| 48691 |
2020-07-08 14:52
|
https://app.gomtv.com/gom/NEW_... cdf0ee07031e51f2fb8648e1abe9f1f4
VirusTotal Malware AutoRuns suspicious privilege MachineGuid Code Injection Malicious Traffic Check memory Checks debugger buffers extracted Creates shortcut Creates executable files RWX flags setting unpack itself Windows utilities Check virtual network interfaces suspicious process AppData folder malicious URLs AntiVM_Disk sandbox evasion WriteConsoleW VM Disk Size Check Interception Windows Browser Advertising ComputerName crashed |
49
http://img.gomlab.com/img/gomproduct/setup/ico_sandoll.gif
http://app.gomtv.com/GomHelper2/Version.ini
http://info.mmnneo.com/favicon.ico
http://ana.gomtv.com/cgi-bin/prdpromo.cgi?promo=gomhelper2&prd=gomplayer&type=set¶m=KOR,2.3.54.5318&uKey=14440
http://ana.gomtv.com/cgi-bin/prdpromo.cgi?promo=coupang_bookmark_mo&prd=gomplayer&type=view¶m=KOR,2.3.54.5318&uKey=14440
http://find.relatedpop.com/app/appdata.php?gu=9FE7A4258AAC91E5DFBF4A91D41128BD&pi=mumchit2
http://ana.gomtv.com/cgi-bin/prdpromo.cgi?promo=relatedpop&prd=gomplayer&type=set¶m=KOR,2.3.54.5318&uKey=14440
http://ocsp.digicert.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBTPJvUY%2Bsl%2Bj4yzQuAcL2oQno5fCgQUUWj%2FkK8CB3U8zNllZGKiErhZcjsCEAfxgPw1yZETvtwV9zE%2FGL8%3D
http://find.relatedpop.com/app/appkwdman.php?gu=9FE7A4258AAC91E5DFBF4A91D41128BD&pi=mumchit2&url=info.mmnneo.com&kwd=&sk=&ps=
http://ana.gomtv.com/cgi-bin/prdpromo.cgi?promo=coupang_bookmark&prd=gomplayer&type=set¶m=KOR,2.3.54.5318&uKey=14440
http://adw.gomtv.com/ads.gom?dispid=ban@product_install
http://ocsp.trustwave.com/MFIwUDBOMEwwSjAJBgUrDgMCGgUABBQ1mI4Ww4R5LZiQ295pj4OF%2F44yyAQUyk7dWyc1Kdn27sPlU%2B%2BkwBmWHa8CEQCSuHRPcc7Q4mxyo9jV2SWy
http://img.gomlab.com/css/gomproduct/setup.css?v20180314
http://ana.gomtv.com/cgi-bin/prdpromo.cgi?promo=clipdown&prd=gomplayer&type=view¶m=KOR,2.3.54.5318&uKey=14440
http://img.gomlab.com/img/gomproduct/setup/bg_select.gif
http://go.gomtv.com/rd?link_id=10567
http://find.relatedpop.com/app/appconduct.php?pi=mumchit2&gu=9FE7A4258AAC91E5DFBF4A91D41128BD&ac=1&opg=
http://ana.gomtv.com/cgi-bin/prdpromo.cgi?promo=relatedpop&prd=gomplayer&type=view¶m=KOR,2.3.54.5318&uKey=14440
http://playinfo.gomlab.com/cms/bundle/log.gom?mode=new&type=check&log=avast,KR,KR
http://ocsp.int-x3.letsencrypt.org/MFMwUTBPME0wSzAJBgUrDgMCGgUABBR%2B5mrncpqz%2FPiiIGRsFqEtYHEIXQQUqEpqYwR93brm0Tm3pkVl7%2FOo7KECEgSnpbKtCqR9Oin%2BnzJgtszNYw%3D%3D
http://ana.gomtv.com/cgi-bin/prdpromo.cgi?promo=zum_component&prd=gomplayer&type=view¶m=KOR,2.3.54.5318&uKey=14440
http://img.gomlab.com/img/gomproduct/setup/bg_gomcam.jpg
