SHARE
TWEET

West African Financial Institutions Hit by Wave of Attacks

Bank_Security Jan 17th, 2019 168 Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. West African Financial Institutions Hit by Wave of Attacks
  2.  
  3.  
  4. The first attack type
  5. Files
  6.  
  7. MD5 SHA256  Description
  8. 24015acd155ec7305805dbdff1dd074d    80a2576c3148ba5123aa016bf01e72bba53995b172dd263ab2071fad1c9d548d    Trojan.Nancrat (Nanocore)
  9. 4d49e578d359185324acda70a2880dd5    21c87bcccf7e5c164da7c94772ef71a065a862f9ce32341a38eb39ffb7804305    Trojan.Nancrat (Nanocore)
  10. 64b88486170e5cb890a7486965a90e84    dab1953b9135a9bf0c5ffe86b87ab9a9c6fa34482004aa8bb2bf7ea8d72c8c62    Trojan.Nancrat (Nanocore)
  11. a8372b48280c6ee5b225f8ccd3cf4814    53f8afe36e562c92140f4f8fa1f8ffce9e1f48b1eaff96bd6ab4b03646b97dc3    Trojan.Nancrat (Nanocore)
  12. 8dd3e20fe9770843bc2c9b2523a7cfb2    8fe18a768769342be49ac33d2ba0653ba7f105a503075231719c376b6ded8846    JavaScript downloader
  13. 470cdc0ea9caed534b14bd5e195d19e8    5f456a55f18bf183a7c988617787a041b90e8ecbeed8a01c583597b3fd19b42e    JavaScript downloader
  14. 605e99ea7dc4e73ae2af59cfb03360ec    ce58546eebd3c8e218b1db19c9c7b5ffe086ee814aab0e891061f8cba954b14d    JavaScript downloader
  15. e8828b155567e587fbeca9069289e0d9    3b7cc16fa5c5a78f0d1816d09a71b835f589de842b20e8c96c7084b9b0a89ff3    Trojan.Nancrat (Nanocore)
  16. Infrastructure
  17.  
  18. Domain
  19. nemesis225.ddns.net
  20. The second attack type
  21. Files
  22.  
  23. MD5 SHA256  Description
  24. 48aa8247b840cc5bf6603972970be279    04f3a52fa8ae1a3af6c965f7c3a4655a98c3c8e1b3d3ffa9e4948bded6ed67d3    Silently installs UltraVNC as a backdoor
  25. c29b2a8249f9ef6adfc9625a2f09207b    74456c52a6d02c06567c0ecf871a15aff25b2204374a62bbb2d5dd027d999fb9    Trojan.Agentemis (Cobalt Strike)
  26. dffdbe7c37216566b73f45547e95c907    28595218d1e6536df5ff53d90e5608f11751ddc2e7585a12bb041d8e9b31e550    Trojan.Agentemis (Cobalt Strike)
  27. 0e006ca75884ad69529d8bfb5871a0da    bc10d67886829d08e0241ad9c543e625df3f5443df0e7fbead9ca4f03081f71e    Shellcode downloader
  28. 6ea6b4affcfb54fde3cb753283159018    8039284cd3c4306225f8f7494544de1699637c59bec4b1d1b4e01fc893f5b0d8    Remote access tool
  29. fee97320cd9a9848922b01c32a41cdd4    56e6f061c8424a70e796cf6a2a6d6fbbd691431cfa0aeed186cc50177831e5d9    Remote access tool
  30. 4acbde841b82fd7203e55ac83aa7c1fe    0b038ee8dca1a0f5f9453303542ff2cddbbca2458fdf36b09a6756d4e5b0fec9    Trojan.Agentemis (Cobalt Strike)
  31.  Infrastructure
  32.  
  33. Domain
  34. moneygram.servehttp.com
  35. The third attack type
  36. Files
  37.  
  38. MD5 SHA256  Description
  39. 97034d8a97b967b2f18a867b411552f7    6bfc1ec16f3bd497613f57a278188ff7529e94eb48dcabf81587f7c275b3e86d    Mimikatz
  40. 332a5371389a8953a96bf09b69edcb6e    e46ba4bdd4168a399ee5bc2161a8c918095fa30eb20ac88cac6ab1d6dbea2b4a    Mimikatz
  41. 8184f24a4f4ff4438dba050b2e3d1af7    c1993735265f4274b81a6edf789e0245f2f7f5ee78f4172101728a324cdd3d2d    Backdoor.Gussdoor (Remote Manipulator System)
  42. The fourth attack type
  43. Files
  44.  
  45. MD5 SHA256  Description
  46. 49ae7d13f43bb04ed31d593787d4e17e    06fe2b7ff6af10cd0ec8395490567f8a0f66d8e083a72f57f18e9ad74dfff727    Infostealer.Hawket (Imminent Monitor)
  47. 75e5594c6882704ea2889e3fd758cbbf    6eb3281f5a80223a5b58af20d415453a9013a487c89d89cd7658bb7451902548    Infostealer.Hawket (Imminent Monitor)
RAW Paste Data
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy. OK, I Understand
 
Top