Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- https://twitter.com/DynamicAnalysis/status/1275110199754461184
- A #malspam campaign that I've been tracking since January 2020, that typically delivers #ZLoader, is now delivering #Ostap!
- XLS downloader URLs:
- https://thepsaokhue.com/wp-keys.php
- https://metagro.com.br/wp-keys.php
- https://loughturnperceidrin.ml/wp-keys.php
- https://joliroomlides.tk/wp-keys.php
- Payload downloaded from:
- unencansatecal.ml
- C2 (credit to https://twitter.com/James_inthe_box/status/1275112840488075264):
- https://194.36.191.113/RA9cbC/tM0LVE.php
- XLS sample:
- https://app.any.run/tasks/aa0c8899-a534-4882-930e-282b9e889320/
- DLL sample:
- https://app.any.run/tasks/7173d59a-db8e-43d2-8230-4a247f35758f/
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement