| 49096 |
2020-07-08 16:16
|
https://cdn1.estsecurity.com/s... f809c38f0febca37c04811e2dc51ff8e
Malware suspicious privilege Code Injection Malicious Traffic Check memory Creates executable files RWX flags setting unpack itself Windows utilities Check virtual network interfaces AppData folder malicious URLs Interception Windows |
5
http://ocsp.trustwave.com/MFIwUDBOMEwwSjAJBgUrDgMCGgUABBQ1mI4Ww4R5LZiQ295pj4OF%2F44yyAQUyk7dWyc1Kdn27sPlU%2B%2BkwBmWHa8CEQCSuHRPcc7Q4mxyo9jV2SWy
http://ko-KR.altoolsinst.altools.com/start/setupset.aspx
http://ko-KR.altoolsinst.altools.com/show/public_addin.aspx
https://cdn1.estsecurity.com/setup/ALYac/ALYac25.exe
https://spynet2.microsoft.com/AntiMalwareServices/2/SpynetReportSrvc.asmx
|
9
kr.msn.com(13.75.94.74)
ocsp.trustwave.com(23.67.53.115)
ko-kr.altoolsinst.altools.com(218.153.8.56)
spynet2.microsoft.com(65.52.172.55)
cdn1.estsecurity.com(52.84.187.93)
218.153.8.56
23.67.53.106
52.84.187.189
65.52.172.55
|
|
|
8.2 |
M |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 49097 |
2020-07-08 15:39
|
https://app.gomtv.com/gom/NEW_... cdf0ee07031e51f2fb8648e1abe9f1f4
VirusTotal Malware Code Injection Creates executable files unpack itself Windows utilities Windows |
1
https://app.gomtv.com/gom/NEW_GOMPLAYERSETUP.EXE
|
5
sqm.telemetry.microsoft.com(65.55.252.93)
app.gomtv.com(183.111.235.201)
kr.msn.com(13.75.94.74)
183.111.235.201
65.55.252.93
|
|
|
4.0 |
M |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 49098 |
2020-07-08 15:36
|
https://app.gomtv.com/gom/NEW_... cdf0ee07031e51f2fb8648e1abe9f1f4
VirusTotal Malware Code Injection Check memory Creates executable files unpack itself Windows utilities Check virtual network interfaces AppData folder malicious URLs Interception Windows Browser |
11
http://ana.gomtv.com/cgi-bin/prdpromo.cgi?promo=relatedpop&prd=gomplayer&type=view¶m=KOR,2.3.54.5318&uKey=14440
http://playinfo.gomlab.com/cms/bundle/log.gom?mode=new&type=check&log=avast,KR,KR
http://ana.gomtv.com/cgi-bin/prdpromo.cgi?promo=coupang_bookmark_mo&prd=gomplayer&type=view¶m=KOR,2.3.54.5318&uKey=14440
http://ana.gomtv.com/cgi-bin/prdpromo.cgi?promo=zum_component&prd=gomplayer&type=view¶m=KOR,2.3.54.5318&uKey=14440
http://log.gomlab.com/player/cancel?build=new_kor&fpb=&version=2.3.54.5318&bit=32bit&os=windows764bit&lang=kor&step=Avast&guid=d361d532b3f6377977e6b9973c085a71
http://ncube.gomtv.com/gom/Promotion.ini
http://ana.gomtv.com/cgi-bin/prdpromo.cgi?promo=gomhelper2&prd=gomplayer&type=view¶m=KOR,2.3.54.5318&uKey=14440
http://playinfo.gomlab.com/cms/bundle/log.gom?mode=new&type=show&log=avast,KR,KR
http://ana.gomtv.com/cgi-bin/prdpromo.cgi?promo=coupang_bookmark&prd=gomplayer&type=view¶m=KOR,2.3.54.5318&uKey=14440
http://ana.gomtv.com/cgi-bin/prdpromo.cgi?promo=clipdown&prd=gomplayer&type=view¶m=KOR,2.3.54.5318&uKey=14440
https://app.gomtv.com/gom/NEW_GOMPLAYERSETUP.EXE
|
11
ana.gomtv.com(183.110.10.189)
ncube.gomtv.com(183.110.10.192)
kr.msn.com(13.75.94.74)
app.gomtv.com(58.228.255.24)
playinfo.gomlab.com(13.227.21.74)
log.gomlab.com(35.169.10.202)
13.227.21.77
183.110.10.189
183.110.10.192
183.111.235.201
35.169.10.202
|
|
|
9.2 |
M |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 49099 |
2020-07-08 15:33
|
