Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- THREAT IDENTIFICATION: ICEDID
- FORM CONTENTS
- Hi!
- My name is Tommy.
- Your website or a website that your company hosts is infringing on a copyrighted images owned by me personally.
- Check out this official document with the hyperlinks to my images you utilized at www.<yourdomainname>.com and my earlier publication to find the evidence of my copyrights.
- Download it now and check this out for yourself:
- https://sites.google.com/view/b93uhfgdfj38fdh-3ifdshi3dhj/d/shared/0/download/file?f=412487269847230846
- In my opinion you have deliberately violated my rights under 17 USC Section 101 et seq. and could possibly be liable for statutory damages as high as $150,000 as set-forth in Section 504 (c)(2) of the Digital millennium copyright act (DMCA) therein.
- This letter is official notification. I demand the elimination of the infringing materials mentioned above. Take note as a service provider, the Digital Millennium Copyright Act requires you, to remove or/and deactivate access to the infringing content upon receipt of this particular notification letter. In case you do not stop the utilization of the above mentioned copyrighted content a legal action will be initiated against you.
- I do have a good belief that use of the copyrighted materials mentioned above as allegedly violating is not permitted by the copyright owner, its legal agent, or the laws.
- I swear, under consequence of perjury, that the information in this message is accurate and that I am currently the legal copyright proprietor or am authorized to act on behalf of the proprietor of an exclusive right that is allegedly infringed.
- Regards,
- Tommy Cohen
- 05/28/2021
- MALDOC DOWNLOAD URL
- https://sites.google.com/view/b93uhfgdfj38fdh-3ifdshi3dhj/d/shared/0/download/file?f=412487269847230846
- MALDOC FILE HASHES
- Stolen Images Evidence.zip
- 5b1eb1248d06343a79c592bec9faa4e8
- Stolen Images Evidence.js
- c17a93ce071880665ee8ba926dec6804
- ICEDID PAYLOAD DOWNLOAD URLS
- http://manusart.top/034g100/index.php
- http://manusart.top/034g100/main.php
- ICEDID PAYLOAD FILE HASHES
- main.php
- 48f2f59ffbcb987055b7d04f9a0cce5c
- ICEDID C2
- http://lascakatheather.shop/
- 172.67.192.197
- C2 TRAFFIC
- GET / HTTP/1.1
- Connection: Keep-Alive
- Cookie: __gads=1810231353:1:931:125; _gat=10.0.17134.64; _ga=1.329303.2020557398.150; _u=4D534544474557494E3130:494555736572:41433442433845314533423344454637; __io=21_1058341133_2092417715_4019509128; _gid=40084938E048
- Host: lascakatheather.shop
- HTTP/1.1 404 Not Found
- Date: Fri, 28 May 2021 15:51:26 GMT
- Content-Type: text/html; charset=UTF-8
- Transfer-Encoding: chunked
- Connection: keep-alive
- CF-Cache-Status: DYNAMIC
- cf-request-id: 0a55456c0e0000e6ccac186000000001
- Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=qEVzvSLnSGLcmr5EiFakDpRbviDKt76DMM%2F%2B5BsvL7hJv7IHeTnpKvbMph%2Bujd5%2Bq7Gk1Y%2FxPXZhmFgHezyHrZYCoqCuDyd3CpZvMksUkq2Gq5SH9UvYmUomXngs7AoUxpg%3D"}],"group":"cf-nel","max_age":604800}
- NEL: {"report_to":"cf-nel","max_age":604800}
- Server: cloudflare
- CF-RAY: 6568a4f34b1ce6cc-EWR
- alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
- <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
- <html><head>
- <title>404 Not Found</title>
- </head><body>
- <h1>Not Found</h1>
- <p>The requested URL was not found on this server.</p>
- <hr>
- <address>Apache Server at lascakatheather.shop Port 80</address>
- </body></html>
- SUPPORTING EVIDENCE
- https://www.microsoft.com/security/blog/2021/04/09/investigating-a-unique-form-of-email-delivery-for-icedid-malware/
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement