Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- #GandCrab #V5.1 #Ransomware
- -----------------------------------
- 23-01-2019 IOC's
- -----------------------------------
- Main object- "6d20fce7ff12863ee648eff76a6e77e67bd78fb93fd137456ceb134de4b30be1.bin.gz"
- sha256 a9d5bbbb5362438df5944d02fe54ddedc823a28e6d2b97f30d11d09f9b8da08d
- sha1 b36e9573d95e918427b24e3d29ea7d9fd389d5a2
- md5 6ec3df812b92c85421bfa9049c4d8e10
- Dropped executable file
- sha256 C:\windows\temp\putty.exe f7eeda93bcde57d67b4a418077ae47f1f922fab7188a994cb1795ce6d833eeb8
- DNS requests
- domain www.kakaocorp.link
- Connections
- ip 205.185.117.187
- ip 138.201.162.99
- HTTP/HTTPS requests
- url http://205.185.117.187/olalala/putty.exe
- url http://www.kakaocorp.link/
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement