2020-10-07 ZLoader IOCs

1. SUBJECTS OBSERVED
2. Contract 5366 data
3. Contract ID 5585 details
4.  
5. SENDERS OBSERVED
6. lacomota9@aol.com
7. williamcollins900@aol.com
8.  
9. EXCEL FILE NAMES
10. Inf.5366.xls
11. inv-5585.xls
12.  
13. EXCEL FILE HASHES
14. f8893b13e7a5872ffad8e0c72544d5bd
15. 1ae535a7059fdcfb45952c5b85647811
16.  
17. ZLOADER PAYLOAD HASHES
18. Unknown
19.  
20. ZLOADER PAYLOAD URLs
21. https://mecosmeticos.com/vnc6bc.php
22. https://medicustrip.com/2zipqn.php
23. https://miradasalvuelo.com/2wx2n3.php
24. https://mulherdealtaperformance.com.br/pprdzv.php
25.  
26. mecosmeticos.com
27. medicustrip.com
28. miradasalvuelo.com
29. mulherdealtaperformance.com.br
30.  
31. ZLOADER C2s
32. Unknown