Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- MD5 (2018-12-03.isfbv215.client.decoded.vk.dll) = c4762475ada82c2108a291b02c56a270
- MD5 (2018-12-03.isfbv215.loader.decoded.vk.exe) = 96f738c787dbfd3c3ad7d217e758664e
- Bot ['2.15']
- Build ['165']
- Botnet/Group ID ['3135', '3137']
- DGA TLDs ['com', 'ru', 'org']
- Server [’12’]
- Encryption key ['10291029JSJUYNHG']
- DGA CRC ['0x4eb7d2ca']
- DGA Base URL ['constitution.org/usdeclar.txt']
- Domains ['oshokasara.com', 'chokatawan.com', 'guridorosh.com']
- Path: ['/images/']'
- Bot ['2.15']
- Build ['165']
- Botnet/Group ID ['3133', '3134']
- DGA TLDs ['com', 'ru', 'org']
- Server [’12’]
- Encryption key ['10291029JSJUYNHG']
- DGA CRC ['0x4eb7d2ca']
- DGA Base URL ['constitution.org/usdeclar.txt']
- Domains ['zweideckei.com', 'ziebelschr.com', 'endetztera.com']
- Path: ['/images/']
- Payload Domains:
- hayaushiru.com/KHZ/diuyz.php?l=boon[1-14].tkn
- tazukasash.com/KHZ/diuyz.php?l=gymk[1-14].tkn
- navectrece.com/SXC/ptyie.php?l=geor[1-14].tkn
- wizoidiazi.com/SXC/ptyie.php?l=geor[1-14].tkn
- koentacist.com/KHZ/diuyz.php?l=bebu[1-14].tkn
- thipissney.com/KHZ/diuyz.php?l=bebu[1-14].tkn
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement