136 |
2023-02-15 21:15
|
ACT Handbook 2020(1).pdf e71d5c82f17e1698fe0cb9bb9a270899 PDF |
|
|
|
|
|
|
|
guest
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
137 |
2023-02-22 09:26
|
1.pdf 4c8c59e6ceb46ab5868966fba52a300c PDF Windows utilities Windows |
5
http://acroipm2.adobe.com/20/rdr/ENU/win/nooem/none/consumer/277_20_6_20042.zip http://acroipm2.adobe.com/20/rdr/ENU/win/nooem/none/consumer/280_20_6_20042.zip http://acroipm2.adobe.com/20/rdr/ENU/win/nooem/none/consumer/279_20_6_20042.zip http://acroipm2.adobe.com/20/rdr/ENU/win/nooem/none/consumer/281_20_6_20042.zip http://acroipm2.adobe.com/20/rdr/ENU/win/nooem/none/consumer/message.zip
|
|
|
|
1.4 |
|
|
ZeroCERT
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
138 |
2023-03-07 17:04
|
Invoice-1449260.pdf adfc880ef5985ca36a7c9b7477a5b899 PDF Suspicious Link PDF unpack itself Windows utilities Windows |
|
|
|
|
1.4 |
|
|
ZeroCERT
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
139 |
2023-03-29 13:37
|
Taxpayer.pdf af333833c285ea114b841c4e8cde282f PDF VirusTotal Malware |
1
https://transfer.sh/get/1MeR2u/XWorm.exe
|
|
|
|
1.0 |
|
13 |
ZeroCERT
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
140 |
2023-03-30 09:23
|
info.pdf a05bb251aa7a4b93f443023a6b8c8b67 PDF ZIP Format Windows utilities Windows DNS |
5
http://acroipm2.adobe.com/20/rdr/ENU/win/nooem/none/consumer/277_20_6_20042.zip http://acroipm2.adobe.com/20/rdr/ENU/win/nooem/none/consumer/280_20_6_20042.zip http://acroipm2.adobe.com/20/rdr/ENU/win/nooem/none/consumer/message.zip http://acroipm2.adobe.com/20/rdr/ENU/win/nooem/none/consumer/278_20_6_20042.zip http://acroipm2.adobe.com/20/rdr/ENU/win/nooem/none/consumer/281_20_6_20042.zip
|
1
185.246.220.130 - malware
|
|
|
2.0 |
M |
|
ZeroCERT
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
141 |
2023-04-08 06:31
|
Comcast_HotSpot_NextGenPeopleS... 4d8dc60169d7caa641d0ae52053405ff PDF |
|
|
|
|
|
|
|
guest
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
142 |
2023-04-11 15:38
|
AL.pdf 2a8d2f23d6dfda4df874b409d503ce39 PDF Suspicious Link PDF VirusTotal Malware |
|
|
|
|
0.4 |
|
7 |
ZeroCERT
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
143 |
2023-04-11 15:43
|
AL.pdf 2a8d2f23d6dfda4df874b409d503ce39 PDF Suspicious Link PDF AntiDebug AntiVM MSOffice File PNG Format JPEG Format VirusTotal Malware Code Injection RWX flags setting unpack itself Windows utilities Tofsee Windows |
4
http://edgedl.me.gvt1.com/edgedl/release2/chrome_component/cxpsjblnoxgjoqggdsbvujtof4_58/khaoiebndkojlmppeemjhbpbandiljpe_58_win_advr4ucepztwtigvw3fduftsvbeq.crx3
http://edgedl.me.gvt1.com/edgedl/release2/chrome_component/jewvegtcs2qdew3nlzz4kvsjqm_9.44.0/gcmjkmgdlgnkkcocmoeiminaijmmjnii_9.44.0_all_pywouuhjzu3khiqqvvfs2jt53q.crx3
http://edgedl.me.gvt1.com/edgedl/release2/chrome_component/g6v7tvx6ixuzstk5etcqebphhq_7954/hfnkpimlhhgieaddgfemjhofmfblmnib_7954_all_adj2i674lrtcwrqqfhv37vujcaya.crx3
https://zacuta.com/eupa/eupa.php
|
19
edgedl.me.gvt1.com(34.104.35.123)
www.google.com(142.250.206.228)
www.gstatic.com(142.250.206.227)
fonts.googleapis.com(142.250.207.106)
accounts.google.com(142.250.206.205)
_googlecast._tcp.local()
apis.google.com(172.217.161.238)