http://promotion.gomlab.com/ini/gom_promotion.php
http://img.gomlab.com/img/gomproduct/setup/ico_prdset.gif?v=2
http://go.gomtv.com/rd?link_id=10567
http://estat-thirdparty.zum.com/at.gif?data=eyAiZXZlbnQiOiAiQENvbnNlbnQiLCAicHJvcGVydGllcyI6IHsgInNvZnR3YXJlIjogIkdvbVBsYXllciIsICJjaGVja2JveENsaWNrIjogInRydWUiLCAiY2hlY2tTdGVwIjogMSwgInRpbWUiOiAxNTk0MjQyNDgwIH0gfQ==&time=1594242480462
http://app.gomtv.com/GomHelper2/GOMHELPER2SETUP.EXE
http://img.gomlab.com/img/gomproduct/setup/bg_prd_gmixplus.jpg
http://img.gomlab.com/img/gomproduct/setup/btn_voucher.gif
http://adw.gomtv.com/install_banner.html
http://img.gomlab.com/img/gomproduct/setup/gom_header.png
http://ana.gomtv.com/cgi-bin/prdpromo.cgi?promo=coupang_bookmark&prd=gomplayer&type=view¶m=KOR,2.3.54.5318&uKey=14440
http://log.gomlab.com/player/install?build=new_kor&fpb=new_kor&version=2.3.54.5318&bit=32bit&os=windows764bit&lang=kor&guid=06d56fd8382e84f00b1f63cd576961cf
http://img.gomlab.com/img/gomproduct/setup/bg_prd_gaud.jpg?v=1
http://adimg.gomtv.com/images/0000/0004/9522
http://log.gomlab.com/totalpromotion/view?guid=06d56fd8382e84f00b1f63cd576961cf
http://ana.gomtv.com/cgi-bin/prdpromo.cgi?promo=zum_component&prd=gomplayer&type=set¶m=KOR,2.3.54.5318&uKey=14440
http://ana.gomtv.com/cgi-bin/prdpromo.cgi?promo=coupang_bookmark_mo&prd=gomplayer&type=set¶m=KOR,2.3.54.5318&uKey=14440
http://info.mmnneo.com/getGuidStr.info?guid=
http://ana.gomtv.com/cgi-bin/prdpromo.cgi?promo=gomhelper2&prd=gomplayer&type=view¶m=KOR,2.3.54.5318&uKey=14440
http://img.gomlab.com/img/gomproduct/setup/bg_sandoll.jpg
http://playinfo.gomlab.com/cms/bundle/log.gom?mode=new&type=show&log=avast,KR,KR
http://ncube.gomtv.com/gom/Promotion.ini
http://img.gomlab.com/js/web/jquery-1.8.x.js
http://adw.gomtv.com/install_banner.html
http://info2.mmnneo.com/insert_ad_domain_arr.php?from=infommnneo_oldkeyword_insert&guid=%7BED93FE28-4D50-3DBE-8CD9-429C06E10746%7D&insert_date=2020-07-08%2014:48:04&domain_arr=acdn.adnxs.com,adw.gomtv.com,eb2.3lift.com,
http://gomhelper.gomtv.com/gtb_option.asp?OSVersion=6.1%20(Build%207601)%20Service%20Pack%201&IEVersion=11
https://app.gomtv.com/gom/NEW_GOMPLAYERSETUP.EXE
https://app.gomtv.com/gom/GrVersion.ini
https://app.gomtv.com/gom/GrVersion.ini
https://cdn.gomlab.com/gretech/promotion_sw/relatedpopsetup.exe
https://cdn.gomlab.com/gretech/gom_promotion/CheckProduct.html
|
20
estat-thirdparty.zum.com(112.175.191.56)
app.gomtv.com(58.228.255.24)
info.mmnneo.com(183.110.214.149)
ncube.gomtv.com(183.110.10.192)
find.relatedpop.com(112.175.114.44)
ana.gomtv.com(183.110.10.189)
ocsp.digicert.com(117.18
112.175.114.44
112.175.191.56
117.18.237.29
119.207.65.27
