API tools faq
paste
ExecuteMalware

2020-08-25 TA505 IOCs

ExecuteMalware
Aug 25th, 2020
3,172
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 1.14 KB | None | 0 0
raw download clone embed print report
  1. THREAT ATTRIBUTION: TA505
  2.  
  3. SUBJECTS OBSERVED
  4. MONITORING REPORT
  5.  
  6. SENDERS OBSERVED
  7. alcacuba@alcacuba.co.cu
  8. bookings@misselliestravel.co.uk
  9. chris@melificent.com
  10. gabriele.lippold@sys-team.de
  11. info@gurteknik.net
  12. jkim@yeonsung.ac.kr
  13. madalina.costache@evomag.ro
  14. soft@mtmprintsolutions.com
  15. vladislav.niedoba@cloverleaf.cz
  16.  
  17. MALDOC FILE HASH
  18. None
  19.  
  20. PAYLOAD FILE HASH
  21. None
  22.  
  23. MALDOC LANDING PAGE URLS
  24. http://clb.bazzacco.net/k987m.html
  25. http://cukierniatylczynscy.lh.pl/y2afk.html
  26. http://deechtebol.com/h8c4ref.html
  27. http://kockens.pp.se/sgwrxo.html
  28. http://members.chello.nl/~d.jansen24/s3w2kdd.html
  29. http://mjlunalaw.com/t5f74.html
  30. http://reachtherapyllc.com/hxi0324.html
  31. http://texas-diesel.com/ahdht.html
  32. http://ts-shimada.com/zbycb.html
  33.  
  34. bazzacco.net
  35. chello.nl
  36. deechtebol.com
  37. kockens.pp.se
  38. lh.pl
  39. mjlunalaw.com
  40. reachtherapyllc.com
  41. texas-diesel.com
  42. ts-shimada.com
  43.  
  44. MALDOC DISTRIBUTION URLS
  45. https://filesharess.com/?d-297c5e5ae9ea4c5f
  46.  
  47. filesharess.com
  48.  
  49. TA505 C2s
  50. https://near-fast.com/wosl
  51.  
  52. SUPPORTING EVIDENCE
  53. https://twitter.com/stoerchl/status/1298204662944980992
  54. https://app.any.run/tasks/ce2100b8-c4c5-4ac4-8d6c-2a20778e3c40/
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!