Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- #LokiBot #Stealer #Malware
- ---------------------------------
- 01-02-2019 IOC's
- ---------------------------------
- Main object- "1e472ef9914345e0298848c7e600fdff034dd6178251cbb0ce9efd09a1816250_WHnnRwu2pf.bin.gz"
- sha256 614365fb25b72850d37f6bd5df17d48617d27b53dd05ebfadc4d4a40c992578a
- sha1 7d9a78dc35e7008a4cbb6a0ba8e5dc9d9e12add5
- md5 979d9774337e528b88d010a1f8e57c74
- Dropped executable file
- sha256 C:\Users\admin\Desktop\Payment Plan.bat 94d84ed7adae7a6031e4d76f5d9746a5365bac34c9532d769c456afe48186f8d
- Connections
- ip 144.172.89.188
- HTTP/HTTPS requests
- url http://144.172.89.188/ml/tim-lok/panel/fre.php
Add Comment
Please, Sign In to add comment