121.156.55.238
13.227.21.107
14.0.114.117
183.110.10.188
183.110.10.189
183.110.10.192
183.110.10.197
183.110.10.29
183.110.214.149
|
|
|
17.2 |
M |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 48692 |
2020-07-08 14:43
|
https://app.gomtv.com/gom/NEW_... cdf0ee07031e51f2fb8648e1abe9f1f4
VirusTotal Malware Code Injection Check memory Creates executable files unpack itself Windows utilities Check virtual network interfaces AppData folder malicious URLs Interception Windows Browser crashed |
13
http://ana.gomtv.com/cgi-bin/prdpromo.cgi?promo=relatedpop&prd=gomplayer&type=view¶m=KOR,2.3.54.5318&uKey=14440
http://playinfo.gomlab.com/cms/bundle/log.gom?mode=new&type=check&log=avast,KR,KR
http://ana.gomtv.com/cgi-bin/prdpromo.cgi?promo=coupang_bookmark_mo&prd=gomplayer&type=view¶m=KOR,2.3.54.5318&uKey=14440
http://ana.gomtv.com/cgi-bin/prdpromo.cgi?promo=zum_component&prd=gomplayer&type=view¶m=KOR,2.3.54.5318&uKey=14440
http://ocsp.int-x3.letsencrypt.org/MFMwUTBPME0wSzAJBgUrDgMCGgUABBR%2B5mrncpqz%2FPiiIGRsFqEtYHEIXQQUqEpqYwR93brm0Tm3pkVl7%2FOo7KECEgSnpbKtCqR9Oin%2BnzJgtszNYw%3D%3D
http://ncube.gomtv.com/gom/Promotion.ini
http://ana.gomtv.com/cgi-bin/prdpromo.cgi?promo=gomhelper2&prd=gomplayer&type=view¶m=KOR,2.3.54.5318&uKey=14440
http://playinfo.gomlab.com/cms/bundle/log.gom?mode=new&type=show&log=avast,KR,KR
http://ana.gomtv.com/cgi-bin/prdpromo.cgi?promo=coupang_bookmark&prd=gomplayer&type=view¶m=KOR,2.3.54.5318&uKey=14440
http://log.gomlab.com/player/cancel?build=new_kor&fpb=&version=2.3.54.5318&bit=32bit&os=windows764bit&lang=kor&step=Avast&guid=d9a11d4dcb308512891fe9ec254ed0f0
http://ocsp.trustwave.com/MFIwUDBOMEwwSjAJBgUrDgMCGgUABBQ1mI4Ww4R5LZiQ295pj4OF%2F44yyAQUyk7dWyc1Kdn27sPlU%2B%2BkwBmWHa8CEQCSuHRPcc7Q4mxyo9jV2SWy
http://ana.gomtv.com/cgi-bin/prdpromo.cgi?promo=clipdown&prd=gomplayer&type=view¶m=KOR,2.3.54.5318&uKey=14440
https://app.gomtv.com/gom/NEW_GOMPLAYERSETUP.EXE
|
14
ncube.gomtv.com(183.110.10.192)
ana.gomtv.com(183.110.10.189)
ocsp.trustwave.com(23.67.53.106)
app.gomtv.com(183.111.235.201)
log.gomlab.com(52.20.25.14)
ocsp.int-x3.letsencrypt.org(119.207.65.27)
playinfo.gomlab.com(13.227.2
119.207.65.56
13.227.21.74
183.110.10.189
183.110.10.192
183.111.235.201
23.67.53.115
52.20.25.14
|
|
|
8.4 |
M |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 48693 |
2020-07-08 14:40
|
https://app.gomtv.com/gom/NEW_... cdf0ee07031e51f2fb8648e1abe9f1f4
VirusTotal Malware Code Injection Check memory Creates executable files unpack itself Windows utilities Check virtual network interfaces AppData folder malicious URLs Interception Windows Browser |
11
