Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- MD5 (2018-12-07.isfbv215.loader.decoded.vk.exe) = 432dd31c7fdee2a58e6bad527b3626b0
- MD5 (2018-12-07.isfbv300.loader.decoded.vk.exe) = a1d90e56a7084ae5f006397b5d4de002
- Bot ['2.15']
- Build ['165']
- Botnet/Group ID ['3146', '3147']
- DGA TLDs ['com', 'ru', 'org']
- Server [’12’]
- Encryption key ['10291029JSJUYNHG']
- DGA CRC ['0x4eb7d2ca']
- DGA Base URL ['constitution.org/usdeclar.txt']
- Domains ['nublatoste.com', 'jabbellabi.com', 'zeurnatine.com']
- Path: ['/images/']
- Bot ['3.00']
- Build ['665']
- Botnet/Group ID ['10000']
- DGA TLDs ['com', 'ru', 'org']
- Server [’12’]
- Encryption key ['2bf79PpFMluZ3xL0']
- Domains ['https://akamaicln.com']
- ISFB v215 Payload Domains:
- ledibermen.com/KHZ/diuyz.php?l=rewb[1-14].tkn
- caentivage.com/KHZ/diuyz.php?l=rewb[1-14].tkn
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement