API tools faq
paste
Advertisement
G0dR4p3

Lokibot_IOC's_13-06-2018

G0dR4p3
Jun 13th, 2018
199
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 1.11 KB | None | 0 0
raw download clone embed print report
  1. #Lokibot #Malware #Trojan
  2. ------------------------------
  3. 13-06-2018 IOC's
  4. ------------------------------
  5. Main object- "d311aaa5-2d76-421c-832d-09d60287467d"
  6. url http://prapro.tk/netty/Signed%20PI.exe
  7. sha256 293514d6e6722a41484db22dbd39170fc7a56046dc057e61e74d1a59c9db34f6
  8. sha1 6b8d3202a3deb9a205a961bee6a00d0b5db981ae
  9. md5 deab6d15bae0a844dbce0e7fc97d64a6
  10. Dropped executable file
  11. sha256 C:\Users\admin\AppData\Roaming\F63AAA\A71D80.exe 6df94b7fa33f1b87142adc39b3db0613fc520d9e7a5fd6a5301dd7f51f8d0386
  12. DNS requests
  13. domain prapro.tk
  14. Connections
  15. ip 217.146.91.100
  16. HTTP/HTTPS requests
  17. url http://prapro.tk/netty/Panel/five/fre.php
  18.  
  19. -------------------------------
  20. UPDATED 14:37 - 13-06-2018
  21.  
  22. Main object- "Swiftdetails.exe"
  23. url http://ideservesomeacollades.gq/Swiftdetails.exe
  24. sha256 c1094a857b95341db1134b678c35631b5fcc61387faf45f9a0dfcf348098716a
  25. sha1 97f6b8c9befbc10c26c4eaa55e7ac304f49edc89
  26. md5 4cce147dcb1eb6ae3354e830162564b5
  27. DNS requests
  28. domain eleletieleleparthard.ga
  29. Connections
  30. ip 103.63.2.227
  31. HTTP/HTTPS requests
  32. url http://eleletieleleparthard.ga/ari/Panel/fre.php
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!