Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- THREAT ATTRIBUTION: UNKNOWN LOADER
- SUBJECTS OBSERVED
- RE: FW:Product Enquiry/New Order
- SENDERS OBSERVED
- info@djasfo.com
- ATTACHED MALDOC FILE HASHES
- PO_61934N.docx
- 0e98cd71f0ca7b8ff758c1e67f03afb1
- MALDOC DOWNLOAD URL
- https://linkr.uk/RsSuI
- DOWNLOADED MALDOC FILE HASH
- f.wbk
- b69168abc6dbe5d2cccf07fdd06e1808
- UNKNOWN LOADER PAYLOAD DOWNLOAD URL
- 192.3.222.161/fide/win32.exe
- UNKNOWN LOADER PAYLOAD FILE HASH
- win32.exe
- 5da09caaae82f21d0eaca876d498ee03
- This file is renamed and copied to C:\Users\Public:
- vbc.exe
- 5da09caaae82f21d0eaca876d498ee03
- UNKNOWN LOADER C2
- No C2 traffic was observed
- SUPPORTING EVIDENCE
- https://www.virustotal.com/gui/file/afc6b7fc520feb049954946e10cd3d43d55b2d4fe80b679af39c5106c87d54d3/details
- https://www.virustotal.com/gui/file/f8d61b3b3139138de0b00e3e729cce091391d3ac6049fff5a695224656abaff5/community
- https://app.any.run/tasks/bfc288a6-55bf-4b82-8942-6d8675b5d922/
- https://app.any.run/tasks/4c17f564-93dc-4ad9-8151-7808ddfd31d9/
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