https://app.gomtv.com/gom/NEW_... cdf0ee07031e51f2fb8648e1abe9f1f4
VirusTotal Malware Code Injection Check memory Creates executable files unpack itself Windows utilities Check virtual network interfaces AppData folder malicious URLs Interception Windows Browser DNS |
10
http://ana.gomtv.com/cgi-bin/prdpromo.cgi?promo=relatedpop&prd=gomplayer&type=view¶m=KOR,2.3.54.5318&uKey=14440
http://playinfo.gomlab.com/cms/bundle/log.gom?mode=new&type=check&log=avast,KR,KR
http://ana.gomtv.com/cgi-bin/prdpromo.cgi?promo=coupang_bookmark_mo&prd=gomplayer&type=view¶m=KOR,2.3.54.5318&uKey=14440
http://ana.gomtv.com/cgi-bin/prdpromo.cgi?promo=zum_component&prd=gomplayer&type=view¶m=KOR,2.3.54.5318&uKey=14440
http://ncube.gomtv.com/gom/Promotion.ini
http://ana.gomtv.com/cgi-bin/prdpromo.cgi?promo=gomhelper2&prd=gomplayer&type=view¶m=KOR,2.3.54.5318&uKey=14440
http://playinfo.gomlab.com/cms/bundle/log.gom?mode=new&type=show&log=avast,KR,KR
http://ana.gomtv.com/cgi-bin/prdpromo.cgi?promo=coupang_bookmark&prd=gomplayer&type=view¶m=KOR,2.3.54.5318&uKey=14440
http://ana.gomtv.com/cgi-bin/prdpromo.cgi?promo=clipdown&prd=gomplayer&type=view¶m=KOR,2.3.54.5318&uKey=14440
https://app.gomtv.com/gom/NEW_GOMPLAYERSETUP.EXE
|
10
ana.gomtv.com(183.110.10.189)
kr.msn.com(13.75.94.74)
app.gomtv.com(58.228.255.24)
playinfo.gomlab.com(13.227.21.74)
ncube.gomtv.com(183.110.10.192)
119.207.64.48
13.227.21.77
183.110.10.189
183.110.10.192
58.228.255.24
|
|
|
8.8 |
M |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 49100 |
2020-07-08 15:28
|
https://app.gomtv.com/gom/NEW_... cdf0ee07031e51f2fb8648e1abe9f1f4
VirusTotal Malware Code Injection Check memory Creates executable files unpack itself Windows utilities Check virtual network interfaces AppData folder malicious URLs Interception Windows Browser |
11
http://ana.gomtv.com/cgi-bin/prdpromo.cgi?promo=relatedpop&prd=gomplayer&type=view¶m=KOR,2.3.54.5318&uKey=14440
http://playinfo.gomlab.com/cms/bundle/log.gom?mode=new&type=check&log=avast,KR,KR
http://ana.gomtv.com/cgi-bin/prdpromo.cgi?promo=coupang_bookmark_mo&prd=gomplayer&type=view¶m=KOR,2.3.54.5318&uKey=14440
http://ana.gomtv.com/cgi-bin/prdpromo.cgi?promo=zum_component&prd=gomplayer&type=view¶m=KOR,2.3.54.5318&uKey=14440
http://ncube.gomtv.com/gom/Promotion.ini
http://ana.gomtv.com/cgi-bin/prdpromo.cgi?promo=gomhelper2&prd=gomplayer&type=view¶m=KOR,2.3.54.5318&uKey=14440
http://playinfo.gomlab.com/cms/bundle/log.gom?mode=new&type=show&log=avast,KR,KR
http://ana.gomtv.com/cgi-bin/prdpromo.cgi?promo=coupang_bookmark&prd=gomplayer&type=view¶m=KOR,2.3.54.5318&uKey=14440
http://ana.gomtv.com/cgi-bin/prdpromo.cgi?promo=clipdown&prd=gomplayer&type=view¶m=KOR,2.3.54.5318&uKey=14440
http://log.gomlab.com/player/cancel?build=new_kor&fpb=&version=2.3.54.5318&bit=32bit&os=windows764bit&lang=kor&step=Avast&guid=1cd0868520eaab9f06e95b58c5f14125
https://app.gomtv.com/gom/NEW_GOMPLAYERSETUP.EXE
|
11
log.gomlab.com(52.20.25.14)
ncube.gomtv.com(183.110.10.192)
kr.msn.com(13.75.94.74)
ana.gomtv.com(183.110.10.189)
app.gomtv.com(58.228.255.24)
playinfo.gomlab.com(13.227.21.77)
13.227.21.70
183.110.10.189
183.110.10.192
52.20.25.14
58.228.255.24
|
|
|
8.2 |
M |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 49101 |
