API tools faq
paste
Advertisement
ExecuteMalware

2020-11-25 ZLoader IOCs

ExecuteMalware
Nov 25th, 2020
4,700
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 0.99 KB | None | 0 0
raw download clone embed print report
  1. THREAT ATTRIBUTION: ZLOADER
  2.  
  3. SUBJECTS OBSERVED
  4. Account invoice delayed 709936
  5. Account invoice outstanding 325617
  6. Agreement No 5678 information
  7. Bill delayed 911534
  8. Bill outstanding 222448
  9. Bill overdue 577747
  10. Payment outstanding 462406
  11. Payment past due 484476
  12.  
  13. SENDERS OBSERVED
  14. best@besttrading.co.kr
  15. coulibaly.f@apefe.bf
  16. events@durnhouse.co.uk
  17. majdgptw.0@ezweb.ne.jp
  18. phyllis.salsedo@mcmail.maricopa.edu
  19. s4trokan@aol.com
  20. thaisaepifanio@terra.com.br
  21. uen560@hanmail.net
  22.  
  23. EXCEL FILE HASHES
  24. 3c54a4d5b6675628e090e6a8f799f9fa
  25. ceba0107a131a1f8931982327cd328bf
  26. dcedcce7c2a97e7ee34ae1ef2504e55c
  27.  
  28. EXCEL FILE NAMES
  29. 5678.xls
  30. case-4738.xls
  31. case_3351.xls
  32. case_5390.xls
  33. invoice.9030.xls
  34. invoice.9445.xls
  35. invoice4372.xls
  36. invoice6194.xls
  37.  
  38. ZLOADER PAYLOAD URLS
  39. https://acweb.org/times.php
  40. https://skill.fashion/wp-data.php
  41. https://syracuse.best/wp-data.php
  42. https://www.visionlightingcorp.com/wp-scan.php
  43.  
  44. acweb.org
  45. skill.fashion
  46. syracuse.best
  47. visionlightingcorp.com
  48.  
  49. ZLOADER C2s
  50. Unknown
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!