Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- Hancitor phishing IOC
- September 5, 2017
- From: [email protected]
- Subject: Holdmail Confirmation Document <8 digits> OR Holdmail Document <8 digits>
- Downloaded document name: Tracking_<6 digist>.doc
- Document SHA-256: c95a068e72de595a6e9b0c29bdc1745e87f2eb54eedeeb58c0fbf4fad9ce2211
- Phishing URLs
- http://downetwpnj.net/lenta.php?d=
- http://eaglesmereautomuseum.info/lenta.php?d=
- http://eaglesmereautomuseum.org/lenta.php?d=
- http://firelinktechnology.com/lenta.php?d=
- http://firelinktechnology.net/lenta.php?d=
- http://keatingfamilymail.info/lenta.php?d=
- http://keatingfamilymail.net/lenta.php?d=
- http://keatingfamilymail.org/lenta.php?d=
- http://proconservicesllc.com/lenta.php?d=
- http://superiorcomfortpro.us/lenta.php?d=
- http://superiorhvacuniversity.com/lenta.php?d=
- http://superiorhvacuniversity.org/lenta.php?d=
- http://turbotville.com/lenta.php?d=
- Botnet CNC URLs
- http://orcateheck.com/ls5/forum.php
- http://hedtfortedlet.ru/ls5/forum.php
- http://disitofle.ru/ls5/forum.php
- Malware delivery URLs
- http://crabbiesfruits.com/wp-content/plugins/regenerate-thumbnails/3
- http://fortexintl.com/3
- http://www.oklifestore.com/blog/3
- http://www.idyemyhair.com/blog/3
- http://www.hkcwcc.edu.hk/wordpress/3
- http://migs.me/3
- File 1 SHA-256 8355b66cfaa30f16a8f2e19ef48881d665e8895b3087f95641ee188b8865d361
- File 2 SHA-256 e0083ede887e41e704067f590c8b41c5aaa02056469a015bb5965e3504636bd0
- File 3 SHA-256 b1ad489c9fd767f562e475fedb28382501207008846e9846cb524da8fdc8298e
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
