| 49111 |
2020-07-08 14:15
|
QUOTATION_49027352-pdf.exe 2714c2eac0417bec3b7186c77a5ad059 |
|
|
|
|
0.8 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 49112 |
2020-07-08 14:10
|
https://app.gomtv.com/gom/NEW_... cdf0ee07031e51f2fb8648e1abe9f1f4
VirusTotal Malware Code Injection unpack itself Windows utilities Windows |
|
2
app.gomtv.com(183.111.235.201)
183.111.235.201
|
|
|
2.2 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 49113 |
2020-07-08 13:55
|
https://app.gomtv.com/gom/NEW_... cdf0ee07031e51f2fb8648e1abe9f1f4
VirusTotal Malware Code Injection Check memory Creates executable files RWX flags setting unpack itself Windows utilities Check virtual network interfaces AppData folder malicious URLs Interception Windows Browser |
10
http://ana.gomtv.com/cgi-bin/prdpromo.cgi?promo=relatedpop&prd=gomplayer&type=view¶m=KOR,2.3.54.5318&uKey=14440
http://playinfo.gomlab.com/cms/bundle/log.gom?mode=new&type=check&log=avast,KR,KR
http://ana.gomtv.com/cgi-bin/prdpromo.cgi?promo=coupang_bookmark_mo&prd=gomplayer&type=view¶m=KOR,2.3.54.5318&uKey=14440
http://ana.gomtv.com/cgi-bin/prdpromo.cgi?promo=zum_component&prd=gomplayer&type=view¶m=KOR,2.3.54.5318&uKey=14440
http://ncube.gomtv.com/gom/Promotion.ini
http://ana.gomtv.com/cgi-bin/prdpromo.cgi?promo=gomhelper2&prd=gomplayer&type=view¶m=KOR,2.3.54.5318&uKey=14440
http://playinfo.gomlab.com/cms/bundle/log.gom?mode=new&type=show&log=avast,KR,KR
http://ana.gomtv.com/cgi-bin/prdpromo.cgi?promo=coupang_bookmark&prd=gomplayer&type=view¶m=KOR,2.3.54.5318&uKey=14440
http://ana.gomtv.com/cgi-bin/prdpromo.cgi?promo=clipdown&prd=gomplayer&type=view¶m=KOR,2.3.54.5318&uKey=14440
https://app.gomtv.com/gom/NEW_GOMPLAYERSETUP.EXE
|
9
ncube.gomtv.com(183.110.10.192)
ana.gomtv.com(183.110.10.189)
app.gomtv.com(58.228.255.24)
playinfo.gomlab.com(13.227.21.107)
kr.msn.com(13.75.94.74)
13.227.21.74
183.110.10.189
183.110.10.192
58.228.255.24
|
|
|
8.6 |
M |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 49114 |
2020-07-08 13:52
|
https://app.gomtv.com/gom/NEW_... cdf0ee07031e51f2fb8648e1abe9f1f4
VirusTotal Malware Code Injection Check memory Creates executable files unpack itself Windows utilities Check virtual network interfaces AppData folder malicious URLs Interception Windows Browser |
11
http://ana.gomtv.com/cgi-bin/prdpromo.cgi?promo=relatedpop&prd=gomplayer&type=view¶m=KOR,2.3.54.5318&uKey=14440
http://playinfo.gomlab.com/cms/bundle/log.gom?mode=new&type=check&log=avast,KR,KR
http://ana.gomtv.com/cgi-bin/prdpromo.cgi?promo=coupang_bookmark_mo&prd=gomplayer&type=view¶m=KOR,2.3.54.5318&uKey=14440
http://ana.gomtv.com/cgi-bin/prdpromo.cgi?promo=zum_component&prd=gomplayer&type=view¶m=KOR,2.3.54.5318&uKey=14440
http://ncube.gomtv.com/gom/Promotion.ini
