Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- IOCs:
- Word Document Lure MD5:
- a49bb89bf2c75c988b187cfc6c0590bb
- Emotet Loader MD5:
- dfe725896c908041ad6c0e1293399265
- Panda Banker MD5:
- c78bf8ed0768f2abe150e5c84c901dd1
- CONFIG:
- {
- "botnet": "2.6.9",
- "check_config": 327685,
- "send_report": 655370,
- "check_update": 1966110,
- "url_config": "https://RXDirectories.top/2hilufymailnizyxoador.dat",
- "url_webinjects": "https://RXDirectories.top/webinjects_new2.dat",
- "url_update": "https://RXDirectories.top/2hilufymailnizyxoador.exe",
- "url_plugin_webinject32": "https://RXDirectories.top/webinject32_new2.bin",
- "url_plugin_webinject64": "https://RXDirectories.top/webinject64_new2.bin",
- "remove_csp": 0,
- "inject_vnc": 0,
- "url_plugin_vnc32": "https://RXDirectories.top/vnc32_new2.bin",
- "url_plugin_vnc64": "https://RXDirectories.top/vnc64_new2.bin",
- "url_plugin_vnc_backserver": "p8bYQMGmXIahkiYgghgivVRVDg0=",
- "url_plugin_backsocks": "https://RXDirectories.top/backsocks_new2.bin",
- "url_plugin_backsocks_backserver": "p8bYQMGmXIahkiYgghgivVRVDg0=",
- "url_plugin_grabber": "https://RXDirectories.top/grabber_new2.bin",
- "grabber_pause": 2,
- "grab_softlist": 1,
- "grab_pass": 1,
- "grab_form": 1,
- "grab_cert": 0,
- "grab_cookie": 0,
- "grab_del_cookie": 0,
- "grab_del_cache": 0,
- "url_plugin_keylogger": "https://RXDirectories.top/keylogger_new2.bin",
- "keylog_process": "cHV0dHkuZXhlAAA=",
- "screen_process": "cHV0dHkuZXhlAAA=",
- "reserved": "Atzk0Gc0nABj9wUAVmi0tJVRcaUYhRDJXKqmBh2RiSJpq3iDnH6+eNDY06HA9+TQz5H2Tjr+3nu7sHXUZtPt21bC9HI6vMlmMA3X2189ChUX9TV1/K5a25HhUOeM+/FdGOUeXn5a2shKsi68WxPa9OLTxNvDiK6k2yNzbSC99mCKXLt3wsiETCpOe+ncy7OHbVnAQ17Qgp0Fac3gBjb7"
- }
Add Comment
Please, Sign In to add comment
