Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- 2018-06-05 #hancitor #maldoc distribution URLs
- subjects like:
- You got invoice from DocuSign
- You got notification from DocuSign
- You received invoice from DocuSign
- You received notification from DocuSign
- sender: docusign@texasliquorlicense[.]com
- MALDOC distribution URLs
- hxxp://abrassart.org
- hxxp://biblebaptistchurch.us
- hxxp://biblebaptistchurches.com
- hxxp://exportedfromsiliconvalley.com
- hxxp://idgalactic.com
- hxxp://idtechcampsonline.com
- hxxp://idtechonline.com
- hxxp://idtechsummerstaff.com
- hxxp://internaldrive.co.uk
- hxxp://ppsvc3.com
- hxxp://techieandyouknowit.com
- Additinal IOCs via @techhelplist
- c2 :
- http://bipaboone.com/4/forum.php
- http://cypartedle.ru/4/forum.php
- http://unboforkin.ru/4/forum.php
- payloads :
- http://letoilerestaurant.com/wp-content/plugins/hide-update-reminder/1
- http://compassplumbing.ca/wp-content/plugins/responsive-add-ons/templates/1
- http://wrcbss.com/wp-content/plugins/feed-wrangler/1
- http://csetv.net/wp-content/plugins/gxp/1
- http://dolmetscherbueromueller.de/wp-content/plugins/gxp/1
- http://letoilerestaurant.com/wp-content/plugins/hide-update-reminder/2
- http://compassplumbing.ca/wp-content/plugins/responsive-add-ons/templates/2
- http://wrcbss.com/wp-content/plugins/feed-wrangler/2
- http://csetv.net/wp-content/plugins/gxp/2
- http://dolmetscherbueromueller.de/wp-content/plugins/gxp/2
- http://letoilerestaurant.com/wp-content/plugins/hide-update-reminder/3
- http://compassplumbing.ca/wp-content/plugins/responsive-add-ons/templates/3
- http://wrcbss.com/wp-content/plugins/feed-wrangler/3
- http://csetv.net/wp-content/plugins/gxp/3
- http://dolmetscherbueromueller.de/wp-content/plugins/gxp/3
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