http://ana.gomtv.com/cgi-bin/prdpromo.cgi?promo=gomhelper2&prd=gomplayer&type=view¶m=KOR,2.3.54.5318&uKey=14440
http://playinfo.gomlab.com/cms/bundle/log.gom?mode=new&type=show&log=avast,KR,KR
http://ana.gomtv.com/cgi-bin/prdpromo.cgi?promo=coupang_bookmark&prd=gomplayer&type=view¶m=KOR,2.3.54.5318&uKey=14440
http://log.gomlab.com/player/cancel?build=new_kor&fpb=&version=2.3.54.5318&bit=32bit&os=windows764bit&lang=kor&step=Avast&guid=2635a0bfef4ba9e359c0d6d0b03821c5
http://ana.gomtv.com/cgi-bin/prdpromo.cgi?promo=clipdown&prd=gomplayer&type=view¶m=KOR,2.3.54.5318&uKey=14440
https://app.gomtv.com/gom/NEW_GOMPLAYERSETUP.EXE
|
11
ncube.gomtv.com(183.110.10.192)
ana.gomtv.com(183.110.10.189)
app.gomtv.com(183.111.235.201)
log.gomlab.com(35.169.10.202)
playinfo.gomlab.com(13.227.21.74)
kr.msn.com(13.75.94.74)
13.227.21.74
183.110.10.189
183.110.10.192
183.111.235.201
52.20.25.14
|
|
|
8.2 |
M |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 49115 |
2020-07-08 13:49
|
https://app.gomtv.com/gom/NEW_... cdf0ee07031e51f2fb8648e1abe9f1f4
VirusTotal Malware Code Injection Creates executable files unpack itself Windows utilities Windows DNS |
1
https://app.gomtv.com/gom/NEW_GOMPLAYERSETUP.EXE
|
4
app.gomtv.com(58.228.255.24)
kr.msn.com(13.75.94.74)
183.111.235.201
23.67.53.115
|
|
|
4.0 |
M |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 49116 |
2020-07-08 13:48
|
https://app.gomtv.com/gom/NEW_... cdf0ee07031e51f2fb8648e1abe9f1f4
VirusTotal Malware Code Injection Creates executable files unpack itself Windows utilities Windows DNS |
1
https://app.gomtv.com/gom/NEW_GOMPLAYERSETUP.EXE
|
4
app.gomtv.com(58.228.255.24)
kr.msn.com(13.75.94.74)
183.111.235.201
23.67.53.115
|
|
|
4.0 |
M |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 49117 |
2020-07-08 13:46
|
https://app.gomtv.com/gom/NEW_... cdf0ee07031e51f2fb8648e1abe9f1f4
VirusTotal Malware Code Injection Check memory Creates executable files unpack itself Windows utilities Check virtual network interfaces AppData folder malicious URLs Interception Windows Browser DNS |
11
http://ana.gomtv.com/cgi-bin/prdpromo.cgi?promo=relatedpop&prd=gomplayer&type=view¶m=KOR,2.3.54.5318&uKey=14440
http://playinfo.gomlab.com/cms/bundle/log.gom?mode=new&type=check&log=avast,KR,KR
http://ana.gomtv.com/cgi-bin/prdpromo.cgi?promo=coupang_bookmark_mo&prd=gomplayer&type=view¶m=KOR,2.3.54.5318&uKey=14440
http://ana.gomtv.com/cgi-bin/prdpromo.cgi?promo=zum_component&prd=gomplayer&type=view¶m=KOR,2.3.54.5318&uKey=14440
http://log.gomlab.com/player/cancel?build=new_kor&fpb=&version=2.3.54.5318&bit=32bit&os=windows764bit&lang=kor&step=eula&guid=67c11547fa6c22ba01a5aa3352555acc
http://ncube.gomtv.com/gom/Promotion.ini
