API tools faq
paste
ExecuteMalware

2020-06-22 ZLoader/Ostap IOCs

ExecuteMalware
Jun 22nd, 2020
2,478
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 2.11 KB | None | 0 0
raw download clone embed print report
  1. THREAT ATTRIBUTION: ZLOADER/OSTAP
  2.  
  3. SUBJECTS OBSERVED
  4. Agreement Number71680 info
  5. Details about Invoice No.97053
  6. Full summary of the Invoice No.85799
  7. Given invoice reminder
  8. Information about invoice - Number#58999
  9. Information about receipt - number#95756 from Phoenix worth
  10. Information regarding Receipt id12893
  11. Invoice id30220, from High Tide Technologies
  12. Invoice No90376 details
  13. Invoicing number32220 information
  14. May Reminder for Invoice
  15. Receipt clarification number45257
  16. Receipt documents ID # 94890
  17. Receipt information - from Phantasm Enterprises
  18. Statement details
  19. This is your Invoice - No.25684
  20. You have Invoice #20732 - Pinnacle dale
  21. You have Overdue Invoice
  22. Your Service Invoice - ID14429
  23.  
  24. SENDERS OBSERVED
  25. anthonycollins935@aol[.]com
  26. beversdishmoranf@aol[.]com
  27. dorley_thegnus@aol[.]com
  28. edther[.]vrogor@aol[.]com
  29. eldredgimogs9@aol[.]com
  30. gidegar.swordmug8h@aol[.]com
  31. giston[.]glisilg@aol[.]com
  32. gliganelrebrind@aol[.]com
  33. hernandezkimberly40@aol[.]com
  34. hwaetferthgiurk1995@aol[.]com
  35. jacksonpaul325@aol[.]com
  36. montkeep.glebur1994@aol[.]com
  37. mooremichelle33@aol[.]com
  38. nenus.isorfilind1962@aol[.]com
  39. pewbourntignus123@aol[.]com
  40. radwearddroorag12c2@aol[.]com
  41. staunpeckfagnusw9@aol[.]com
  42. susan.w75@aol[.]com
  43. wermer_toolge@aol[.]com
  44.  
  45. EXCEL FILE HASHES
  46. 01f03302d012077f42921f5f022b1b8b
  47. 06baff5dded681353e98217e531e0b09
  48. 56f24ba39f68a20d01d5ba0372ee6add
  49. 57e97b88c16aef011ce543e0930a2160
  50. 708b8f2f6a713defcc160bbd9b66592e
  51. 7530719bc6134cf7c4523901b58a3885
  52. 7db83e2efa50182e3e05fa63a4c1d113
  53. 84cf5a196e532faf490309f411421c31
  54. 857e734d562ebb533654659b6b9db663
  55. 99686f55dfc86f498ef592e4e83075fa
  56. a4bce24fe41bb11a400a441da632f552
  57. bd0155c3d7c8c98332b50025bba08675
  58. c6e4623576884dde085dcddaaebec9d0
  59. cc2b9fc6a5bdb2f3ea3207a0bd616794
  60. ceead3bcb59bb9f4eadf805a45e3ffc6
  61. d8601eb6e42c9c812ac5934cf5322388
  62. f5534fcf4f9eb5d56a6370358322da27
  63.  
  64. ZLOADER PAYLOAD URLs
  65. hxxps://joliroomlides[.]tk/wp-keys[.]php
  66. hxxps://loughturnperceidrin[.]ml/wp-keys[.]php
  67. hxxps://metagro[.]com[.]br/wp-keys[.]php
  68. hxxps://thepsaokhue[.]com/wp-keys[.]php
  69.  
  70. hxxp://unencansatecal[.]ml
  71.  
  72. ZLOADER C2s
  73. hxxps://194[.]36[.]191[.]113/RA9cbC/tM0LVE[.]php
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!