| 136 |
2023-02-15 21:15
|
 ACT Handbook 2020(1).pdf e71d5c82f17e1698fe0cb9bb9a270899
PDF |
|
|
|
|
|
|
|
guest
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 137 |
2023-02-22 09:26
|
 1.pdf 4c8c59e6ceb46ab5868966fba52a300c
PDF Windows utilities Windows |
5
http://acroipm2.adobe.com/20/rdr/ENU/win/nooem/none/consumer/277_20_6_20042.zip
http://acroipm2.adobe.com/20/rdr/ENU/win/nooem/none/consumer/280_20_6_20042.zip
http://acroipm2.adobe.com/20/rdr/ENU/win/nooem/none/consumer/279_20_6_20042.zip
http://acroipm2.adobe.com/20/rdr/ENU/win/nooem/none/consumer/281_20_6_20042.zip
http://acroipm2.adobe.com/20/rdr/ENU/win/nooem/none/consumer/message.zip
|
|
|
|
1.4 |
|
|
ZeroCERT
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 138 |
2023-03-07 17:04
|
 Invoice-1449260.pdf adfc880ef5985ca36a7c9b7477a5b899
PDF Suspicious Link PDF unpack itself Windows utilities Windows |
|
|
|
|
1.4 |
|
|
ZeroCERT
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 139 |
2023-03-29 13:37
|
 Taxpayer.pdf af333833c285ea114b841c4e8cde282f
PDF VirusTotal Malware |
1
https://transfer.sh/get/1MeR2u/XWorm.exe
|
|
|
|
1.0 |
|
13 |
ZeroCERT
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 140 |
2023-03-30 09:23
|
 info.pdf a05bb251aa7a4b93f443023a6b8c8b67
PDF ZIP Format Windows utilities Windows DNS |
5
http://acroipm2.adobe.com/20/rdr/ENU/win/nooem/none/consumer/277_20_6_20042.zip
http://acroipm2.adobe.com/20/rdr/ENU/win/nooem/none/consumer/280_20_6_20042.zip
http://acroipm2.adobe.com/20/rdr/ENU/win/nooem/none/consumer/message.zip
http://acroipm2.adobe.com/20/rdr/ENU/win/nooem/none/consumer/278_20_6_20042.zip
http://acroipm2.adobe.com/20/rdr/ENU/win/nooem/none/consumer/281_20_6_20042.zip
|
1
185.246.220.130 - malware
|
|
|
2.0 |
M |
|
ZeroCERT
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 141 |
2023-04-08 06:31
|
 Comcast_HotSpot_NextGenPeopleS... 4d8dc60169d7caa641d0ae52053405ff
PDF |
|
|
|
|
|
|
|
guest
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 142 |
2023-04-11 15:38
|
 AL.pdf 2a8d2f23d6dfda4df874b409d503ce39
PDF Suspicious Link PDF VirusTotal Malware |
|
|
|
|
0.4 |
|
7 |
ZeroCERT
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 143 |
2023-04-11 15:43
|
 AL.pdf 2a8d2f23d6dfda4df874b409d503ce39
PDF Suspicious Link PDF AntiDebug AntiVM MSOffice File PNG Format JPEG Format VirusTotal Malware Code Injection RWX flags setting unpack itself Windows utilities Tofsee Windows |
4
http://edgedl.me.gvt1.com/edgedl/release2/chrome_component/cxpsjblnoxgjoqggdsbvujtof4_58/khaoiebndkojlmppeemjhbpbandiljpe_58_win_advr4ucepztwtigvw3fduftsvbeq.crx3
http://edgedl.me.gvt1.com/edgedl/release2/chrome_component/jewvegtcs2qdew3nlzz4kvsjqm_9.44.0/gcmjkmgdlgnkkcocmoeiminaijmmjnii_9.44.0_all_pywouuhjzu3khiqqvvfs2jt53q.crx3
http://edgedl.me.gvt1.com/edgedl/release2/chrome_component/g6v7tvx6ixuzstk5etcqebphhq_7954/hfnkpimlhhgieaddgfemjhofmfblmnib_7954_all_adj2i674lrtcwrqqfhv37vujcaya.crx3
https://zacuta.com/eupa/eupa.php
|
19
edgedl.me.gvt1.com(34.104.35.123)
www.google.com(142.250.206.228)
www.gstatic.com(142.250.206.227)
fonts.googleapis.com(142.250.207.106)
accounts.google.com(142.250.206.205)
_googlecast._tcp.local()
apis.google.com(172.217.161.238)
fonts.gstatic.com(142.250.207.99)
zacuta.com(162.0.217.30) - mailcious
clientservices.googleapis.com(142.250.207.99)
142.250.207.67
142.251.220.99
172.217.27.13
162.0.217.30 - mailcious
34.104.35.123
172.217.24.74
172.217.24.100
172.217.25.3
142.250.66.78
|
2
SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)
ET INFO TLS Handshake Failure
|
|
3.6 |
|
7 |
ZeroCERT
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 144 |
2023-04-13 09:49
|
 ClaimCopy-1337.pdf fa243a28cdcbca70891853bfbbead0c1
Code injection PDF AntiDebug AntiVM MSOffice File Browser Info Stealer MachineGuid Code Injection Checks debugger Creates shortcut RWX flags setting exploit crash unpack itself Windows utilities malicious URLs human activity check installed browsers check Ransomware Windows Exploit Browser crashed keylogger |
3
http://krishikannada.com/blo/hf98fh92.zip
http://www.krishikannada.com/wp-includes/images/w-logo-blue-white-bg.png
http://krishikannada.com/favicon.ico
|
3
www.krishikannada.com(162.240.38.127)
krishikannada.com(162.240.38.127) - mailcious
162.240.38.127 - mailcious
|
|
|
9.4 |
|
|
ZeroCERT
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 145 |
2023-04-14 07:42
|
 Corridor%20NYC%20Project%20Pla... a871fae6b1494686545ee1f783722c15
PDF ZIP Format Windows utilities Windows |
5
http://acroipm2.adobe.com/20/rdr/ENU/win/nooem/none/consumer/277_20_6_20042.zip
http://acroipm2.adobe.com/20/rdr/ENU/win/nooem/none/consumer/280_20_6_20042.zip
http://acroipm2.adobe.com/20/rdr/ENU/win/nooem/none/consumer/message.zip
http://acroipm2.adobe.com/20/rdr/ENU/win/nooem/none/consumer/278_20_6_20042.zip
http://acroipm2.adobe.com/20/rdr/ENU/win/nooem/none/consumer/281_20_6_20042.zip
|
|
|
|
1.4 |
|
|
ZeroCERT
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 146 |
2023-04-14 09:28
|
 PDFViewer.exe fca9b3315dc5611a8a3d6a2abb838e30
PWS .NET framework RAT UPX OS Processor Check .NET EXE PE32 PE File PDB MachineGuid Check memory Checks debugger unpack itself ComputerName crashed |
|
|
|
|
1.6 |
|
18 |
guest
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 147 |
2023-05-03 10:53
|
 TRIBL%20Litepaper_Final%20Draf... 03e29b4c0d409de760ba5397cba8605d
PDF |
|
|
|
|
|
M |
|
ZeroCERT
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 148 |
2023-05-16 09:17
|
 OAK%20FURNITURE%20UK%20APPLIAN... e537a6993f1e0bad5e05ecdb7afae6bf
PDF |
|
|
|
|
|
M |
|
ZeroCERT
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 149 |
2023-05-17 09:23
|
 doc.pdf 9a95e059d574d4c3bdd26627308e22b6
PDF ZIP Format Windows utilities Windows |
5
http://acroipm2.adobe.com/20/rdr/ENU/win/nooem/none/consumer/277_20_6_20042.zip
http://acroipm2.adobe.com/20/rdr/ENU/win/nooem/none/consumer/281_20_6_20042.zip
http://acroipm2.adobe.com/20/rdr/ENU/win/nooem/none/consumer/280_20_6_20042.zip
http://acroipm2.adobe.com/20/rdr/ENU/win/nooem/none/consumer/278_20_6_20042.zip
http://acroipm2.adobe.com/20/rdr/ENU/win/nooem/none/consumer/message.zip
|
|
|
|
1.4 |
|
|
ZeroCERT
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 150 |
2023-05-31 23:35
|
 LB937WHXR.pdf a4537dfd7b0f26361cb2d5750685c606
PDF |
|
|
|
|
|
|
|
guest
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|