http://ana.gomtv.com/cgi-bin/prdpromo.cgi?promo=relatedpop&prd=gomplayer&type=view¶m=KOR,2.3.54.5318&uKey=14440
http://playinfo.gomlab.com/cms/bundle/log.gom?mode=new&type=check&log=avast,KR,KR
http://ana.gomtv.com/cgi-bin/prdpromo.cgi?promo=coupang_bookmark_mo&prd=gomplayer&type=view¶m=KOR,2.3.54.5318&uKey=14440
http://ana.gomtv.com/cgi-bin/prdpromo.cgi?promo=zum_component&prd=gomplayer&type=view¶m=KOR,2.3.54.5318&uKey=14440
http://ncube.gomtv.com/gom/Promotion.ini
http://ana.gomtv.com/cgi-bin/prdpromo.cgi?promo=gomhelper2&prd=gomplayer&type=view¶m=KOR,2.3.54.5318&uKey=14440
http://playinfo.gomlab.com/cms/bundle/log.gom?mode=new&type=show&log=avast,KR,KR
http://ana.gomtv.com/cgi-bin/prdpromo.cgi?promo=coupang_bookmark&prd=gomplayer&type=view¶m=KOR,2.3.54.5318&uKey=14440
http://log.gomlab.com/player/cancel?build=new_kor&fpb=&version=2.3.54.5318&bit=32bit&os=windows764bit&lang=kor&step=Avast&guid=d9a11d4dcb308512891fe9ec254ed0f0
http://ana.gomtv.com/cgi-bin/prdpromo.cgi?promo=clipdown&prd=gomplayer&type=view¶m=KOR,2.3.54.5318&uKey=14440
https://app.gomtv.com/gom/NEW_GOMPLAYERSETUP.EXE
|
11
ncube.gomtv.com(183.110.10.192)
ana.gomtv.com(183.110.10.189)
app.gomtv.com(183.111.235.201)
log.gomlab.com(52.20.25.14)
playinfo.gomlab.com(13.227.21.107)
kr.msn.com(13.75.94.74)
13.227.21.74
183.110.10.189
183.110.10.192
183.111.235.201
35.169.10.202
|
|
|
8.2 |
M |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 48694 |
2020-07-08 14:39
|
https://app.gomtv.com/gom/NEW_... cdf0ee07031e51f2fb8648e1abe9f1f4
VirusTotal Malware Code Injection Check memory Creates executable files unpack itself Windows utilities Check virtual network interfaces AppData folder malicious URLs Interception Windows Browser |
11
http://ana.gomtv.com/cgi-bin/prdpromo.cgi?promo=relatedpop&prd=gomplayer&type=view¶m=KOR,2.3.54.5318&uKey=14440
http://playinfo.gomlab.com/cms/bundle/log.gom?mode=new&type=check&log=avast,KR,KR
http://ana.gomtv.com/cgi-bin/prdpromo.cgi?promo=coupang_bookmark_mo&prd=gomplayer&type=view¶m=KOR,2.3.54.5318&uKey=14440
http://ana.gomtv.com/cgi-bin/prdpromo.cgi?promo=zum_component&prd=gomplayer&type=view¶m=KOR,2.3.54.5318&uKey=14440
http://ncube.gomtv.com/gom/Promotion.ini
http://ana.gomtv.com/cgi-bin/prdpromo.cgi?promo=gomhelper2&prd=gomplayer&type=view¶m=KOR,2.3.54.5318&uKey=14440
http://playinfo.gomlab.com/cms/bundle/log.gom?mode=new&type=show&log=avast,KR,KR
http://ana.gomtv.com/cgi-bin/prdpromo.cgi?promo=coupang_bookmark&prd=gomplayer&type=view¶m=KOR,2.3.54.5318&uKey=14440
http://log.gomlab.com/player/cancel?build=new_kor&fpb=&version=2.3.54.5318&bit=32bit&os=windows764bit&lang=kor&step=Avast&guid=d9a11d4dcb308512891fe9ec254ed0f0