2020-07-08 15:06
|
https://app.gomtv.com/gom/NEW_... cdf0ee07031e51f2fb8648e1abe9f1f4
VirusTotal Malware Code Injection Check memory Creates executable files unpack itself Windows utilities Check virtual network interfaces AppData folder malicious URLs Interception Windows Browser |
14
http://ana.gomtv.com/cgi-bin/prdpromo.cgi?promo=relatedpop&prd=gomplayer&type=view¶m=KOR,2.3.54.5318&uKey=14440
http://playinfo.gomlab.com/cms/bundle/log.gom?mode=new&type=check&log=avast,KR,KR
http://ocsp.int-x3.letsencrypt.org/MFMwUTBPME0wSzAJBgUrDgMCGgUABBR%2B5mrncpqz%2FPiiIGRsFqEtYHEIXQQUqEpqYwR93brm0Tm3pkVl7%2FOo7KECEgSnpbKtCqR9Oin%2BnzJgtszNYw%3D%3D
http://ana.gomtv.com/cgi-bin/prdpromo.cgi?promo=zum_component&prd=gomplayer&type=view¶m=KOR,2.3.54.5318&uKey=14440
http://ncube.gomtv.com/gom/Promotion.ini
http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab
http://ana.gomtv.com/cgi-bin/prdpromo.cgi?promo=gomhelper2&prd=gomplayer&type=view¶m=KOR,2.3.54.5318&uKey=14440
http://playinfo.gomlab.com/cms/bundle/log.gom?mode=new&type=show&log=avast,KR,KR
http://ana.gomtv.com/cgi-bin/prdpromo.cgi?promo=coupang_bookmark&prd=gomplayer&type=view¶m=KOR,2.3.54.5318&uKey=14440
http://log.gomlab.com/player/cancel?build=new_kor&fpb=&version=2.3.54.5318&bit=32bit&os=windows764bit&lang=kor&step=Avast&guid=d9a11d4dcb308512891fe9ec254ed0f0
http://ocsp.trustwave.com/MFIwUDBOMEwwSjAJBgUrDgMCGgUABBQ1mI4Ww4R5LZiQ295pj4OF%2F44yyAQUyk7dWyc1Kdn27sPlU%2B%2BkwBmWHa8CEQCSuHRPcc7Q4mxyo9jV2SWy
http://ana.gomtv.com/cgi-bin/prdpromo.cgi?promo=coupang_bookmark_mo&prd=gomplayer&type=view¶m=KOR,2.3.54.5318&uKey=14440
http://ana.gomtv.com/cgi-bin/prdpromo.cgi?promo=clipdown&prd=gomplayer&type=view¶m=KOR,2.3.54.5318&uKey=14440
https://app.gomtv.com/gom/NEW_GOMPLAYERSETUP.EXE
|
15
ncube.gomtv.com(183.110.10.192)
ana.gomtv.com(183.110.10.189)
ocsp.trustwave.com(23.67.53.106)
app.gomtv.com(183.111.235.201)
www.download.windowsupdate.com(23.53.228.40)
ocsp.int-x3.letsencrypt.org(119.207.65.56)
log.gomlab.
119.207.64.81
119.207.65.56
13.227.21.107
183.110.10.189
183.110.10.192
183.111.235.201
23.67.53.32
35.169.10.202
|
|
|
8.2 |
M |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 49102 |
2020-07-08 15:03
|
https://app.gomtv.com/gom/NEW_... cdf0ee07031e51f2fb8648e1abe9f1f4
VirusTotal Malware Code Injection Check memory Creates executable files unpack itself Windows utilities Check virtual network interfaces AppData folder malicious URLs Interception Windows Browser |
13
http://ana.gomtv.com/cgi-bin/prdpromo.cgi?promo=relatedpop&prd=gomplayer&type=view¶m=KOR,2.3.54.5318&uKey=14440
http://playinfo.gomlab.com/cms/bundle/log.gom?mode=new&type=check&log=avast,KR,KR
http://ana.gomtv.com/cgi-bin/prdpromo.cgi?promo=coupang_bookmark_mo&prd=gomplayer&type=view¶m=KOR,2.3.54.5318&uKey=14440
http://ana.gomtv.com/cgi-bin/prdpromo.cgi?promo=zum_component&prd=gomplayer&type=view¶m=KOR,2.3.54.5318&uKey=14440
http://ocsp.int-x3.letsencrypt.org/MFMwUTBPME0wSzAJBgUrDgMCGgUABBR%2B5mrncpqz%2FPiiIGRsFqEtYHEIXQQUqEpqYwR93brm0Tm3pkVl7%2FOo7KECEgSnpbKtCqR9Oin%2BnzJgtszNYw%3D%3D
http://ncube.gomtv.com/gom/Promotion.ini
http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab
