Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- A New Banking Trojan Malware Targeting Portuguese-speaking users.
- Indicators of Compromise (IoCs)
- Detected as Trojan.LNK.DLOADR.AUSUJM (LNK file)
- 695e03c97eaed0303c9527e579e69b1ba280c448476edcf97d7a289b439fa39a
- Detected as TSPY_GUILDMA.C (DLL file)
- d60db526c41356b43d4b916c6913f137d2f2eeb8b1d7472b5c24e3af311d486b
- 6852e458e3837c5b2e1354ed9bc5205878c0e94f1211da075dcc6305845fbc33
- Command-and-Control Servers
- hxxp://ewyytrtw4646934[.]eririxab[.]com:25041/03/marxvxinhhmg[.]gif[.]zip?17563326
- hxxp://ewyytrtw4646934[.]eririxab[.]com:25041/03/marxvxinhhmgx[.]gif[.]zip?658140462
- hxxp://ewyytrtw4646934[.]eririxab.com:25041/03/r1[.]log
- hxxp://ewyytrtw4646934[.]eririxab.com:25041/03/marxvxinhhm98[.]dll[.]zip?52828157
- hxxp://ewyytrtw4646934[.]eririxab.com:25041/03/marxvxinhhmhh[.]dll[.]zip?974411041
- hxxp://ewyytrtw4646934[.]eririxab.com:25041/03/marxvxinhhmhh[.]dll[.]zip?895017548
- hxxp://exxxwrtw6115614[.]kloudghtlp[.]com:25056/09/v131[.]xsl?4463977
Add Comment
Please, Sign In to add comment