http://ana.gomtv.com/cgi-bin/prdpromo.cgi?promo=clipdown&prd=gomplayer&type=view¶m=KOR,2.3.54.5318&uKey=14440
https://app.gomtv.com/gom/NEW_GOMPLAYERSETUP.EXE
|
11
ncube.gomtv.com(183.110.10.192)
ana.gomtv.com(183.110.10.189)
app.gomtv.com(183.111.235.201)
log.gomlab.com(35.169.10.202)
playinfo.gomlab.com(13.227.21.107)
kr.msn.com(13.75.94.74)
13.227.21.70
183.110.10.189
183.110.10.192
35.169.10.202
58.228.255.24
|
|
|
8.2 |
M |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 48695 |
2020-07-08 14:36
|
https://app.gomtv.com/gom/NEW_... cdf0ee07031e51f2fb8648e1abe9f1f4
VirusTotal Malware Code Injection unpack itself Windows utilities Windows |
|
2
app.gomtv.com(58.228.255.24)
58.228.255.24
|
|
|
2.2 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 48696 |
2020-07-08 14:30
|
https://app.gomtv.com/gom/NEW_... cdf0ee07031e51f2fb8648e1abe9f1f4
VirusTotal Malware Code Injection Check memory Creates executable files unpack itself Windows utilities Check virtual network interfaces AppData folder malicious URLs Interception Windows Browser |
10
http://ana.gomtv.com/cgi-bin/prdpromo.cgi?promo=relatedpop&prd=gomplayer&type=view¶m=KOR,2.3.54.5318&uKey=14440
http://playinfo.gomlab.com/cms/bundle/log.gom?mode=new&type=check&log=avast,KR,KR
http://ana.gomtv.com/cgi-bin/prdpromo.cgi?promo=coupang_bookmark_mo&prd=gomplayer&type=view¶m=KOR,2.3.54.5318&uKey=14440
http://ana.gomtv.com/cgi-bin/prdpromo.cgi?promo=zum_component&prd=gomplayer&type=view¶m=KOR,2.3.54.5318&uKey=14440
http://ncube.gomtv.com/gom/Promotion.ini
http://ana.gomtv.com/cgi-bin/prdpromo.cgi?promo=gomhelper2&prd=gomplayer&type=view¶m=KOR,2.3.54.5318&uKey=14440
http://playinfo.gomlab.com/cms/bundle/log.gom?mode=new&type=show&log=avast,KR,KR
http://ana.gomtv.com/cgi-bin/prdpromo.cgi?promo=coupang_bookmark&prd=gomplayer&type=view¶m=KOR,2.3.54.5318&uKey=14440
http://ana.gomtv.com/cgi-bin/prdpromo.cgi?promo=clipdown&prd=gomplayer&type=view¶m=KOR,2.3.54.5318&uKey=14440
https://app.gomtv.com/gom/NEW_GOMPLAYERSETUP.EXE
|
9
ncube.gomtv.com(183.110.10.192)
ana.gomtv.com(183.110.10.189)
app.gomtv.com(183.111.235.201)
playinfo.gomlab.com(13.227.21.74)
kr.msn.com(13.75.94.74)
13.227.21.107
183.110.10.189
183.110.10.192
183.111.235.201
|
|
|
8.2 |
M |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 48697 |
2020-07-08 14:18
|
QUOTATION_49027352-pdf.exe 2714c2eac0417bec3b7186c77a5ad059
VirusTotal Malware |
|
|
|
|
1.4 |
|
15 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 48698 |
2020-07-08 14:15
|
QUOTATION_49027352-pdf.exe 2714c2eac0417bec3b7186c77a5ad059 |
|
|
|
|
0.8 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 48699 |
2020-07-08 14:10
