Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- #Shade #Troldesh #Ransomware
- -------------------------------------
- 22-01-2019 IOC's
- -------------------------------------
- Main object- "39ab2cee9c8bc71a8f708bd374dbf37ca0d31487cebb686ac23b81feb6e2d58c.bin.gz"
- sha256 3b2b81cbb3fc2750e92976f58f9731763dd61cc0337d401fa9f550a8d2d16ae8
- sha1 2f351e3b65838d6ab9192d81cd50e742c8a724fa
- md5 5c7011b30b1eb5c4796374c4e48d9df8
- Dropped executable file
- sha256 C:\Users\admin\AppData\Local\Temp\rad6350C.tmp 45e0d4bf86d3c98780dd286eb70a2813dce12ab88267b162bf9bb91d63b4d45f
- DNS requests
- domain vina.market
- Connections
- ip 45.252.248.24
- ip 154.35.32.5
- ip 208.83.223.34
- HTTP/HTTPS requests
- url http://vina.market/wp-includes/ID3/ssj.jpg
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
