API tools faq
paste
Bank_Security

A New Banking Trojan Malware Targeting Portuguese users

Bank_Security
Oct 24th, 2018
6,701
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 0.95 KB | None | 0 0
raw download clone embed print report
  1. A New Banking Trojan Malware Targeting Portuguese-speaking users.
  2.  
  3. Indicators of Compromise (IoCs)
  4.  
  5. Detected as Trojan.LNK.DLOADR.AUSUJM (LNK file)
  6.  
  7. 695e03c97eaed0303c9527e579e69b1ba280c448476edcf97d7a289b439fa39a
  8. Detected as TSPY_GUILDMA.C (DLL file)
  9.  
  10. d60db526c41356b43d4b916c6913f137d2f2eeb8b1d7472b5c24e3af311d486b
  11. 6852e458e3837c5b2e1354ed9bc5205878c0e94f1211da075dcc6305845fbc33
  12. Command-and-Control Servers
  13.  
  14. hxxp://ewyytrtw4646934[.]eririxab[.]com:25041/03/marxvxinhhmg[.]gif[.]zip?17563326
  15. hxxp://ewyytrtw4646934[.]eririxab[.]com:25041/03/marxvxinhhmgx[.]gif[.]zip?658140462
  16. hxxp://ewyytrtw4646934[.]eririxab.com:25041/03/r1[.]log
  17. hxxp://ewyytrtw4646934[.]eririxab.com:25041/03/marxvxinhhm98[.]dll[.]zip?52828157
  18. hxxp://ewyytrtw4646934[.]eririxab.com:25041/03/marxvxinhhmhh[.]dll[.]zip?974411041
  19. hxxp://ewyytrtw4646934[.]eririxab.com:25041/03/marxvxinhhmhh[.]dll[.]zip?895017548
  20. hxxp://exxxwrtw6115614[.]kloudghtlp[.]com:25056/09/v131[.]xsl?4463977
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!