http://ana.gomtv.com/cgi-bin/prdpromo.cgi?promo=gomhelper2&prd=gomplayer&type=view¶m=KOR,2.3.54.5318&uKey=14440
http://ana.gomtv.com/cgi-bin/prdpromo.cgi?promo=coupang_bookmark&prd=gomplayer&type=view¶m=KOR,2.3.54.5318&uKey=14440
http://log.gomlab.com/player/cancel?build=new_kor&fpb=&version=2.3.54.5318&bit=32bit&os=windows764bit&lang=kor&step=choose&guid=d9a11d4dcb308512891fe9ec254ed0f0
http://ocsp.trustwave.com/MFIwUDBOMEwwSjAJBgUrDgMCGgUABBQ1mI4Ww4R5LZiQ295pj4OF%2F44yyAQUyk7dWyc1Kdn27sPlU%2B%2BkwBmWHa8CEQCSuHRPcc7Q4mxyo9jV2SWy
http://ana.gomtv.com/cgi-bin/prdpromo.cgi?promo=clipdown&prd=gomplayer&type=view¶m=KOR,2.3.54.5318&uKey=14440
https://app.gomtv.com/gom/NEW_GOMPLAYERSETUP.EXE
|
16
ncube.gomtv.com(183.110.10.192)
ana.gomtv.com(183.110.10.189)
ocsp.trustwave.com(23.67.53.32)
app.gomtv.com(58.228.255.24)
www.download.windowsupdate.com(23.53.228.40)
ocsp.int-x3.letsencrypt.org(119.207.65.27)
log.gomlab.com
13.227.21.70
119.207.65.27
13.227.21.107
183.110.10.189
183.110.10.192
183.111.235.201
23.67.53.115
23.67.53.17
35.169.10.202
|
|
|
8.2 |
M |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 49103 |
2020-07-08 15:00
|
https://app.gomtv.com/gom/NEW_... cdf0ee07031e51f2fb8648e1abe9f1f4
VirusTotal Malware Code Injection Check memory Creates executable files unpack itself Windows utilities Check virtual network interfaces AppData folder malicious URLs Interception Windows Browser |
13
http://ana.gomtv.com/cgi-bin/prdpromo.cgi?promo=relatedpop&prd=gomplayer&type=view¶m=KOR,2.3.54.5318&uKey=14440
http://playinfo.gomlab.com/cms/bundle/log.gom?mode=new&type=check&log=avast,KR,KR
http://ana.gomtv.com/cgi-bin/prdpromo.cgi?promo=coupang_bookmark_mo&prd=gomplayer&type=view¶m=KOR,2.3.54.5318&uKey=14440
http://ana.gomtv.com/cgi-bin/prdpromo.cgi?promo=zum_component&prd=gomplayer&type=view¶m=KOR,2.3.54.5318&uKey=14440
http://ocsp.int-x3.letsencrypt.org/MFMwUTBPME0wSzAJBgUrDgMCGgUABBR%2B5mrncpqz%2FPiiIGRsFqEtYHEIXQQUqEpqYwR93brm0Tm3pkVl7%2FOo7KECEgSnpbKtCqR9Oin%2BnzJgtszNYw%3D%3D
http://ncube.gomtv.com/gom/Promotion.ini
http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab
http://ana.gomtv.com/cgi-bin/prdpromo.cgi?promo=gomhelper2&prd=gomplayer&type=view¶m=KOR,2.3.54.5318&uKey=14440
http://playinfo.gomlab.com/cms/bundle/log.gom?mode=new&type=show&log=avast,KR,KR
http://ana.gomtv.com/cgi-bin/prdpromo.cgi?promo=coupang_bookmark&prd=gomplayer&type=view¶m=KOR,2.3.54.5318&uKey=14440
http://ocsp.trustwave.com/MFIwUDBOMEwwSjAJBgUrDgMCGgUABBQ1mI4Ww4R5LZiQ295pj4OF%2F44yyAQUyk7dWyc1Kdn27sPlU%2B%2BkwBmWHa8CEQCSuHRPcc7Q4mxyo9jV2SWy
http://ana.gomtv.com/cgi-bin/prdpromo.cgi?promo=clipdown&prd=gomplayer&type=view¶m=KOR,2.3.54.5318&uKey=14440
https://app.gomtv.com/gom/NEW_GOMPLAYERSETUP.EXE
|
14
ncube.gomtv.com(183.110.10.192)
ana.gomtv.com(183.110.10.189)
ocsp.trustwave.com(23.67.53.115)
app.gomtv.com(58.228.255.24)
www.download.windowsupdate.com(23.67.53.49)
ocsp.int-x3.letsencrypt.org(119.207.65.56)
playinfo.gomla
119.207.65.27
13.227.21.70
183.110.10.189
183.110.10.192
23.67.53.115
23.67.53.8
58.228.255.24
|
|
|
8.2 |
M |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 49104 |
2020-07-08 14:52
|
https://app.gomtv.com/gom/NEW_... cdf0ee07031e51f2fb8648e1abe9f1f4
