Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- #Trickbot #Stealer
- ---------------------------------
- 03-07-2019
- ---------------------------------
- Main object- "b74da51b70462070e457dd72611545c58dff1ed82b5ed44091a6a23a6a6d5585.bin.gz"
- sha256 fa9825e7462a93295c9f2202a37a570882467d9d401b42dae9c6305a1c8acbbf
- sha1 f7cc2b1f68fd46e1e01cac92d30cc74ea95ffc74
- md5 0d1c724c797a9e30ba268879c9aca73a
- ssdeep_parts [object Object]
- Dropped executable file
- sha256 C:\Users\admin\AppData\Local\Temp\YCUsW.exe 96076cee9a7fec7ec050e0c5861e43d6be4f0a8d34c2600a5f93f07359d0032e
- DNS requests
- domain pouyas.com
- domain checkip.amazonaws.com
- Connections
- ip 64.37.52.189
- ip 82.202.221.160
- ip 66.70.218.60
- ip 195.161.41.253
- ip 34.233.102.38
- ip 170.238.117.187
- ip 186.10.243.70
- HTTP/HTTPS requests
- url http://checkip.amazonaws.com/
- url http://170.238.117.187:8082/ono5/USER-PC_W617601.21720B4DE8D29C95B78A554B3C5A3A9B/81/
- url http://170.238.117.187:8082/ono5/USER-PC_W617601.21720B4DE8D29C95B78A554B3C5A3A9B/83/
Add Comment
Please, Sign In to add comment