API tools faq
paste
ExecuteMalware

2021-04-06 BazarCall IOCs

ExecuteMalware
Apr 6th, 2021
16,878
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 1.10 KB | None | 0 0
raw download clone embed print report
  1. THREAT IDENTIFICATION: BAZARCALL
  2.  
  3. SENDER EMAILS
  4. [email protected]
  5. [email protected]
  6. [email protected]
  7.  
  8. SUBJECTS
  9. Free trial period for ############# comes to the end in three days
  10. Your free trial ############ is about to end!
  11. Thank you for using your free trial ############. Time to move on!
  12.  
  13. LURE PHONE NUMBER
  14. +1 (209) 554 3767
  15.  
  16. MALDOC LANDING PAGE URLS
  17. https://bookpoint.us
  18. https://bookspoint.us
  19. https://pointbook.us
  20. https://pointbooks.us
  21. https://subsbookpoint.us
  22.  
  23. MALDOC DOWNLOAD URLS
  24. https://bokpoint.xyz/unsubscribe
  25. https://bokspoint.xyz/unsubscribe
  26. https://pointbok.xyz/unsubscribe
  27. https://pointboks.xyz/unsubscribe
  28.  
  29. MALDOC (XLSB) FILE HASHES
  30. 759b9d6d287e240dc4a9a1564043e4d5
  31. 6740ff5b4d99d21c8ae34f2bf5b4cd71
  32. 4de36ea29963104bac17ee17176b0c6b
  33. 06ffd88bb900090461f59cdabed2d252
  34. 04023332ae2160489d04446a4f539fc7
  35.  
  36. PAYLOAD DOWNLOAD URLS
  37. Unknown
  38.  
  39. PAYLOAD FILE HASHES
  40. Unknown
  41.  
  42. ADDITIONAL FILE HASHES FROM PAYLOAD DOMAIN
  43. 569390.ui
  44. c7a8147760434d6eca16d8e27dce2bcf
  45.  
  46. 569390.xlsb
  47. 260a8af59a31a82aa8f999760b8fcb66
  48.  
  49. 569390.pdi
  50. 260a8af59a31a82aa8f999760b8fcb66
  51.  
Advertisement
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!