VirusTotal Malware AutoRuns suspicious privilege MachineGuid Code Injection Malicious Traffic Check memory Checks debugger buffers extracted Creates shortcut Creates executable files RWX flags setting unpack itself Windows utilities Check virtual network interfaces suspicious process AppData folder malicious URLs AntiVM_Disk sandbox evasion WriteConsoleW VM Disk Size Check Interception Windows Browser Advertising ComputerName crashed |
49
http://img.gomlab.com/img/gomproduct/setup/ico_sandoll.gif
http://app.gomtv.com/GomHelper2/Version.ini
http://info.mmnneo.com/favicon.ico
http://ana.gomtv.com/cgi-bin/prdpromo.cgi?promo=gomhelper2&prd=gomplayer&type=set¶m=KOR,2.3.54.5318&uKey=14440
http://ana.gomtv.com/cgi-bin/prdpromo.cgi?promo=coupang_bookmark_mo&prd=gomplayer&type=view¶m=KOR,2.3.54.5318&uKey=14440
http://find.relatedpop.com/app/appdata.php?gu=9FE7A4258AAC91E5DFBF4A91D41128BD&pi=mumchit2
http://ana.gomtv.com/cgi-bin/prdpromo.cgi?promo=relatedpop&prd=gomplayer&type=set¶m=KOR,2.3.54.5318&uKey=14440
http://ocsp.digicert.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBTPJvUY%2Bsl%2Bj4yzQuAcL2oQno5fCgQUUWj%2FkK8CB3U8zNllZGKiErhZcjsCEAfxgPw1yZETvtwV9zE%2FGL8%3D
http://find.relatedpop.com/app/appkwdman.php?gu=9FE7A4258AAC91E5DFBF4A91D41128BD&pi=mumchit2&url=info.mmnneo.com&kwd=&sk=&ps=
http://ana.gomtv.com/cgi-bin/prdpromo.cgi?promo=coupang_bookmark&prd=gomplayer&type=set¶m=KOR,2.3.54.5318&uKey=14440
http://adw.gomtv.com/ads.gom?dispid=ban@product_install
http://ocsp.trustwave.com/MFIwUDBOMEwwSjAJBgUrDgMCGgUABBQ1mI4Ww4R5LZiQ295pj4OF%2F44yyAQUyk7dWyc1Kdn27sPlU%2B%2BkwBmWHa8CEQCSuHRPcc7Q4mxyo9jV2SWy
http://img.gomlab.com/css/gomproduct/setup.css?v20180314
http://ana.gomtv.com/cgi-bin/prdpromo.cgi?promo=clipdown&prd=gomplayer&type=view¶m=KOR,2.3.54.5318&uKey=14440
http://img.gomlab.com/img/gomproduct/setup/bg_select.gif
http://go.gomtv.com/rd?link_id=10567
http://find.relatedpop.com/app/appconduct.php?pi=mumchit2&gu=9FE7A4258AAC91E5DFBF4A91D41128BD&ac=1&opg=
http://ana.gomtv.com/cgi-bin/prdpromo.cgi?promo=relatedpop&prd=gomplayer&type=view¶m=KOR,2.3.54.5318&uKey=14440
http://playinfo.gomlab.com/cms/bundle/log.gom?mode=new&type=check&log=avast,KR,KR
http://ocsp.int-x3.letsencrypt.org/MFMwUTBPME0wSzAJBgUrDgMCGgUABBR%2B5mrncpqz%2FPiiIGRsFqEtYHEIXQQUqEpqYwR93brm0Tm3pkVl7%2FOo7KECEgSnpbKtCqR9Oin%2BnzJgtszNYw%3D%3D
http://ana.gomtv.com/cgi-bin/prdpromo.cgi?promo=zum_component&prd=gomplayer&type=view¶m=KOR,2.3.54.5318&uKey=14440
http://img.gomlab.com/img/gomproduct/setup/bg_gomcam.jpg
http://promotion.gomlab.com/ini/gom_promotion.php
http://img.gomlab.com/img/gomproduct/setup/ico_prdset.gif?v=2
http://go.gomtv.com/rd?link_id=10567
http://estat-thirdparty.zum.com/at.gif?data=eyAiZXZlbnQiOiAiQENvbnNlbnQiLCAicHJvcGVydGllcyI6IHsgInNvZnR3YXJlIjogIkdvbVBsYXllciIsICJjaGVja2JveENsaWNrIjogInRydWUiLCAiY2hlY2tTdGVwIjogMSwgInRpbWUiOiAxNTk0MjQyNDgwIH0gfQ==&time=1594242480462
http://app.gomtv.com/GomHelper2/GOMHELPER2SETUP.EXE
http://img.gomlab.com/img/gomproduct/setup/bg_prd_gmixplus.jpg
http://img.gomlab.com/img/gomproduct/setup/btn_voucher.gif
http://adw.gomtv.com/install_banner.html
http://img.gomlab.com/img/gomproduct/setup/gom_header.png
http://ana.gomtv.com/cgi-bin/prdpromo.cgi?promo=coupang_bookmark&prd=gomplayer&type=view¶m=KOR,2.3.54.5318&uKey=14440