http://ana.gomtv.com/cgi-bin/prdpromo.cgi?promo=gomhelper2&prd=gomplayer&type=view¶m=KOR,2.3.54.5318&uKey=14440
http://ana.gomtv.com/cgi-bin/prdpromo.cgi?promo=coupang_bookmark&prd=gomplayer&type=view¶m=KOR,2.3.54.5318&uKey=14440
http://ana.gomtv.com/cgi-bin/prdpromo.cgi?promo=clipdown&prd=gomplayer&type=view¶m=KOR,2.3.54.5318&uKey=14440
https://app.gomtv.com/gom/NEW_GOMPLAYERSETUP.EXE
https://spynet2.microsoft.com/AntiMalwareServices/2/SpynetReportSrvc.asmx
|
15
sqm.telemetry.microsoft.com(65.55.252.93)
playinfo.gomlab.com(13.227.76.16)
ncube.gomtv.com(183.110.10.192)
app.gomtv.com(58.228.255.24)
log.gomlab.com(52.20.25.14)
spynet2.microsoft.com(65.52.172.55)
ana.gomtv.com(183.110.10
13.227.76.44
183.110.10.189
183.110.10.192
23.67.53.115
52.163.83.146
52.20.25.14
58.228.255.24
65.55.252.93
|
|
|
9.8 |
M |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 49118 |
2020-07-08 13:37
|
https://app.gomtv.com/gom/NEW_... cdf0ee07031e51f2fb8648e1abe9f1f4
VirusTotal Malware Code Injection Check memory Creates executable files unpack itself Windows utilities Check virtual network interfaces AppData folder malicious URLs Interception Windows Browser |
11
http://log.gomlab.com/player/cancel?build=new_kor&fpb=&version=2.3.54.5318&bit=32bit&os=windows764bit&lang=kor&step=Avast&guid=a3743a0228d50a749c7ea3c81648316e
http://ana.gomtv.com/cgi-bin/prdpromo.cgi?promo=relatedpop&prd=gomplayer&type=view¶m=KOR,2.3.54.5318&uKey=14440
http://playinfo.gomlab.com/cms/bundle/log.gom?mode=new&type=check&log=avast,KR,KR
http://ana.gomtv.com/cgi-bin/prdpromo.cgi?promo=coupang_bookmark_mo&prd=gomplayer&type=view¶m=KOR,2.3.54.5318&uKey=14440
http://ana.gomtv.com/cgi-bin/prdpromo.cgi?promo=zum_component&prd=gomplayer&type=view¶m=KOR,2.3.54.5318&uKey=14440
http://ncube.gomtv.com/gom/Promotion.ini
http://ana.gomtv.com/cgi-bin/prdpromo.cgi?promo=gomhelper2&prd=gomplayer&type=view¶m=KOR,2.3.54.5318&uKey=14440
http://playinfo.gomlab.com/cms/bundle/log.gom?mode=new&type=show&log=avast,KR,KR
http://ana.gomtv.com/cgi-bin/prdpromo.cgi?promo=coupang_bookmark&prd=gomplayer&type=view¶m=KOR,2.3.54.5318&uKey=14440
http://ana.gomtv.com/cgi-bin/prdpromo.cgi?promo=clipdown&prd=gomplayer&type=view¶m=KOR,2.3.54.5318&uKey=14440
https://app.gomtv.com/gom/NEW_GOMPLAYERSETUP.EXE
|
13
log.gomlab.com(52.20.25.14)
sqm.telemetry.microsoft.com(65.55.252.93)
ncube.gomtv.com(183.110.10.192)
app.gomtv.com(183.111.235.201)
playinfo.gomlab.com(13.227.76.12)
kr.msn.com(13.75.94.74)
ana.gomtv.com(183.110.10.189)
13.227.76.12
183.110.10.189
183.110.10.192
183.111.235.201
52.20.25.14
65.55.252.93
|
|
|
9.2 |
M |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 49119 |
2020-07-08 13:33
|
https://app.gomtv.com/gom/NEW_... cdf0ee07031e51f2fb8648e1abe9f1f4