|
https://app.gomtv.com/gom/NEW_... cdf0ee07031e51f2fb8648e1abe9f1f4
VirusTotal Malware Code Injection unpack itself Windows utilities Windows |
|
2
app.gomtv.com(183.111.235.201)
183.111.235.201
|
|
|
2.2 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 48700 |
2020-07-08 13:55
|
https://app.gomtv.com/gom/NEW_... cdf0ee07031e51f2fb8648e1abe9f1f4
VirusTotal Malware Code Injection Check memory Creates executable files RWX flags setting unpack itself Windows utilities Check virtual network interfaces AppData folder malicious URLs Interception Windows Browser |
10
http://ana.gomtv.com/cgi-bin/prdpromo.cgi?promo=relatedpop&prd=gomplayer&type=view¶m=KOR,2.3.54.5318&uKey=14440
http://playinfo.gomlab.com/cms/bundle/log.gom?mode=new&type=check&log=avast,KR,KR
http://ana.gomtv.com/cgi-bin/prdpromo.cgi?promo=coupang_bookmark_mo&prd=gomplayer&type=view¶m=KOR,2.3.54.5318&uKey=14440
http://ana.gomtv.com/cgi-bin/prdpromo.cgi?promo=zum_component&prd=gomplayer&type=view¶m=KOR,2.3.54.5318&uKey=14440
http://ncube.gomtv.com/gom/Promotion.ini
http://ana.gomtv.com/cgi-bin/prdpromo.cgi?promo=gomhelper2&prd=gomplayer&type=view¶m=KOR,2.3.54.5318&uKey=14440
http://playinfo.gomlab.com/cms/bundle/log.gom?mode=new&type=show&log=avast,KR,KR
http://ana.gomtv.com/cgi-bin/prdpromo.cgi?promo=coupang_bookmark&prd=gomplayer&type=view¶m=KOR,2.3.54.5318&uKey=14440
http://ana.gomtv.com/cgi-bin/prdpromo.cgi?promo=clipdown&prd=gomplayer&type=view¶m=KOR,2.3.54.5318&uKey=14440
https://app.gomtv.com/gom/NEW_GOMPLAYERSETUP.EXE
|
9
ncube.gomtv.com(183.110.10.192)
ana.gomtv.com(183.110.10.189)
app.gomtv.com(58.228.255.24)
playinfo.gomlab.com(13.227.21.107)
kr.msn.com(13.75.94.74)
13.227.21.74
183.110.10.189
183.110.10.192
58.228.255.24
|
|
|
8.6 |
M |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 48701 |
2020-07-08 13:52
|
https://app.gomtv.com/gom/NEW_... cdf0ee07031e51f2fb8648e1abe9f1f4
VirusTotal Malware Code Injection Check memory Creates executable files unpack itself Windows utilities Check virtual network interfaces AppData folder malicious URLs Interception Windows Browser |
11
http://ana.gomtv.com/cgi-bin/prdpromo.cgi?promo=relatedpop&prd=gomplayer&type=view¶m=KOR,2.3.54.5318&uKey=14440
http://playinfo.gomlab.com/cms/bundle/log.gom?mode=new&type=check&log=avast,KR,KR
http://ana.gomtv.com/cgi-bin/prdpromo.cgi?promo=coupang_bookmark_mo&prd=gomplayer&type=view¶m=KOR,2.3.54.5318&uKey=14440
http://ana.gomtv.com/cgi-bin/prdpromo.cgi?promo=zum_component&prd=gomplayer&type=view¶m=KOR,2.3.54.5318&uKey=14440
http://ncube.gomtv.com/gom/Promotion.ini
http://ana.gomtv.com/cgi-bin/prdpromo.cgi?promo=gomhelper2&prd=gomplayer&type=view¶m=KOR,2.3.54.5318&uKey=14440
