API tools faq
paste
ExecuteMalware

2020-10-16 ZLoader IOCs

ExecuteMalware
Oct 16th, 2020
2,932
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 1.14 KB | None | 0 0
raw download clone embed print report
  1. THREAT ATTRIBUTION: ZLOADER
  2.  
  3. SUBJECTS OBSERVED
  4. Invoice 1059 info
  5. Invoice notice
  6. Invoice, No # 1960
  7. Receipt id 8496
  8. September Unpaid Invoice - # 6046
  9. Statement reminder No. #5986
  10. This is your Service Invoice
  11.  
  12. SENDERS OBSERVED
  13. aclark58@aol.com
  14. desert1976@aol.com
  15. dyrov1988@aol.com
  16. edwardsdonna299@aol.com
  17. fg3yw@aol.com
  18. kotljirov364@aol.com
  19. thomas.sarah67@aol.com
  20.  
  21. EXCEL FILE HASHES
  22. ca35d6fcc0fbca62279839a353c5e394
  23. 71773b664a42ac606442f1ef82020d51
  24. f7cca79084195fb7458e2ef75f01aeee
  25. 411bdb6fd1707fbf131d1ce48509db6a
  26. 244ddf7615055331b9bdaa202b3a3889
  27. 9a6b96a0ad8234b50be186f18e90216a
  28.  
  29. ZLOADER PAYLOAD HASHES
  30. N/A
  31.  
  32. ZLOADER PAYLOAD URLs
  33. https://arifulhuq.com/7aops3.php
  34. https://ashraydekho.com/x9tity.php
  35. https://biotantra.info/qbqkew.php
  36. https://breaktalks.com/fsq48c.php
  37.  
  38. arifulhuq.com
  39. ashraydekho.com
  40. biotantra.info
  41. breaktalks.com
  42.  
  43. ZLOADER C2s
  44. https://acpdd.cat/sv34fs.php
  45. https://aestheticscc.com/wbbako/php
  46. https://procalterfineb.tk/wp-smarts.php
  47. https://reach-me.co/oay1hk.php
  48. https://rkhydraulic.com/gqvvjx.php
  49. https://sadarpursangbad.com/eraksa.php
  50. https://t20group.com/atufik.php
  51. https://voldemarholding.ee/b6h7s1.php
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!