fonts.gstatic.com(142.250.207.99)
zacuta.com(162.0.217.30) - mailcious
clientservices.googleapis.com(142.250.207.99) 142.250.207.67
142.251.220.99
172.217.27.13
162.0.217.30 - mailcious
34.104.35.123
172.217.24.74
172.217.24.100
172.217.25.3
142.250.66.78
|
2
SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) ET INFO TLS Handshake Failure
|
|
3.6 |
|
7 |
ZeroCERT
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
144 |
2023-04-13 09:49
|
ClaimCopy-1337.pdf fa243a28cdcbca70891853bfbbead0c1 Code injection PDF AntiDebug AntiVM MSOffice File Browser Info Stealer MachineGuid Code Injection Checks debugger Creates shortcut RWX flags setting exploit crash unpack itself Windows utilities malicious URLs human activity check installed browsers check Ransomware Windows Exploit Browser crashed keylogger |
3
http://krishikannada.com/blo/hf98fh92.zip http://www.krishikannada.com/wp-includes/images/w-logo-blue-white-bg.png http://krishikannada.com/favicon.ico
|
3
www.krishikannada.com(162.240.38.127) krishikannada.com(162.240.38.127) - mailcious 162.240.38.127 - mailcious
|
|
|
9.4 |
|
|
ZeroCERT
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
145 |
2023-04-14 07:42
|
Corridor%20NYC%20Project%20Pla... a871fae6b1494686545ee1f783722c15 PDF ZIP Format Windows utilities Windows |
5
http://acroipm2.adobe.com/20/rdr/ENU/win/nooem/none/consumer/277_20_6_20042.zip http://acroipm2.adobe.com/20/rdr/ENU/win/nooem/none/consumer/280_20_6_20042.zip http://acroipm2.adobe.com/20/rdr/ENU/win/nooem/none/consumer/message.zip http://acroipm2.adobe.com/20/rdr/ENU/win/nooem/none/consumer/278_20_6_20042.zip http://acroipm2.adobe.com/20/rdr/ENU/win/nooem/none/consumer/281_20_6_20042.zip
|
|
|
|
1.4 |
|
|
ZeroCERT
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
146 |
2023-04-14 09:28
|
PDFViewer.exe fca9b3315dc5611a8a3d6a2abb838e30 PWS .NET framework RAT UPX OS Processor Check .NET EXE PE32 PE File PDB MachineGuid Check memory Checks debugger unpack itself ComputerName crashed |
|
|
|
|
1.6 |
|
18 |
guest
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
147 |
2023-05-03 10:53
|
TRIBL%20Litepaper_Final%20Draf... 03e29b4c0d409de760ba5397cba8605d PDF |
|
|
|
|
|
M |
|
ZeroCERT
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
148 |
2023-05-16 09:17
|
OAK%20FURNITURE%20UK%20APPLIAN... e537a6993f1e0bad5e05ecdb7afae6bf PDF |
|
|
|
|
|
M |
|
ZeroCERT
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
149 |
2023-05-17 09:23
|
doc.pdf 9a95e059d574d4c3bdd26627308e22b6 PDF ZIP Format Windows utilities Windows |
5
http://acroipm2.adobe.com/20/rdr/ENU/win/nooem/none/consumer/277_20_6_20042.zip http://acroipm2.adobe.com/20/rdr/ENU/win/nooem/none/consumer/281_20_6_20042.zip http://acroipm2.adobe.com/20/rdr/ENU/win/nooem/none/consumer/280_20_6_20042.zip http://acroipm2.adobe.com/20/rdr/ENU/win/nooem/none/consumer/278_20_6_20042.zip http://acroipm2.adobe.com/20/rdr/ENU/win/nooem/none/consumer/message.zip
|
|
|
|
1.4 |
|
|
ZeroCERT
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
150 |
2023-05-31 23:35
|
LB937WHXR.pdf a4537dfd7b0f26361cb2d5750685c606 PDF |
|
|
|
|
|
|
|
guest
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|