API tools faq
paste
ExecuteMalware

2021-05-27 IcedID IOCs

ExecuteMalware
May 27th, 2021
16,835
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 2.32 KB | None | 0 0
raw download clone embed print report
  1. THREAT IDENTIFICATION: ICEDID
  2.  
  3. SENDERS OBSERVED
  4. [email protected]
  5.  
  6. FORM CONTENTS
  7. Hi!
  8.  
  9. My name is Melody.
  10.  
  11. Your website or a website that your company hosts is infringing on a copyright protected images owned by myself.
  12.  
  13. Take a look at this report with the hyperlinks to my images you used at www.<yourdomain>.com and my previous publications to get the proof of my copyrights.
  14.  
  15. Download it now and check this out for yourself:
  16.  
  17. https://sites.google.com/view/234387234572004834/d/download/0/shared/files?fileID=140612158322889214
  18.  
  19. I believe you've deliberately violated my rights under 17 U.S.C. Section 101 et seq. and could be liable for statutory damages as high as $130,000 as set-forth in Sec. 504(c)(2) of the Digital millennium copyright act (”DMCA”) therein.
  20.  
  21. This message is official notice. I demand the elimination of the infringing materials described above. Please be aware as a service provider, the Digital Millennium Copyright Act demands you, to remove and terminate access to the copyrighted materials upon receipt of this notification letter. In case you do not stop the utilization of the aforementioned copyrighted content a legal action can be initiated against you.
  22.  
  23. I have a strong faith belief that use of the copyrighted materials referenced above as presumably violating is not permitted by the copyright owner, its legal agent, as well as laws.
  24.  
  25. I swear, under consequence of perjury, that the information in this letter is accurate and that I am the legal copyright owner or am certified to act on behalf of the proprietor of an exclusive right that is allegedly infringed.
  26.  
  27. Regards,
  28. Melody Lynn
  29.  
  30. 05/27/2021
  31.  
  32. MALDOC DOWNLOAD URL
  33. https://sites.google.com/view/234387234572004834/d/download/0/shared/files?fileID=140612158322889214
  34.  
  35. MALDOC FILE HASHES
  36. Stolen Images Evidence.zip
  37. ddfc4e91a1750dc184dad19cab97c3fe
  38.  
  39. Stolen Images Evidence.js
  40. 8a7efa40b42b6de785f13dcd505a0b1a
  41.  
  42. PAYLOAD DOWNLOAD URLS
  43. http://bediloper.top/034g100/index.php
  44. http://bediloper.top/034g100/main.php
  45.  
  46. main.php
  47. a8737302ebec172bbf8f1dfe30a81b64
  48.  
  49. RYDTKuh.dat
  50. 8dabd9a48c5b96cc629d72cc9b0c0d0d
  51.  
  52. They're both 64-bit .dll files
  53.  
  54. ICEDID C2s
  55. http://lascakatheather.top/
  56. 172.67.198.112
  57.  
  58. SUPPORTING EVIDENCE
  59. https://www.microsoft.com/security/blog/2021/04/09/investigating-a-unique-form-of-email-delivery-for-icedid-malware/
Advertisement
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!