ExecuteMalware

2020-10-20 Bazar IOCs

Oct 20th, 2020 (edited)
2,801
0
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 1.07 KB | None | 0 0
  1. THREAT ATTRIBUTION: BAZAR
  2.  
  3. SUBJECTS OBSERVED
  4. RE: <Company Name> Employee Survey
  5. RE: Confirmation Required
  6.  
  7. SENDERS OBSERVED
  8. Angel.Hudson@iemployeemanage.com
  9. angella.graham@candicebernardoni.com
  10. Auribria.Traynham@westbeachpavilion.com
  11. Hugh.Lawton@candicebernardoni.com
  12. Hugh.Lawton@clermontpediatricdentistry.org
  13. Jennifer.Salmons@candicebernardoni.com
  14. Jennifer.Salmons@clermontpediatricdentistry.org
  15. Priestly.Thou@westbeachpavilion.com
  16. Whitney.Cooper@iemployeemanage.com
  17. William.Allen@clermontpediatricdentistry.org
  18.  
  19. BAZAR PAYLOAD FILE HASHES
  20. Report-Review20-10.exe
  21. 41a2679eebd337096f285f29b0a7ff4c
  22.  
  23. DIGITAL SIGNATURE
  24. NOSOV SP Z O O
  25.  
  26. LANDING PAGE URLS
  27. https://docs.google.com/document/d/e/2PACX-1vR9eQbtqqQvUQRxqKrWeg7ZtduxOAK0rVWkiatZ3f6Fr7H_tYVrIKbEgtcwkO2tk9Pbq_A3K2MpZbu9/pub
  28. https://docs.google.com/document/d/e/2PACX-1vSpTpo1NZmX2GJVMWeQyl4a5wg3LbIo1Gkn_woY__HRU6lGSflycZScqRG4VU6bSd3SOxLs1yHoRqPk/pub
  29.  
  30. PAYLOAD DOWNLOAD URLS
  31. https://files.slack.com/files-pri/T01DBJ7HSHF-F01CW2GTLCD/download/report-review20-10.exe?pub_secret=8caac895e5
  32.  
  33. BAZAR C2
  34. UNKNOWN
Add Comment
Please, Sign In to add comment