Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- ZLoader
- -------
- SUBJECTS OBSERVED
- Receipt data No.70000, from Ansoft
- SENDERS OBSERVED
- broilba.rustytap1988i@aol.com
- EXCEL FILE HASHES
- 76b47a2dc3c5d454bc12c636b705c8a1
- ZLOADER PAYLOAD URLs
- http://newsblog.usflydeals.com/wp-keys.php
- https://chaplaincy.covenantuniversity.edu.ng/wp-keys.php
- Remocs 1
- --------
- MALDOC FILE HASHES
- Remittance Advice.xlsm
- f87960e83ded6f88bef4a4d6cdeba6f6
- multistation.vbs
- 5d54687f3570148a61b93f8e0e33a986
- PAYLOAD FILE HASHES
- Attack.jpg
- 0f3a2512f7220273f08316d38af5e292
- PAYLOAD URL
- http://worldwidetechsecurity.com/Administrator/Multitask/Attack.jpg
- Remcos 2
- --------
- MALDOC FILE HASHES
- ACH Payment.img
- 05ce5107a9f59e9b817bd3b45c5a5eeb
- ACH Payment.vbs
- 1ca453fc90bee283ebca6f09ee88e961
- PAYLOAD FILE HASHES
- Attack.jpg.2
- e55fcce3c684804829084b586a4a062d
- PAYLOAD URL
- https://cobbtownholiness.com/kings/foldrt/good/luck/Attack.jpg
- Unknown Malware
- ---------------
- MALDOC FILE HASHES
- PO637682 DRAWING ITEMS & PO7387273823_doc.7z
- ddc05440d7194bf3b742cc2a0859ce5a
- PAYLOAD FILE HASHES
- PO637682 DRAWING ITEMS & PO7387273823_doc.exe
- 4e27900568769c906d602caab43a6045
- SUPPORTING EVIDENCE
- https://www.virustotal.com/gui/file/e83a362528301156b853909e27649e52db6de0bbc81430578fdc3dd0b844586a/detection
- https://www.virustotal.com/gui/file/4E27900568769C906D602CAAB43A6045/detection
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