http://playinfo.gomlab.com/cms/bundle/log.gom?mode=new&type=show&log=avast,KR,KR
http://ana.gomtv.com/cgi-bin/prdpromo.cgi?promo=coupang_bookmark&prd=gomplayer&type=view¶m=KOR,2.3.54.5318&uKey=14440
http://log.gomlab.com/player/cancel?build=new_kor&fpb=&version=2.3.54.5318&bit=32bit&os=windows764bit&lang=kor&step=Avast&guid=2635a0bfef4ba9e359c0d6d0b03821c5
http://ana.gomtv.com/cgi-bin/prdpromo.cgi?promo=clipdown&prd=gomplayer&type=view¶m=KOR,2.3.54.5318&uKey=14440
https://app.gomtv.com/gom/NEW_GOMPLAYERSETUP.EXE
|
11
ncube.gomtv.com(183.110.10.192)
ana.gomtv.com(183.110.10.189)
app.gomtv.com(183.111.235.201)
log.gomlab.com(35.169.10.202)
playinfo.gomlab.com(13.227.21.74)
kr.msn.com(13.75.94.74)
13.227.21.74
183.110.10.189
183.110.10.192
183.111.235.201
52.20.25.14
|
|
|
8.2 |
M |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 48702 |
2020-07-08 13:49
|
https://app.gomtv.com/gom/NEW_... cdf0ee07031e51f2fb8648e1abe9f1f4
VirusTotal Malware Code Injection Creates executable files unpack itself Windows utilities Windows DNS |
1
https://app.gomtv.com/gom/NEW_GOMPLAYERSETUP.EXE
|
4
app.gomtv.com(58.228.255.24)
kr.msn.com(13.75.94.74)
183.111.235.201
23.67.53.115
|
|
|
4.0 |
M |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 48703 |
2020-07-08 13:48
|
https://app.gomtv.com/gom/NEW_... cdf0ee07031e51f2fb8648e1abe9f1f4
VirusTotal Malware Code Injection Creates executable files unpack itself Windows utilities Windows DNS |
1
https://app.gomtv.com/gom/NEW_GOMPLAYERSETUP.EXE
|
4
app.gomtv.com(58.228.255.24)
kr.msn.com(13.75.94.74)
183.111.235.201
23.67.53.115
|
|
|
4.0 |
M |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 48704 |
2020-07-08 13:46
|
https://app.gomtv.com/gom/NEW_... cdf0ee07031e51f2fb8648e1abe9f1f4
VirusTotal Malware Code Injection Check memory Creates executable files unpack itself Windows utilities Check virtual network interfaces AppData folder malicious URLs Interception Windows Browser DNS |
11
http://ana.gomtv.com/cgi-bin/prdpromo.cgi?promo=relatedpop&prd=gomplayer&type=view¶m=KOR,2.3.54.5318&uKey=14440
http://playinfo.gomlab.com/cms/bundle/log.gom?mode=new&type=check&log=avast,KR,KR
http://ana.gomtv.com/cgi-bin/prdpromo.cgi?promo=coupang_bookmark_mo&prd=gomplayer&type=view¶m=KOR,2.3.54.5318&uKey=14440
http://ana.gomtv.com/cgi-bin/prdpromo.cgi?promo=zum_component&prd=gomplayer&type=view¶m=KOR,2.3.54.5318&uKey=14440
http://log.gomlab.com/player/cancel?build=new_kor&fpb=&version=2.3.54.5318&bit=32bit&os=windows764bit&lang=kor&step=eula&guid=67c11547fa6c22ba01a5aa3352555acc
http://ncube.gomtv.com/gom/Promotion.ini