http://log.gomlab.com/player/install?build=new_kor&fpb=new_kor&version=2.3.54.5318&bit=32bit&os=windows764bit&lang=kor&guid=06d56fd8382e84f00b1f63cd576961cf
http://img.gomlab.com/img/gomproduct/setup/bg_prd_gaud.jpg?v=1
http://adimg.gomtv.com/images/0000/0004/9522
http://log.gomlab.com/totalpromotion/view?guid=06d56fd8382e84f00b1f63cd576961cf
http://ana.gomtv.com/cgi-bin/prdpromo.cgi?promo=zum_component&prd=gomplayer&type=set¶m=KOR,2.3.54.5318&uKey=14440
http://ana.gomtv.com/cgi-bin/prdpromo.cgi?promo=coupang_bookmark_mo&prd=gomplayer&type=set¶m=KOR,2.3.54.5318&uKey=14440
http://info.mmnneo.com/getGuidStr.info?guid=
http://ana.gomtv.com/cgi-bin/prdpromo.cgi?promo=gomhelper2&prd=gomplayer&type=view¶m=KOR,2.3.54.5318&uKey=14440
http://img.gomlab.com/img/gomproduct/setup/bg_sandoll.jpg
http://playinfo.gomlab.com/cms/bundle/log.gom?mode=new&type=show&log=avast,KR,KR
http://ncube.gomtv.com/gom/Promotion.ini
http://img.gomlab.com/js/web/jquery-1.8.x.js
http://adw.gomtv.com/install_banner.html
http://info2.mmnneo.com/insert_ad_domain_arr.php?from=infommnneo_oldkeyword_insert&guid=%7BED93FE28-4D50-3DBE-8CD9-429C06E10746%7D&insert_date=2020-07-08%2014:48:04&domain_arr=acdn.adnxs.com,adw.gomtv.com,eb2.3lift.com,
http://gomhelper.gomtv.com/gtb_option.asp?OSVersion=6.1%20(Build%207601)%20Service%20Pack%201&IEVersion=11
https://app.gomtv.com/gom/NEW_GOMPLAYERSETUP.EXE
https://app.gomtv.com/gom/GrVersion.ini
https://app.gomtv.com/gom/GrVersion.ini
https://cdn.gomlab.com/gretech/promotion_sw/relatedpopsetup.exe
https://cdn.gomlab.com/gretech/gom_promotion/CheckProduct.html
|
20
estat-thirdparty.zum.com(112.175.191.56)
app.gomtv.com(58.228.255.24)
info.mmnneo.com(183.110.214.149)
ncube.gomtv.com(183.110.10.192)
find.relatedpop.com(112.175.114.44)
ana.gomtv.com(183.110.10.189)
ocsp.digicert.com(117.18
112.175.114.44
112.175.191.56
117.18.237.29
119.207.65.27
121.156.55.238
13.227.21.107
14.0.114.117
183.110.10.188
183.110.10.189
183.110.10.192
183.110.10.197
183.110.10.29
183.110.214.149
|
|
|
17.2 |
M |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 49105 |
2020-07-08 14:43
|
https://app.gomtv.com/gom/NEW_... cdf0ee07031e51f2fb8648e1abe9f1f4
VirusTotal Malware Code Injection Check memory Creates executable files unpack itself Windows utilities Check virtual network interfaces AppData folder malicious URLs Interception Windows Browser crashed |
13
http://ana.gomtv.com/cgi-bin/prdpromo.cgi?promo=relatedpop&prd=gomplayer&type=view¶m=KOR,2.3.54.5318&uKey=14440
http://playinfo.gomlab.com/cms/bundle/log.gom?mode=new&type=check&log=avast,KR,KR
http://ana.gomtv.com/cgi-bin/prdpromo.cgi?promo=coupang_bookmark_mo&prd=gomplayer&type=view¶m=KOR,2.3.54.5318&uKey=14440
http://ana.gomtv.com/cgi-bin/prdpromo.cgi?promo=zum_component&prd=gomplayer&type=view¶m=KOR,2.3.54.5318&uKey=14440
http://ocsp.int-x3.letsencrypt.org/MFMwUTBPME0wSzAJBgUrDgMCGgUABBR%2B5mrncpqz%2FPiiIGRsFqEtYHEIXQQUqEpqYwR93brm0Tm3pkVl7%2FOo7KECEgSnpbKtCqR9Oin%2BnzJgtszNYw%3D%3D
http://ncube.gomtv.com/gom/Promotion.ini
http://ana.gomtv.com/cgi-bin/prdpromo.cgi?promo=gomhelper2&prd=gomplayer&type=view¶m=KOR,2.3.54.5318&uKey=14440
http://playinfo.gomlab.com/cms/bundle/log.gom?mode=new&type=show&log=avast,KR,KR
