SHARE
TWEET

2019-08-19 - Trickbot binaries, "the PNGs"

malware_traffic Aug 20th, 2019 (edited) 1,244 Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. TRICKBOT BINARIES FROM 185.183.98[.]232 ON 2019-08-19
  2.  
  3. $ curl -H "User-Agent" -o samerton.png hxxp://185.183.98[.]232/samerton.png
  4.   % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
  5.                                  Dload  Upload   Total   Spent    Left  Speed
  6. 100  825k  100  825k    0     0  74144      0  0:00:11  0:00:11 --:--:-- 77093
  7.  
  8. $ curl -H "User-Agent" -o tablone.png hxxp://185.183.98[.]232/tablone.png
  9.   % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
  10.                                  Dload  Upload   Total   Spent    Left  Speed
  11. 100  825k  100  825k    0     0   143k      0  0:00:05  0:00:05 --:--:--  168k
  12.  
  13. $ curl -H "User-Agent" -o wredneg2.png hxxp://185.183.98[.]232/wredneg2.png
  14.   % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
  15.                                  Dload  Upload   Total   Spent    Left  Speed
  16. 100  822k  100  822k    0     0   206k      0  0:00:03  0:00:03 --:--:--  206k
  17.  
  18. $ file *.png
  19. samerton.png: PE32 executable (GUI) Intel 80386, for MS Windows
  20. tablone.png:  PE32 executable (GUI) Intel 80386, for MS Windows
  21. wredneg2.png: PE32 executable (GUI) Intel 80386, for MS Windows
  22.  
  23. $ shasum -a 256 *.png
  24. c3477f3515c1bee5367cf0183883fc08e5edb40db40250b16b5fafba9875c582  samerton.png
  25. 9a5025c9388306f0988138cd0f7b7b0318d06307c5f50f7fc44b2692da647345  tablone.png
  26. e24925c9aa1281bd6f67109404b716591e444ce8d18e1056a589125ff6805224  wredneg2.png
RAW Paste Data
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy. OK, I Understand
 
Top