http://ana.gomtv.com/cgi-bin/prdpromo.cgi?promo=gomhelper2&prd=gomplayer&type=view¶m=KOR,2.3.54.5318&uKey=14440
http://ana.gomtv.com/cgi-bin/prdpromo.cgi?promo=coupang_bookmark&prd=gomplayer&type=view¶m=KOR,2.3.54.5318&uKey=14440
http://ana.gomtv.com/cgi-bin/prdpromo.cgi?promo=clipdown&prd=gomplayer&type=view¶m=KOR,2.3.54.5318&uKey=14440
https://app.gomtv.com/gom/NEW_GOMPLAYERSETUP.EXE
https://spynet2.microsoft.com/AntiMalwareServices/2/SpynetReportSrvc.asmx
|
15
sqm.telemetry.microsoft.com(65.55.252.93)
playinfo.gomlab.com(13.227.76.16)
ncube.gomtv.com(183.110.10.192)
app.gomtv.com(58.228.255.24)
log.gomlab.com(52.20.25.14)
spynet2.microsoft.com(65.52.172.55)
ana.gomtv.com(183.110.10
13.227.76.44
183.110.10.189
183.110.10.192
23.67.53.115
52.163.83.146
52.20.25.14
58.228.255.24
65.55.252.93
|
|
|
9.8 |
M |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 48705 |
2020-07-08 13:37
|
https://app.gomtv.com/gom/NEW_... cdf0ee07031e51f2fb8648e1abe9f1f4
VirusTotal Malware Code Injection Check memory Creates executable files unpack itself Windows utilities Check virtual network interfaces AppData folder malicious URLs Interception Windows Browser |
11
http://log.gomlab.com/player/cancel?build=new_kor&fpb=&version=2.3.54.5318&bit=32bit&os=windows764bit&lang=kor&step=Avast&guid=a3743a0228d50a749c7ea3c81648316e
http://ana.gomtv.com/cgi-bin/prdpromo.cgi?promo=relatedpop&prd=gomplayer&type=view¶m=KOR,2.3.54.5318&uKey=14440
http://playinfo.gomlab.com/cms/bundle/log.gom?mode=new&type=check&log=avast,KR,KR
http://ana.gomtv.com/cgi-bin/prdpromo.cgi?promo=coupang_bookmark_mo&prd=gomplayer&type=view¶m=KOR,2.3.54.5318&uKey=14440
http://ana.gomtv.com/cgi-bin/prdpromo.cgi?promo=zum_component&prd=gomplayer&type=view¶m=KOR,2.3.54.5318&uKey=14440
http://ncube.gomtv.com/gom/Promotion.ini
http://ana.gomtv.com/cgi-bin/prdpromo.cgi?promo=gomhelper2&prd=gomplayer&type=view¶m=KOR,2.3.54.5318&uKey=14440
http://playinfo.gomlab.com/cms/bundle/log.gom?mode=new&type=show&log=avast,KR,KR
http://ana.gomtv.com/cgi-bin/prdpromo.cgi?promo=coupang_bookmark&prd=gomplayer&type=view¶m=KOR,2.3.54.5318&uKey=14440
http://ana.gomtv.com/cgi-bin/prdpromo.cgi?promo=clipdown&prd=gomplayer&type=view¶m=KOR,2.3.54.5318&uKey=14440
https://app.gomtv.com/gom/NEW_GOMPLAYERSETUP.EXE
|
13
log.gomlab.com(52.20.25.14)
sqm.telemetry.microsoft.com(65.55.252.93)
ncube.gomtv.com(183.110.10.192)
app.gomtv.com(183.111.235.201)
playinfo.gomlab.com(13.227.76.12)
kr.msn.com(13.75.94.74)
ana.gomtv.com(183.110.10.189)
13.227.76.12
183.110.10.189
183.110.10.192
183.111.235.201
52.20.25.14
65.55.252.93
|
|
|
9.2 |
M |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|