API tools faq
paste
vk_intel

9-28-2018: #Gozi #ISFB #Banker

vk_intel
Sep 28th, 2018
1,004
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 0.88 KB | None | 0 0
raw download clone embed print report
  1. Loader Original (MD5): be44f8a1c41024bf7e23d08fa068a337
  2. Loader Unpacked (MD5): 4270040795e53dea814f2944d4d118a9
  3. Client Unpacked (MD5): 4a6dbf55608e38c07015f5f03736194f
  4.  
  5. Bot ['2.17']
  6. Build ['30']
  7. Botnet ID ['1000']
  8. DGA TLDs ['com', 'ru', 'org']
  9. Server ['150']
  10. Encryption key ['F1cl1tAcbPsStUtM']
  11. DGA CRC ['0x4eb7d2ca']
  12. DGA Base URL ['constitution.org/usdeclar.txt']
  13. Domains ['doom.matr.at/rpc
  14. tri.umpalok.at/rpc
  15. tt.zicino.at/rpc
  16. fr.aporen.at/rpc
  17. app.nytronex.at/rpc
  18. ops.twidix.at/rpc
  19. io.upcu100.at/rpc
  20. m.umpalok.at/rpc
  21. sq.dreemkol.at/rpc
  22. a1.umpalok.at/rpc
  23. api.leproeg.at/rpc
  24. qqq.matr.at/rpc
  25. cd.ioptool.at/rpc
  26. chat.freemon.at/rpc
  27. mahono.cn/rpc
  28. win.zicino.at/rpc]
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!