Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- #Shade #Troldesh #Ransomware
- -----------------------------------
- 29-01-2019 IOC's
- -----------------------------------
- Main object- "b57d0f4ae43dea847afdeda01eb4d0cffb9635562109d8cd2c46a55421111961.bin.gz"
- sha256 3f6d879ce654e663cc3bb7a10b82ecdf23eea100c9465b9cc5d1ca2d7d286f15
- sha1 eb15f25b7cd50d8b6a7fc67a5f432f4a4d426c1e
- md5 9792edb09a91d4dd7078aecfe72e802d
- Dropped executable file
- sha256 C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\R9ZEWH8D\messg[1].jpg dfaa49c45c94ed1e0f333bf36aba29b525ceaa7ccb8be1928a16c579e2de4706
- DNS requests
- domain magiwebsa.com
- Connections
- ip 67.227.157.98
- ip 131.188.40.189
- ip 208.83.223.34
- ip 154.35.32.5
- ip 76.73.17.194
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
