API tools faq
paste
Advertisement
MalwareMessiagh

Vidar with Ursnif IOC

MalwareMessiagh
Sep 4th, 2019
53,294
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 0.52 KB | None | 0 0
raw download clone embed print report
  1. Dropping URLs:
  2. http://pb128o6c2favwk.com/s9281P/yt1.php?l=treos[1-10].reb
  3. http://45.142.212.25/302[.]exe
  4.  
  5. Vidar files:
  6. http://dersed.com/freebl3[.]dll
  7. http://dersed.com/msvcp140[.]dll
  8. http://dersed.com/nss3[.]dll
  9. http://dersed.com/mozglue[.]dll
  10. http://dersed[.]com/288
  11. http://dersed.com/vcruntime140[.]dll
  12. http://dersed.com/softokn3[.]dll
  13.  
  14. Other Vidar domains:
  15. neonwise.com
  16. dersed.com
  17. eroomia.com
  18. sportsmula.com
  19. autarla.com
  20.  
  21. C2:
  22. tcolleen4463dn.com
  23.  
  24. IPs:
  25. 45.84.0.248
  26. 45.142.212.25
  27. 173.232.44.66
  28. 194.32.78.251
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!