VirusTotal Malware Code Injection Check memory Creates executable files unpack itself Windows utilities Check virtual network interfaces AppData folder malicious URLs Interception Windows Browser |
11
http://log.gomlab.com/player/cancel?build=new_kor&fpb=&version=2.3.54.5318&bit=32bit&os=windows764bit&lang=kor&step=Avast&guid=a98003ef7ad2f6c39687be32fe0ade6b
http://ana.gomtv.com/cgi-bin/prdpromo.cgi?promo=relatedpop&prd=gomplayer&type=view¶m=KOR,2.3.54.5318&uKey=14440
http://playinfo.gomlab.com/cms/bundle/log.gom?mode=new&type=check&log=avast,KR,KR
http://ana.gomtv.com/cgi-bin/prdpromo.cgi?promo=coupang_bookmark_mo&prd=gomplayer&type=view¶m=KOR,2.3.54.5318&uKey=14440
http://ana.gomtv.com/cgi-bin/prdpromo.cgi?promo=zum_component&prd=gomplayer&type=view¶m=KOR,2.3.54.5318&uKey=14440
http://ncube.gomtv.com/gom/Promotion.ini
http://ana.gomtv.com/cgi-bin/prdpromo.cgi?promo=gomhelper2&prd=gomplayer&type=view¶m=KOR,2.3.54.5318&uKey=14440
http://playinfo.gomlab.com/cms/bundle/log.gom?mode=new&type=show&log=avast,KR,KR
http://ana.gomtv.com/cgi-bin/prdpromo.cgi?promo=coupang_bookmark&prd=gomplayer&type=view¶m=KOR,2.3.54.5318&uKey=14440
http://ana.gomtv.com/cgi-bin/prdpromo.cgi?promo=clipdown&prd=gomplayer&type=view¶m=KOR,2.3.54.5318&uKey=14440
https://app.gomtv.com/gom/NEW_GOMPLAYERSETUP.EXE
|
13
ncube.gomtv.com(183.110.10.192)
playinfo.gomlab.com(13.227.76.44)
kr.msn.com(13.75.94.74)
log.gomlab.com(35.169.10.202)
sqm.telemetry.microsoft.com(65.55.252.93)
ana.gomtv.com(183.110.10.189)
app.gomtv.com(183.111.235.201)13.227.76.44
183.110.10.189
183.110.10.192
183.111.235.201
35.169.10.202
65.55.252.93
|
|
|
9.2 |
M |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 49120 |
2020-07-08 13:27
|
https://app.gomtv.com/gom/NEW_... cdf0ee07031e51f2fb8648e1abe9f1f4
VirusTotal Malware Code Injection Check memory Creates executable files unpack itself Windows utilities Check virtual network interfaces AppData folder malicious URLs Interception Windows Browser |
11
http://ana.gomtv.com/cgi-bin/prdpromo.cgi?promo=relatedpop&prd=gomplayer&type=view¶m=KOR,2.3.54.5318&uKey=14440
http://playinfo.gomlab.com/cms/bundle/log.gom?mode=new&type=check&log=avast,KR,KR
http://ana.gomtv.com/cgi-bin/prdpromo.cgi?promo=coupang_bookmark_mo&prd=gomplayer&type=view¶m=KOR,2.3.54.5318&uKey=14440
http://ana.gomtv.com/cgi-bin/prdpromo.cgi?promo=zum_component&prd=gomplayer&type=view¶m=KOR,2.3.54.5318&uKey=14440
http://ncube.gomtv.com/gom/Promotion.ini
http://ana.gomtv.com/cgi-bin/prdpromo.cgi?promo=gomhelper2&prd=gomplayer&type=view¶m=KOR,2.3.54.5318&uKey=14440
http://playinfo.gomlab.com/cms/bundle/log.gom?mode=new&type=show&log=avast,KR,KR
http://ana.gomtv.com/cgi-bin/prdpromo.cgi?promo=coupang_bookmark&prd=gomplayer&type=view¶m=KOR,2.3.54.5318&uKey=14440
