abuse.ch 

Another day, another #Amadey 📅👀 This time dropping #SystemBC ⤵️

Amadey botnet C2:
📡cobolrationumelawrtewarms .com
📡107.189.27.66 (AS14956 ROUTERHOSTING 🇳🇱)

Dropping SystemBC from the following URL:
🌐https://urlhaus.abuse.ch/url/3470633/

SystemBC payload:
📄https://bazaar.abuse.ch/sample/c13d59dc2e8ee1cbdb8016de0fb3b374f827406fa5d2d1aa4a2820170816d131/

SystemBC botnet C2:
📡towerbingobongoboom .com
📡213.209.150.137:4086 (AS42821 RAPIDNET 🇩🇪)

URLhaus | http://45.59.120.8/files/dinnmamunms/cubrodriver.exe

URLhaus is a project operated by abuse.ch with the purpose of sharing malicious URLs that are being used for malware distribution

Mar 7 at 6:13pmWeb