Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- 5.2.17
- From:Meyer Thaddeus <Cspeicher@q.com>
- Subject: Money Transfer from Meyer Thaddeus
- smtp01.quartz.synacor.com smtp.user=Cspeicher@q.com
- Attachment: a59nu61u.docx Pass:G98LUQJ340TUV
- ---------------------------------------------------------------------
- a59nu61u_nopass.docx 4/57
- https://www.virustotal.com/en/file/4b8ac851e324d91d29bf6ec3a2f7159330d28fbd0fd0d458967c16bb0c875652/analysis/1493735742/
- Office Doc Part .vbs 3/57
- https://www.virustotal.com/en/file/4a314a218715dbe1c07b257ea06ec6bf788745de028a06a75421259ccaf52856/analysis/1493735310/
- DNS Requests:
- ifmgcc.com 104.238.124.62
- Contacted Hosts:
- 91.210.164.3:80 TCP wscript.exe
- 104.238.124.62:80 TCP wscript.exe
- HTTP Traffic:
- 104.238.124.62:80 (ifmgcc.com) GET /22.txt GET /22.txt HTTP/1.1 Accept: */* Accept-Encoding: gzip, deflate User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E) Host: ifmgcc.com Connection: Keep-Alive 200 OK
- GET http://91.210.164.3/22.dob
- GET http://ifmgcc.com/22.txt
- ---------------------------------------------------------------------
- --
- @r00tninja
Add Comment
Please, Sign In to add comment