http://ana.gomtv.com/cgi-bin/prdpromo.cgi?promo=clipdown&prd=gomplayer&type=view¶m=KOR,2.3.54.5318&uKey=14440
http://log.gomlab.com/player/cancel?build=new_kor&fpb=&version=2.3.54.5318&bit=32bit&os=windows764bit&lang=kor&step=Avast&guid=5f2e2cb5e7267d2fa2e9a5fcaf0564f7
https://app.gomtv.com/gom/NEW_GOMPLAYERSETUP.EXE
|
11
ncube.gomtv.com(183.110.10.192)
ana.gomtv.com(183.110.10.189)
log.gomlab.com(35.169.10.202)
playinfo.gomlab.com(13.227.76.7)
app.gomtv.com(58.228.255.24)
kr.msn.com(13.75.94.74)
13.227.76.44
183.110.10.189
183.110.10.192
183.111.235.201
35.169.10.202
|
|
|
8.2 |
M |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 49121 |
2020-07-08 13:19
|
https://app.gomtv.com/gom/NEW_... cdf0ee07031e51f2fb8648e1abe9f1f4
VirusTotal Malware Code Injection Check memory Creates executable files unpack itself Windows utilities Check virtual network interfaces AppData folder malicious URLs Interception Windows Browser DNS crashed |
11
http://ana.gomtv.com/cgi-bin/prdpromo.cgi?promo=relatedpop&prd=gomplayer&type=view¶m=KOR,2.3.54.5318&uKey=14440
http://playinfo.gomlab.com/cms/bundle/log.gom?mode=new&type=check&log=avast,KR,KR
http://ana.gomtv.com/cgi-bin/prdpromo.cgi?promo=coupang_bookmark_mo&prd=gomplayer&type=view¶m=KOR,2.3.54.5318&uKey=14440
http://ana.gomtv.com/cgi-bin/prdpromo.cgi?promo=zum_component&prd=gomplayer&type=view¶m=KOR,2.3.54.5318&uKey=14440
http://ncube.gomtv.com/gom/Promotion.ini
http://ana.gomtv.com/cgi-bin/prdpromo.cgi?promo=gomhelper2&prd=gomplayer&type=view¶m=KOR,2.3.54.5318&uKey=14440
http://playinfo.gomlab.com/cms/bundle/log.gom?mode=new&type=show&log=avast,KR,KR
http://ana.gomtv.com/cgi-bin/prdpromo.cgi?promo=coupang_bookmark&prd=gomplayer&type=view¶m=KOR,2.3.54.5318&uKey=14440
http://log.gomlab.com/player/cancel?build=new_kor&fpb=&version=2.3.54.5318&bit=32bit&os=windows764bit&lang=kor&step=Avast&guid=d41cc0ac477d113cdbd680f90aff6c3f
http://ana.gomtv.com/cgi-bin/prdpromo.cgi?promo=clipdown&prd=gomplayer&type=view¶m=KOR,2.3.54.5318&uKey=14440
https://app.gomtv.com/gom/NEW_GOMPLAYERSETUP.EXE
|
12
app.gomtv.com(58.228.255.24)
playinfo.gomlab.com(13.227.76.7)
ana.gomtv.com(183.110.10.189)
log.gomlab.com(35.169.10.202)
kr.msn.com(13.75.94.74)
ncube.gomtv.com(183.110.10.192)
119.207.65.56
13.227.76.16
183.110.10.189
183.110.10.192
183.111.235.201
35.169.10.202
|
|
|
9.0 |
M |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 49122 |
2020-07-08 13:12
|
https://app.gomtv.com/gom/NEW_... cdf0ee07031e51f2fb8648e1abe9f1f4
VirusTotal Malware Code Injection Check memory Creates executable files unpack itself Windows utilities Check virtual network interfaces AppData folder malicious URLs Interception Windows Browser |
12
http://log.gomlab.com/player/cancel?build=new_kor&fpb=&version=2.3.54.5318&bit=32bit&os=windows764bit&lang=kor&step=Avast&guid=e2d9ca9928e87c78364cd9d76a2bdf8a