http://ana.gomtv.com/cgi-bin/prdpromo.cgi?promo=coupang_bookmark&prd=gomplayer&type=view¶m=KOR,2.3.54.5318&uKey=14440
http://log.gomlab.com/player/cancel?build=new_kor&fpb=&version=2.3.54.5318&bit=32bit&os=windows764bit&lang=kor&step=Avast&guid=d9a11d4dcb308512891fe9ec254ed0f0
http://ocsp.trustwave.com/MFIwUDBOMEwwSjAJBgUrDgMCGgUABBQ1mI4Ww4R5LZiQ295pj4OF%2F44yyAQUyk7dWyc1Kdn27sPlU%2B%2BkwBmWHa8CEQCSuHRPcc7Q4mxyo9jV2SWy
http://ana.gomtv.com/cgi-bin/prdpromo.cgi?promo=clipdown&prd=gomplayer&type=view¶m=KOR,2.3.54.5318&uKey=14440
https://app.gomtv.com/gom/NEW_GOMPLAYERSETUP.EXE
|
14
ncube.gomtv.com(183.110.10.192)
ana.gomtv.com(183.110.10.189)
ocsp.trustwave.com(23.67.53.106)
app.gomtv.com(183.111.235.201)
log.gomlab.com(52.20.25.14)
ocsp.int-x3.letsencrypt.org(119.207.65.27)
playinfo.gomlab.com(13.227.2
119.207.65.56
13.227.21.74
183.110.10.189
183.110.10.192
183.111.235.201
23.67.53.115
52.20.25.14
|
|
|
8.4 |
M |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 49106 |
2020-07-08 14:40
|
https://app.gomtv.com/gom/NEW_... cdf0ee07031e51f2fb8648e1abe9f1f4
VirusTotal Malware Code Injection Check memory Creates executable files unpack itself Windows utilities Check virtual network interfaces AppData folder malicious URLs Interception Windows Browser |
11
http://ana.gomtv.com/cgi-bin/prdpromo.cgi?promo=relatedpop&prd=gomplayer&type=view¶m=KOR,2.3.54.5318&uKey=14440
http://playinfo.gomlab.com/cms/bundle/log.gom?mode=new&type=check&log=avast,KR,KR
http://ana.gomtv.com/cgi-bin/prdpromo.cgi?promo=coupang_bookmark_mo&prd=gomplayer&type=view¶m=KOR,2.3.54.5318&uKey=14440
http://ana.gomtv.com/cgi-bin/prdpromo.cgi?promo=zum_component&prd=gomplayer&type=view¶m=KOR,2.3.54.5318&uKey=14440
http://ncube.gomtv.com/gom/Promotion.ini
http://ana.gomtv.com/cgi-bin/prdpromo.cgi?promo=gomhelper2&prd=gomplayer&type=view¶m=KOR,2.3.54.5318&uKey=14440
http://playinfo.gomlab.com/cms/bundle/log.gom?mode=new&type=show&log=avast,KR,KR
http://ana.gomtv.com/cgi-bin/prdpromo.cgi?promo=coupang_bookmark&prd=gomplayer&type=view¶m=KOR,2.3.54.5318&uKey=14440
http://log.gomlab.com/player/cancel?build=new_kor&fpb=&version=2.3.54.5318&bit=32bit&os=windows764bit&lang=kor&step=Avast&guid=d9a11d4dcb308512891fe9ec254ed0f0
http://ana.gomtv.com/cgi-bin/prdpromo.cgi?promo=clipdown&prd=gomplayer&type=view¶m=KOR,2.3.54.5318&uKey=14440
https://app.gomtv.com/gom/NEW_GOMPLAYERSETUP.EXE
|
11
ncube.gomtv.com(183.110.10.192)
ana.gomtv.com(183.110.10.189)
app.gomtv.com(183.111.235.201)
log.gomlab.com(52.20.25.14)
playinfo.gomlab.com(13.227.21.107)
kr.msn.com(13.75.94.74)
13.227.21.74
183.110.10.189
183.110.10.192
183.111.235.201
35.169.10.202
|
|
|
8.2 |
M |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 49107 |
2020-07-08 14:39
|
https://app.gomtv.com/gom/NEW_... cdf0ee07031e51f2fb8648e1abe9f1f4
VirusTotal Malware Code Injection Check memory Creates executable files unpack itself Windows utilities Check virtual network interfaces AppData folder malicious URLs Interception Windows Browser |
11
http://ana.gomtv.com/cgi-bin/prdpromo.cgi?promo=relatedpop&prd=gomplayer&type=view¶m=KOR,2.3.54.5318&uKey=14440
http://playinfo.gomlab.com/cms/bundle/log.gom?mode=new&type=check&log=avast,KR,KR
