Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- THREAT IDENTIFICATION: BAZARLOADER
- WEB FORM CONTENTS
- name: Amanda
- email: Maysphoto276@yahoo.com
- message: Hello! My name is Amanda. Your website or a website that your
- organization hosts is infringing on a copyright-protected images owned
- by me personally. Check out this document with the links to my images
- you used at www.<redacted>.com and my earlier publication to obtain the
- evidence of my copyrights. Download it right now and check this out
- for yourself:
- https://firebasestorage.googleapis.com/v0/b/files-d6e6c.appspot.com/o/download-3dk3nvbv4ju3n.html?alt=media&token=0471b204-69d8-4a6c-914a-31a622163a92&l=105655924057099880
- I really believe that you deliberately infringed my legal rights under
- 17 U.S.C. Sec. 101 et seq. and could possibly be liable for statutory
- damage of up to $130,000 as set forth in Section 504 (c)(2) of the
- Digital Millennium Copyright Act (DMCA) therein. This message is
- official notification. I demand the removal of the infringing
- materials described above. Please be aware as a service provider, the
- Digital Millennium Copyright Act requires you, to eliminate and/or
- disable access to the infringing content upon receipt of this
- particular notice. In case you don't cease the use of the
- aforementioned infringing materials a law suit can be initiated
- against you. I have a strong self-belief that utilization of the
- copyrighted materials mentioned above as allegedly infringing is not
- approved by the copyright proprietor, its legal agent, or the
- legislation. I swear, under consequence of perjury, that the
- information in this message is correct and that I am the legal
- copyright proprietor or am authorized to act on behalf of the
- proprietor of an exclusive and legal right that is presumably
- violated. Best regards, Amanda Mays 08/16/2021
- MALDOC DOWNLOAD URLS
- https://firebasestorage.googleapis.com/v0/b/files-d6e6c.appspot.com/o/download-3dk3nvbv4ju3n.html?alt=media&token=0471b204-69d8-4a6c-914a-31a622163a92&l=105655924057099880
- https://morungato.space/nerkl23vhb4/
- https://drive.google.com/uc?export=download&id=19lvLhFngyRrtg-nco6BeSUqgo6oQghBA
- https://doc-04-bg-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/2btpeop445f74euco74tc5r4vlh0q3b2/1629131550000/08811926844747145094/*/19lvLhFngyRrtg-nco6BeSUqgo6oQghBA?e=download
- MALDOC FILE HASHES
- Stolen Images Evidence.zip
- ed95f966a0e5866442fcd940f7c55531
- Which contains:
- Stolen Images Evidence.js
- 9f4d8898110eaf2acae077b8ea6d6c5e
- BAZARLOADER PAYLOAD DOWNLOAD URLS
- http://meshura.space/333g100/index.php
- http://meshura.space/333g100/main.php
- BAZARLOADER PAYLOAD FILE HASHES
- main.php
- 962d7236a91febb63b34fa72ab09357e
- This .dll was renamed and dropped into AppData\Local\Temp
- tqPuZe.dat
- 962d7236a91febb63b34fa72ab09357e
- BAZARLOADER C2
- https://104.248.30.5/static/web/issue
- https://104.248.18.107/static/web/issue
- https://165.227.136.95/static/web/issue
- https://165.227.131.219/static/web/issue
Add Comment
Please, Sign In to add comment