Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- THREAT IDENTIFICATION: BAZAR
- SUBJECTS OBSERVED
- APM Terminals -- Payment receipt # 54342747WW
- SENDERS OBSERVED
- sigindo@cbn.net.id
- MALDOC FILE HASHES
- form_1348168160_1927608554.xls
- f850ae7b2b87271f7e2b009a84734122
- BAZAR PAYLOAD DOWNLOAD
- http://ravepsychiatry.com/t/optonline.php
- http://ravepsychiatry.com/t/sore.php
- BAZAR PAYLOAD FILE HASHES
- optonline.dll
- 2c4ba65ebe45a97b6e43a971c6ad580b
- sore.dll
- 4aa61251226a51e9bdf40487265ab8be
- BAZAR C2
- None
- SUPPORTING EVIDENCE
- https://www.virustotal.com/gui/file/407efed8e868c0a3e8ef9dfbce26b48bdcd03b80dabdb39fadc4b16094e89bd1/details
- https://app.any.run/tasks/31db7cea-fcf7-4bef-ba11-d3ba13fed1e6/
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement