1621 |
2020-09-03 09:24
|
dat_20200903_82943.doc bdd59ee71039b417a698bb3b9338e6ca Vulnerability VirusTotal Malware Malicious Traffic unpack itself DNS |
2
http://50.121.220.50/GvAMPsc0hsMYqof0R/fngEpmrNB6gz0/hSxL7rh2ClfbBlQEIRt/CzMMUOAd/WfspC0/bRyNK0BB6ZWeb/ http://crbremen.com/WordPress_01/A/
|
2
50.121.220.50 81.169.145.68
|
|
|
4.2 |
|
16 |
guest
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
1622 |
2020-09-03 09:29
|
L0WYwl0094884937.exe 79fac7e027876b6a815340b1c586a21c VirusTotal Malware Malicious Traffic unpack itself malicious URLs sandbox evasion Windows Advertising ComputerName DNS Cryptographic key |
1
http://153.92.4.96:8080/sZjP7U54kebJaV6y/2ddJOxh4OGPvRqlKUg/u15tpPa5DoKBpjI1/v5Hl9xIbb3vk/0b9BN3BR68IfRZP/
|
3
118.110.236.121 149.202.5.139 153.92.4.96
|
|
|
6.8 |
|
21 |
guest
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
1623 |
2020-09-03 09:39
|
inf 20200903 8684429.doc f49b3177cff85f0fad4f37c42748d4bf Vulnerability VirusTotal Malware Malicious Traffic unpack itself malicious URLs DNS |
8
http://54.37.42.48:8080/9CrYoWKhr/MnZkKfnDU/QJFmEtL/Qy8zOt/ http://crbremen.com/WordPress_01/A/ http://54.37.42.48:8080/tNZwOSTGTig4uYAS/X0FYz4d1p5iyy/itunqXDS2tpK3VA/ http://54.37.42.48:8080/OeI4UgSi275VvcL/B4Sbr/ http://62.210.90.75:443/TwV8zrrDDhpynMU9/DdHbLMfQph4fh/GHF0GZOpDzz1O3b/ http://54.37.42.48:8080/43Hlp/JOr7IzURKsHGMz9/h8UR0TsBifMOB/4mAO2OItp/fH9Fjpm9WrZjDlfyyEC/TnOW4/ http://54.37.42.48:8080/DwmgBSb/s51YpXc8y2ck/ http://54.37.42.48:8080/VSdLFN1hAAq13/GStw/8rivUknhCd3h1SBE/5Gvz/FTjkikl38Bdy3bIWgpd/yHKtUo/
|
6
crbremen.com(81.169.145.68) 50.121.220.50 51.75.33.122 54.37.42.48 62.210.90.75 81.169.145.68
|
|
|
6.6 |
|
16 |
guest
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
1624 |
2020-09-03 09:53
|
faHYNWsc3p530119521.exe 628346fec7c813c84a6c04a61cff7dd9 VirusTotal Malware Malicious Traffic unpack itself malicious URLs sandbox evasion Windows Advertising ComputerName DNS Cryptographic key |
1
http://153.92.4.96:8080/4pX2yQW52n3D5F4DI/MrMlrj/kqhz0Ok5DkAV5hWd/daRqfZT98/
|
3
118.110.236.121 149.202.5.139 153.92.4.96
|
|
|
6.8 |
|
21 |
guest
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
1625 |
2020-09-03 10:00
|
inst.exe cc90e9a3011c59d6dde742d48b152f59 VirusTotal Malware PDB unpack itself malicious URLs Remote Code Execution DNS crashed |
1
https://iplogger.org/1cJX57
|
1
|
|
|
4.6 |
|
49 |
guest
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
1626 |
2020-09-03 11:28
|
dat-20200903-DIA424539.doc 7773d7daebf884681983e052946b2e6c Vulnerability VirusTotal Malware Malicious Traffic unpack itself malicious URLs |
1
http://crbremen.com/WordPress_01/A/
|
2
crbremen.com(81.169.145.68) 81.169.145.68
|
|
|
4.0 |
|
16 |
guest
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
1627 |
2020-09-03 11:36
|
niGcEd.dot d41d8cd98f00b204e9800998ecf8427e unpack itself malicious URLs |
|
|
|
|
1.6 |
|
|
guest
