malware_traffic

2019-07-30 - Trickbot binaries, "the PNGs"

Jul 30th, 2019
936
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. 2019-07-30 - TRICKBOT BINARIES, "THE PNGS"
  2.  
  3. NOTE: On Tuesday 2019-07-30, the names changed in URLs ending in .png that are used by Trickbot-infected hosts to retrieve additional Trickbot malware binaries. The most recent URLs are noted below.
  4.  
  5. hxxp://37.228.117.152/samerton.png
  6.  
  7. - https://www.virustotal.com/gui/file/49abc0ad95a6581d42f6a9fdda0eb97549b0e8bb3b1e83b724b19e15afec75b9/detection
  8. - https://app.any.run/tasks/3c585551-9f32-493a-9899-68af41e48b7b
  9. - https://cape.contextis.com/analysis/86687/
  10. - https://www.reverse.it/sample/49abc0ad95a6581d42f6a9fdda0eb97549b0e8bb3b1e83b724b19e15afec75b9
  11.  
  12. hxxp://37.228.117.152/tablone.png
  13.  
  14. - https://www.virustotal.com/gui/file/09bcef0368de87c29784d7ecad0328286ec1fb4fb714b7c039cc11a1cf00891f/detection
  15. - https://app.any.run/tasks/c8c54816-58e0-4871-8343-a6069ebef54e
  16. - https://cape.contextis.com/analysis/86688/
  17. - https://www.reverse.it/sample/09bcef0368de87c29784d7ecad0328286ec1fb4fb714b7c039cc11a1cf00891f
  18.  
  19. hxxp://37.228.117.152/wredneg.png
  20.  
  21. - https://www.virustotal.com/gui/file/440ce38443a8f6032261ad9e567d64836eeeb7d44f6dfbe9b0c2eb384acf38f7/detection
  22. - https://app.any.run/tasks/fc4f85a6-85ed-4de7-9359-dd11f548e438
  23. - https://cape.contextis.com/analysis/86689/
  24. - https://www.reverse.it/sample/440ce38443a8f6032261ad9e567d64836eeeb7d44f6dfbe9b0c2eb384acf38f7
RAW Paste Data