API tools faq
paste
ExecuteMalware

2020-04-24 Lokibot IOCs

ExecuteMalware
Apr 24th, 2020
2,556
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 0.71 KB | None | 0 0
raw download clone embed print report
  1. SUBJECTS OBSERVED
  2. Overdue Balance// INV#2020-000185& 2020-000186
  3. Shipping Documents//change in the destination of your goods
  4.  
  5. SENDERS OBSERVED
  6. anthonius@att-group.co.id
  7. chart@ferrandoemassone.com
  8.  
  9. EXCEL FILE HASHES
  10. DRAFT SHIPPING DOCUMENTS.xlsx
  11. 800043cbd22f836c2889c5558c3c9c8d
  12.  
  13. ferrandoemassone pymt slip.xlsx
  14. 9fb90898d3f455cac7c39c2d793fc8e2
  15.  
  16. PAYLOAD EXE FILE HASHES
  17. winlog.exe
  18. 77120727da31f18d9ad6944a063b7482
  19.  
  20. svchost.exe
  21. f7d1c25129ff84fd6e17a097e677e520
  22.  
  23. LOKIBOT PAYLOAD DISTRIBUTION URLS
  24. http://kung14wsdyeduationaldeveloperinvestmentt.duckdns.org/kungdoc/winlog.exe
  25. http://15wsdychneswealthandmoduleorganisationcv.duckdns.org/secure/svchost.exe
  26.  
  27. LOKIBOT C2
  28. http://avertonbullk.com/ig4/fre.php
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!