malware_traffic

Trickbot EXE files seen from .png URLs on 2019-09-25

Sep 25th, 2019
983
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. TRICKBOT EXE FILES FROM PNG-EXTENSION URLS SEEN ON WEDNESDAY 2019-09-25:
  2.  
  3. hxxp://185.98.87[.]185/samerton.png
  4. hxxp://185.98.87[.]185/tablone.png
  5. hxxp://185.98.87[.]185/wredneg2.png
  6.  
  7. $ file *.png
  8. samerton.png: PE32 executable (GUI) Intel 80386, for MS Windows
  9. tablone.png: PE32 executable (GUI) Intel 80386, for MS Windows
  10. wredneg2.png: PE32 executable (GUI) Intel 80386, for MS Windows
  11.  
  12. $ shasum -a 256 *.png
  13. 4a5bdf328d682efaec55979b3e0723db5bb79775c7c133936c779e3bdc03201d samerton.png
  14. 7d7c9b407e4ecb92c554a8813625f9e27b85231348f0ebbb0ff3531488160878 tablone.png
  15. 9d4b47168d59257dfcbf51f2d4df30f6f30894fb3fc94ca9f34fa9beebc952b4 wredneg2.png
RAW Paste Data