Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- THREAT IDENTIFICATION: REMCOS RAT
- SUBJECTS OBSERVED
- Separate Remittance Advice: paper document number - 96972
- SENDERS OBSERVED
- MALDOC FILE HASHES
- Chase Payment Advice_96972.docm
- 784a11e7c537bfe34e5287708cb0cb77
- INTERMEDIATE PAYLOAD URLS
- http://192.227.158.111/jun.js
- http://192.227.158.111/fit.jpg
- INTERMEDIATE PAYLOAD FILE HASHES
- jun.js
- ceb58144b89ea3c7d42611b451e21cb7
- fit.jpg
- fdbac45ef0ed9de668c0740bd80e1379
- REMCOS C2
- twistednerd.dvrlists.com
- https://141.98.102.243:41078
Advertisement
Add Comment
Please, Sign In to add comment
