-
Notifications
You must be signed in to change notification settings - Fork 84
/
2021-08-17 BazarLoader IOCs
63 lines (51 loc) · 2.74 KB
/
2021-08-17 BazarLoader IOCs
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
THREAT IDENTIFICATION: BAZARLOADER
SUBJECTS OBSERVED
Contact Submission
SENDERS OBSERVED
EMAIL BODY
name: Ashley
email: [email protected]
message: Hi! My name is Ashley. Your website or a website that your
organization hosts is infringing on a copyright-protected images owned
by me personally. Check out this official document with the links to
my images you utilized at www.<redacted>.com and my earlier publications
to obtain the proof of my copyrights. Download it now and check this
out for yourself:
https://firebasestorage.googleapis.com/v0/b/files-d6e6c.appspot.com/o/download-dlm39vbk30.html?alt=media&token=d0b122e7-49bb-4c04-9b26-d2364ca615f2&h=51040162207499337
I do think you've intentionally violated my legal rights under 17 USC
Section 101 et seq. and can be liable for statutory damage of up to
$140,000 as set forth in Section 504 (c)(2) of the Digital millennium
copyright act (”DMCA”) therein. This letter is official notice. I seek
the removal of the infringing materials mentioned above. Please take
note as a company, the Dmca demands you, to eliminate and terminate
access to the infringing materials upon receipt of this notice. In
case you do not stop the use of the aforementioned copyrighted content
a law suit can be initiated against you. I do have a good self-belief
that use of the copyrighted materials described above as presumably
violating is not approved by the copyright proprietor, its legal
agent, or the laws. I declare, under consequence of perjury, that the
information in this notification is accurate and that I am the legal
copyright owner or am permitted to act on behalf of the owner of an
exclusive right that is presumably infringed. Best regards, Ashley
Johnson 08/17/2021
MALDOC DOWNLOAD URLS
https://firebasestorage.googleapis.com/v0/b/files-d6e6c.appspot.com/o/download-dlm39vbk30.html?alt=media&token=d0b122e7-49bb-4c04-9b26-d2364ca615f2&h=51040162207499337
https://morungato.space/nerkl23vhb4/
https://drive.google.com/uc?export=download&id=19CF0ubQixpJObalUj7F9HC2yrNrwzgIC
https://doc-0c-6s-docs.googleusercontent.com/docs/securesc/2gefh1jt2jip1uk3rkahe7o53k6pcd2j/l49p3gg88muogb8i4fuu6iri1naaitbv/1629232050000/08811926844747145094/12388264357798286558Z/19CF0ubQixpJObalUj7F9HC2yrNrwzgIC?e=download&nonce=2tf1jfhp93a26&user=12388264357798286558Z&hash=4dq90tanf8gl7r6776ni8uh8pc0926ig
MALDOC FILE HASHES
Stolen Images Evidence.zip
ce8c281450947b912d91f3c6ffffd66c
Which contains:
Stolen Images Evidence.js
42815c3809a04f86c2774681ba87d257
BAZARLOADER PAYLOAD DOWNLOAD URLS
http://meshura.space/333g100/index.php
http://meshura.space/333g100/main.php
BAZARLOADER PAYLOAD FILE HASHES
OVCQdG.dat
d0030a1b6d67fecc6b0a513229dcd708
BAZARLOADER C2
https://194.15.113.148/web/main/job/invoke