Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- Indicators of Compromise (IoCs)
- Some of the IoCs we worked with when writing this blog can be used to detect CamuBot:
- MD5:
- E0EB6840DA0A24F8F67102417BFDF408 (suporte.exe)
- Phishing domain used by the CamuBot fraudsters to host their malware downloads:
- suporteoperador[.]com
- Examples of URLs that were used in the attacks/fraudster’s control panels:
- hxxps://empresas[.]suporteoperador[.]com/
- hxxps://office[.]suporteoperador[.]com/empresas/
Add Comment
Please, Sign In to add comment