http://ana.gomtv.com/cgi-bin/prdpromo.cgi?promo=coupang_bookmark_mo&prd=gomplayer&type=view¶m=KOR,2.3.54.5318&uKey=14440
http://ana.gomtv.com/cgi-bin/prdpromo.cgi?promo=zum_component&prd=gomplayer&type=view¶m=KOR,2.3.54.5318&uKey=14440
http://ncube.gomtv.com/gom/Promotion.ini
http://ana.gomtv.com/cgi-bin/prdpromo.cgi?promo=gomhelper2&prd=gomplayer&type=view¶m=KOR,2.3.54.5318&uKey=14440
http://playinfo.gomlab.com/cms/bundle/log.gom?mode=new&type=show&log=avast,KR,KR
http://ana.gomtv.com/cgi-bin/prdpromo.cgi?promo=coupang_bookmark&prd=gomplayer&type=view¶m=KOR,2.3.54.5318&uKey=14440
http://log.gomlab.com/player/cancel?build=new_kor&fpb=&version=2.3.54.5318&bit=32bit&os=windows764bit&lang=kor&step=Avast&guid=d9a11d4dcb308512891fe9ec254ed0f0
http://ana.gomtv.com/cgi-bin/prdpromo.cgi?promo=clipdown&prd=gomplayer&type=view¶m=KOR,2.3.54.5318&uKey=14440
https://app.gomtv.com/gom/NEW_GOMPLAYERSETUP.EXE
|
11
ncube.gomtv.com(183.110.10.192)
ana.gomtv.com(183.110.10.189)
app.gomtv.com(183.111.235.201)
log.gomlab.com(35.169.10.202)
playinfo.gomlab.com(13.227.21.107)
kr.msn.com(13.75.94.74)
13.227.21.70
183.110.10.189
183.110.10.192
35.169.10.202
58.228.255.24
|
|
|
8.2 |
M |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 49108 |
2020-07-08 14:36
|
https://app.gomtv.com/gom/NEW_... cdf0ee07031e51f2fb8648e1abe9f1f4
VirusTotal Malware Code Injection unpack itself Windows utilities Windows |
|
2
app.gomtv.com(58.228.255.24)
58.228.255.24
|
|
|
2.2 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 49109 |
2020-07-08 14:30
|
https://app.gomtv.com/gom/NEW_... cdf0ee07031e51f2fb8648e1abe9f1f4
VirusTotal Malware Code Injection Check memory Creates executable files unpack itself Windows utilities Check virtual network interfaces AppData folder malicious URLs Interception Windows Browser |
10
http://ana.gomtv.com/cgi-bin/prdpromo.cgi?promo=relatedpop&prd=gomplayer&type=view¶m=KOR,2.3.54.5318&uKey=14440
http://playinfo.gomlab.com/cms/bundle/log.gom?mode=new&type=check&log=avast,KR,KR
http://ana.gomtv.com/cgi-bin/prdpromo.cgi?promo=coupang_bookmark_mo&prd=gomplayer&type=view¶m=KOR,2.3.54.5318&uKey=14440
http://ana.gomtv.com/cgi-bin/prdpromo.cgi?promo=zum_component&prd=gomplayer&type=view¶m=KOR,2.3.54.5318&uKey=14440
http://ncube.gomtv.com/gom/Promotion.ini
http://ana.gomtv.com/cgi-bin/prdpromo.cgi?promo=gomhelper2&prd=gomplayer&type=view¶m=KOR,2.3.54.5318&uKey=14440
http://playinfo.gomlab.com/cms/bundle/log.gom?mode=new&type=show&log=avast,KR,KR
http://ana.gomtv.com/cgi-bin/prdpromo.cgi?promo=coupang_bookmark&prd=gomplayer&type=view¶m=KOR,2.3.54.5318&uKey=14440
http://ana.gomtv.com/cgi-bin/prdpromo.cgi?promo=clipdown&prd=gomplayer&type=view¶m=KOR,2.3.54.5318&uKey=14440
https://app.gomtv.com/gom/NEW_GOMPLAYERSETUP.EXE
|
9
ncube.gomtv.com(183.110.10.192)
ana.gomtv.com(183.110.10.189)
app.gomtv.com(183.111.235.201)
playinfo.gomlab.com(13.227.21.74)
kr.msn.com(13.75.94.74)
13.227.21.107
183.110.10.189
183.110.10.192
183.111.235.201
|
|
|
8.2 |
M |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 49110 |
2020-07-08 14:18
|
QUOTATION_49027352-pdf.exe 2714c2eac0417bec3b7186c77a5ad059
VirusTotal Malware |
|
|
|
|
1.4 |
|
15 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|