Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- MD5 (2018-11-25.isfbv217.loader.decoded1.vk.exe) = 28a21953e3ad5d6a2509a4fa7485cf35
- MD5 (2018-11-25.isfbv217.loader.decoded2.vk.exe) = e8624db895476425082ab029bb9690a6
- MD5 (2018-11-25.isfbv217.loader.decoded3.vk.exe) = 1015f96d4ebd758d7653b2fb342b36c9
- MD5 (2018-11-25.isfbv217.loader.decoded4.vk.exe) = 65af0f8bfa130423a812a0d341e44f9d
- Bot ['2.17']
- Build ['39']
- Botnet/Group ID ['3122', '3123']
- DGA TLDs ['com', 'ru', 'org']
- Server [’12’]
- Encryption key ['10291029JSJUYNHG']
- DGA CRC ['0x4eb7d2ca']
- DGA Base URL ['constitution.org/usdeclar.txt']
- Domains ['skondevoin.com', 'objecopoly.com', 'eastiggeno.com']
- Path: ['/images/']
- Bot ['2.17']
- Build ['39']
- Botnet/Group ID ['3124', '3125']
- DGA TLDs ['com', 'ru', 'org']
- Server [’12’]
- Encryption key ['10291029JSJUYNHG']
- DGA CRC ['0x4eb7d2ca']
- DGA Base URL ['constitution.org/usdeclar.txt']
- Domains ['tawaxicatu.com', 'objecopoly.com', 'eastiggeno.com']
- Path: ['/images/']
- 2nd Stage:
- orolemonge.com/LYW/quines.php?l=mizo[1-14].bod
- cysioniven.com/LYW/quines.php?l=mizo[1-14].bod
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
