Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- THREAT IDENTIFICATION: RACCOON STEALER
- SUBJECTS OBSERVED
- Contact Submission
- SENDERS OBSERVED
- Mike <noreply@svipa.com>
- EMAIL BODY
- name: Mike
- email: mike@wromet.com
- message: Good morning, please pay the invoice. The invoice is
- available at https://cutt.ly/invoice_37223_2021 Best regards, Mike
- RACCOON STEALER PAYLOAD DOWNLOAD URLS
- https://cutt.ly/invoice_37223_2021
- https://ifirma.tw/pobierz/faktura-77_2021-3.pdf.exe
- RACCOON STEALER PAYLOAD FILE HASHES
- faktura-77_2021-3.pdf.exe
- f7ba0f7a61b8b51a5e1823d5fd274d12
- RACCOON STEALER C2
- http://34.141.84.7//l/f/AwR78noBagrSXdgRI6mK/2b5e22c8234245ec15224617bcd1d3d2815032f7
- http://34.141.84.7//l/f/AwR78noBagrSXdgRI6mK/d9f2d1eed65e7bf9f8f20e8047035ac98c2f99d4
- SUPPORTING EVIDENCE
- https://www.virustotal.com/gui/file/97230d986df3ea5ab1a95966a7cd14ff73744912d34edb7a72776b78440d9293/detection
- https://app.any.run/tasks/a8167c48-857a-4a27-860f-d3569db25b25/
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement