aol[.]com
  12.  
  13. EXCEL FILE NAMES
  14. Inv_691.xls
  15. Qt_315.xls
  16. rec136[.]xls
  17. Ref_472.xls
  18.  
  19. EXCEL FILE HASHES
  20. 1202afaab98180a9d90b085a61ee57b2
  21. 2e031bf7fa5d80057b288c7e89125e7e
  22. 63365be1073480520dda68dac9adaf73
  23. e25b63bfb49c3e5f306524345773394f
  24.  
  25. ZLOADER PAYLOAD URLs
  26. hxxp://anatoliadrilling[.]com/wp-keys[.]php
  27. hxxp://charlesengineering[.]in/wp-keys[.]php
  28. hxxp://dcws-ev[.]com/wp-keys[.]php
  29. hxxp://doorbhai[.]com/wp-keys[.]php
  30.  
  31. ZLOADER C2s
  32. hxxps://rdaprint[.]in/wp-parsing[.]php
  33. hxxps://vishweshwarastrology[.]com/wp-parsing[.]php
  34. hxxps://statpasapipag[.]tk/wp-parsing[.]php
  35. hxxps://www[.]netinup[.]it/wp-parsing[.]php
  36. hxxps://www[.]oneolimpio[.]tech/wp-parsing[.]php
  37. hxxps://hanskingrypgirigolf[.]ml/wp-parsing[.]php
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!