API tools faq
paste
ExecuteMalware

2020-09-08 Qakbot IOCs

ExecuteMalware
Sep 8th, 2020
3,006
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 1.11 KB | None | 0 0
raw download clone embed print report
  1. Qakbot
  2. ======
  3. Complaint_Letter_290270827_09072020.zip
  4. 8cb052014dc2d99741be83951ee7b654
  5.  
  6. Complaint_Letter_290270827_09072020.doc
  7. ffb4cc84f20d1d8c394335cf444fd6fe
  8.  
  9. Losters.cmd
  10. 14d0600c1ca47a14831f463b9c304367
  11.  
  12. 55555555.png
  13. 6763bd6eaec33e182e9befe5e5c10b70
  14.  
  15.  
  16. Opening the Word Document drops the following file:
  17. C:\drivers\Losters.cmd file
  18.  
  19. It then tries to download from:
  20. http://talantinua.com/apawn/55555555.png
  21. http://dellenbene.de/wpfsjfcrp/55555555.png
  22. http://www.pauwstoffering.nl/pqwwmqzgjot/55555555.png
  23. http://acrinetshop.com.br/arnphkv/55555555.png
  24. http://www.corbettasalvatore.com/bolcv/55555555.png
  25. http://lojacorpoemente.com.br/beuefuqpd/55555555.png
  26. http://sulduzkhabar.ir/fhrhowc/55555555.png
  27. http://hillsborobookkeeping.com/yowyvoux/55555555.png
  28. http://evutt.ee/imjzrilmu/55555555.png
  29. http://anawabighschool.com/lipun/55555555.png
  30. http://www.serramentispada.it/odisaehjgg/55555555.png
  31. http://papadeilumi.it/kupmmngtbbn/55555555.png
  32. http://www.crippacostruzioni.it/jnatzwzp/55555555.png
  33. http://emulatorgame.ir/ocdxvkhvmtjx/55555555.png
  34.  
  35. Supporting Evidence:
  36. https://urlhaus.abuse.ch/url/455597/
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!