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
1628 |
2020-09-03 11:44
|
Fgdhk4593576485.exe d7eb41efee6a88cdb2bc25152c33b808 Malware Malicious Traffic unpack itself malicious URLs sandbox evasion Windows Advertising ComputerName DNS Cryptographic key |
1
http://153.92.4.96:8080/Bxyw/ http://153.92.4.96:8080/Bxyw/
|
3
118.110.236.121 149.202.5.139 153.92.4.96
|
|
|
6.6 |
|
|
guest
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
1629 |
2020-09-03 12:13
|
dat.doc 03da98e27ded1b3f58e295702bc87eef Vulnerability VirusTotal Malware Malicious Traffic unpack itself DNS |
2
http://50.121.220.50/4nRW/umkpWpyRLgAxBu/2kTC7k/JQjoH9NWrQ60H/NOvZ3hEekWx6mW/ http://50.121.220.50/4nRW/umkpWpyRLgAxBu/2kTC7k/JQjoH9NWrQ60H/NOvZ3hEekWx6mW/ http://crbremen.com/WordPress_01/A/
|
2
50.121.220.50 81.169.145.68
|
|
|
4.2 |
|
17 |
guest
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
1630 |
2020-09-03 15:20
|
arc-2020_09_03-32818.doc 933402bd5723395d7e54c6266fefd600 Vulnerability VirusTotal Malware Malicious Traffic unpack itself DNS |
2
http://crbremen.com/WordPress_01/A/ http://50.121.220.50/DjLx3qLInehb4/UkhX1swrbJx5/
|
2
50.121.220.50 81.169.145.68
|
|
|
4.2 |
|
19 |
admin
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
1631 |
2020-09-03 17:52
|
LIST 20200903 405.doc e0aadeb46d6591ef3176d74e683e88c6 VirusTotal Malware |
|
|
|
|
0.6 |
|
10 |
admin
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
1632 |
2020-09-04 09:02
|
FILE_WHU_090120_WBQ_090420.doc 2fa3e3d513be39915b4e659d6f11fbd5 Vulnerability VirusTotal Malware Malicious Traffic unpack itself DNS |
2
http://192.158.216.73/KDbhW88vicJDMNj3cMc/1xoAi1li/YHrk57/iti5i0fCt9VsIsic/ http://homokfuvo.com/files/QSNUeuP/
|
2
192.158.216.73 94.199.178.232
|
|
|
4.4 |
|
22 |
admin
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
1633 |
2020-09-04 09:11
|
INV_08487290.doc ad950b4b1f4815dd54db2e19cb1c6c42 Vulnerability VirusTotal Malware Malicious Traffic unpack itself DNS |
2
http://192.158.216.73/rWDLu6rH3/a68j/JUFKzJ0R4pP62J/zUCNC6ONE/ http://homokfuvo.com/files/QSNUeuP/
|
2
192.158.216.73 94.199.178.232
|
|
|
4.4 |
|
23 |
admin
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
1634 |
2020-09-04 09:21
|
LIST_20200904_ZNQ565.doc f61c4d24653f77ee0e6612a22a73c7cb Vulnerability VirusTotal Malware Malicious Traffic unpack itself DNS |
2
http://sitecgps.com/assets/hj8/ http://185.215.227.107:443/cUTW1/VIqjkG6PpLhDA8Jx/
|
2
185.215.227.107 65.99.205.177
|
|
|
4.0 |
|
22 |
admin
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
1635 |
2020-09-04 10:10
|
Attachment-2020_09_04.doc 22bb68903763d56bc7eb098b141767a8 Vulnerability VirusTotal Malware Malicious Traffic unpack itself DNS |
2
http://185.215.227.107:443/kSUYPAS8yRQuS5H1W/emhwmJDlu8/HEB4dvk8MOgtx9/UOqAs/ http://sitecgps.com/assets/hj8/
|
2
185.215.227.107 65.99.205.177
|
|
|
4.0 |
|
24 |
admin
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|