API tools faq
paste
ExecuteMalware

2020-07-14 Unknown Malware IOCs

ExecuteMalware
Jul 14th, 2020
2,193
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 0.93 KB | None | 0 0
raw download clone embed print report
  1. THREAT ATTRIBUTION: UNKNOWN MALWARE
  2.  
  3. SUBJECTS OBSERVED
  4. Office #5031922
  5.  
  6. SENDERS OBSERVED
  7. Claire King <Alexander@englishtutoring.info>
  8.  
  9. EMAIL BODY
  10. Invoice 6800673
  11.  
  12. Thank You for the business. For all details view your Document from May Company for $1590.50 that is attached.
  13.  
  14. Regards,
  15.  
  16. 504 Trail str.
  17. Denver, CO 26720
  18.  
  19. (303)924-1878
  20.  
  21. Items
  22. Qty
  23. Price
  24. Amount
  25. White Widget
  26. 2
  27. 800.00$
  28. 1600.00$
  29.  
  30. Total
  31. 1600.00$
  32.  
  33. Total Due
  34. 1590.50
  35. Due Date 07/14/2020
  36.  
  37. Copyright © 20
  38. rights reserved
  39.  
  40. DOCUMENT FILE HASHES
  41. invoice_303.xlsm
  42. e9e4df69cc570599e0d0ab062d874703
  43.  
  44. PAYLOAD FILE HASHES
  45. 2.dll
  46. f7ccdd0b0faf488eb520133ea4043d61
  47.  
  48. UNKNOWN PAYLOAD DISTRIBUTION URLS
  49. http://193.38.55.36/QcNpCS
  50. https://nicedelivery.club/2.dll
  51.  
  52. UNKNOWN C2s
  53. 62.108.35.53:443
  54. calmstill.xyz
  55.  
  56. SUPPORTING EVIDENCE
  57. https://www.virustotal.com/gui/file/e6cd4b383bc59ea93852a3132679fc8a208861cc9cfb861a792323771ed8a28d/detection
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!