Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- #Pony #Fareit #Stealer #cve2017-11882
- ----------------------------------
- 01-08-2019
- ----------------------------------
- Main object- "eda4acc8082733abcc6785cf191dbc07f427738cdb30de429f5e6f73ce4bdcf0.bin.gz"
- sha256 7e815b63165d68c1913ba44cca50284d76b6dec5105139b4e553751dbb616953
- sha1 d76fbfda2c7aadb448c8b3ddde915f51b2ad28eb
- md5 508f897d099f74608e4ae6c5f03d78d7
- Dropped executable file
- sha256 C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LH043OAM\baba[1].exe 9d38b0e803747269aeea8b0cff9bcb585f814fd063a42843f93ef420c12c0517
- DNS requests
- domain vman21.com
- domain serverstresstestgood.duckdns.org
- Connections
- ip 23.249.165.218
- ip 34.77.250.127
- HTTP/HTTPS requests
- url http://serverstresstestgood.duckdns.org/big/baba.exe
- url http://vman21.com/ab17/gate.php
Add Comment
Please, Sign In to add comment
