API tools faq
paste
ExecuteMalware

2020-05-13 ZLoader IOCs

ExecuteMalware
May 13th, 2020
3,137
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 2.69 KB | None | 0 0
raw download clone embed print report
  1. SUBJECTS OBSERVED
  2. Case 3992880: invoice 3992880 is freezed
  3. Case 9959087: invoice 9959087 is suspended
  4. Contract 6430763 sent by fax
  5. Forwarded fax letter
  6. Incoming Invoice, from Cannon master
  7. Invoice
  8. Invoice 2245595 successfully paid
  9. May Incoming Invoice - No. #8576
  10. May Incoming Invoice id8848
  11. May New Invoice - No.9292, from Jet Security
  12. May New Invoice, number # 6511, Gold Coms
  13. May Overdue Invoice - Bee worth
  14. May Service Invoice - No.#7549
  15. May Service Invoice, Hurricane Technologies
  16. May Service Invoice, No#372
  17. May Unpaid Invoice
  18. May Unpaid Invoice - # 3834
  19. New customer Invoice number7461 - Nimble head
  20. New Invoice id #6286
  21. Payment 1879268 for sent invoice 1879268 is received
  22. Receipt 2998711
  23. Receipt 7945423 fully covered
  24. Service Invoice from Sun scape
  25. This is your Invoice - from Bluff Motors
  26. This is your Invoice - No. # 1029 from Sail star
  27. This is your New Invoice - No6938 - from Prime Enterprises
  28. This is your New Invoice, id #4055
  29. This is your Service Invoice
  30. This is your Unpaid Invoice, Number4348 - Vinedustries
  31. You have Incoming Invoice -#2069 - Witch Navigations
  32. You have New Invoice - number #4268 from Karma sys
  33. You have Reminder for Invoice - from Honey space
  34. Your Invoice, ID # 2253 - Crystal land
  35. Your New service Invoice, No. # 5024
  36. Your Reminder for Invoice ID#1977
  37.  
  38. SENDERS OBSERVED
  39. battdurch.prefri1974@o2.pl
  40. brown.bettyvivv@wp.pl
  41. carter.elizabethskhi@wp.pl
  42. davis.karendxur@wp.pl
  43. erhay.jacne1980@o2.pl
  44. green.dorothyjizj@wp.pl
  45. hall.christopherrayr@wp.pl
  46. hernandez.richardpz25@wp.pl
  47. johnson.lisaunws@wp.pl
  48. king.laura07ms@wp.pl
  49. lewis.margaret0ydu@wp.pl
  50. lopez.patriciacoxi@wp.pl
  51. martin.sharon1yqb@wp.pl
  52. miller.stevenri0x@wp.pl
  53. mitchell.barbarajwyd@wp.pl
  54. mitchell.donaldmx7l@wp.pl
  55. perez.karenomyf@wp.pl
  56. permi.quane1989@o2.pl
  57. rodriguez.bettyuopo@wp.pl
  58. rodriguez.brian4aay@wp.pl
  59. slivob.pleser1985@o2.pl
  60. softfil.othlol1977@o2.pl
  61. specfigh.isof1989@o2.pl
  62. taylor.dorothypsel@wp.pl
  63. taylor.jeffrp3o@wp.pl
  64. taylor.jennifernqix@wp.pl
  65. thomas.ruthctdu@wp.pl
  66. thompson.markvfo5@wp.pl
  67. thompson.michelle11ng@wp.pl
  68. tiotras.provep1983@o2.pl
  69. voygall.blocal1985@o2.pl
  70. white.thomas33fe@wp.pl
  71. williams.lisausfb@wp.pl
  72. wright.karenpn7p@wp.pl
  73. young.ruthqscf@wp.pl
  74.  
  75. EXCEL FILE HASHES
  76. 4b1d175d5f23a153c8e1f0d1e1256ee7
  77. ed39f3d4eb89c355a0c7a4634f5d4707
  78. 0165211072c342723c6d4eb7fefa3391
  79.  
  80. ZLOADER PAYLOAD FILE HASHES
  81. xPlYvju.html
  82. 1f402f64daabb440419fe10979858e59
  83.  
  84. ZLOADER PAYLOAD URLs
  85. https://dehabadi.ir/wp-keys.php
  86. https://eleventalents.com/wp-front.php
  87.  
  88. https://dehabadi.ir/wp-content/uploads/2020/05/f13r3.php
  89.  
  90. ZLOADER C2s
  91. https://dehabadi.ir/wp-parser.php
  92. https://confirmgood.com/wp-parser.php
  93. https://dotworldtour.com/wp-parser.php
  94. https://eleventalents.com/wp-parser.php
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!