API tools faq
paste
Advertisement
James_inthe_box

Mnubot IOC's

James_inthe_box
Jun 10th, 2018
668
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 0.48 KB | None | 0 0
raw download clone embed print report
  1. c2:
  2. 187.84.237.138
  3. mssql914.umbler.com
  4. tcp port 5003
  5.  
  6. interesting reg keys accessed:
  7. HKEY_CURRENT_USER\Software\Embarcadero\BDS\18.0\dbExpress
  8.  
  9. keys created:
  10. HKLM\Software\Description\Microsoft\Rpc\UuidTemporaryData
  11. dword: NetworkAddress <- mac address of the box
  12. dword: NetworkAddressLocal <- zero
  13.  
  14. other bits:
  15. Provider=SQLOLEDB.1;Password=102030Abc;Persist Security Info=False;User ID=sqlusername;Initial Catalog=jackjhonson;Data Source=mssql914.umbler.com,5003
  16. UBMSSQL02
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!