http://ana.gomtv.com/cgi-bin/prdpromo.cgi?promo=relatedpop&prd=gomplayer&type=view¶m=KOR,2.3.54.5318&uKey=14440
http://playinfo.gomlab.com/cms/bundle/log.gom?mode=new&type=check&log=avast,KR,KR
http://ana.gomtv.com/cgi-bin/prdpromo.cgi?promo=coupang_bookmark_mo&prd=gomplayer&type=view¶m=KOR,2.3.54.5318&uKey=14440
http://ana.gomtv.com/cgi-bin/prdpromo.cgi?promo=zum_component&prd=gomplayer&type=view¶m=KOR,2.3.54.5318&uKey=14440
http://ocsp.int-x3.letsencrypt.org/MFMwUTBPME0wSzAJBgUrDgMCGgUABBR%2B5mrncpqz%2FPiiIGRsFqEtYHEIXQQUqEpqYwR93brm0Tm3pkVl7%2FOo7KECEgSnpbKtCqR9Oin%2BnzJgtszNYw%3D%3D
http://ncube.gomtv.com/gom/Promotion.ini
http://ana.gomtv.com/cgi-bin/prdpromo.cgi?promo=gomhelper2&prd=gomplayer&type=view¶m=KOR,2.3.54.5318&uKey=14440
http://playinfo.gomlab.com/cms/bundle/log.gom?mode=new&type=show&log=avast,KR,KR
http://ana.gomtv.com/cgi-bin/prdpromo.cgi?promo=coupang_bookmark&prd=gomplayer&type=view¶m=KOR,2.3.54.5318&uKey=14440
http://ana.gomtv.com/cgi-bin/prdpromo.cgi?promo=clipdown&prd=gomplayer&type=view¶m=KOR,2.3.54.5318&uKey=14440
https://app.gomtv.com/gom/NEW_GOMPLAYERSETUP.EXE
|
14
ocsp.int-x3.letsencrypt.org(119.207.65.56)
kr.msn.com(13.75.94.74)
app.gomtv.com(183.111.235.201)
log.gomlab.com(52.20.25.14)
ncube.gomtv.com(183.110.10.192)
ana.gomtv.com(183.110.10.189)
sqm.telemetry.microsoft.com(65.55.252
119.207.65.56
13.227.76.44
183.110.10.189
183.110.10.192
183.111.235.201
52.20.25.14
65.55.252.93
|
|
|
9.2 |
M |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 49123 |
2020-07-08 13:08
|
https://app.gomtv.com/gom/NEW_... cdf0ee07031e51f2fb8648e1abe9f1f4
VirusTotal Malware Code Injection Check memory Creates executable files unpack itself Windows utilities Check virtual network interfaces AppData folder malicious URLs Interception Windows Browser |
12
http://ana.gomtv.com/cgi-bin/prdpromo.cgi?promo=relatedpop&prd=gomplayer&type=view¶m=KOR,2.3.54.5318&uKey=14440
http://playinfo.gomlab.com/cms/bundle/log.gom?mode=new&type=check&log=avast,KR,KR
http://ana.gomtv.com/cgi-bin/prdpromo.cgi?promo=coupang_bookmark_mo&prd=gomplayer&type=view¶m=KOR,2.3.54.5318&uKey=14440
http://ana.gomtv.com/cgi-bin/prdpromo.cgi?promo=zum_component&prd=gomplayer&type=view¶m=KOR,2.3.54.5318&uKey=14440
http://ocsp.int-x3.letsencrypt.org/MFMwUTBPME0wSzAJBgUrDgMCGgUABBR%2B5mrncpqz%2FPiiIGRsFqEtYHEIXQQUqEpqYwR93brm0Tm3pkVl7%2FOo7KECEgSnpbKtCqR9Oin%2BnzJgtszNYw%3D%3D
http://ncube.gomtv.com/gom/Promotion.ini
http://ana.gomtv.com/cgi-bin/prdpromo.cgi?promo=gomhelper2&prd=gomplayer&type=view¶m=KOR,2.3.54.5318&uKey=14440
http://playinfo.gomlab.com/cms/bundle/log.gom?mode=new&type=show&log=avast,KR,KR
http://ana.gomtv.com/cgi-bin/prdpromo.cgi?promo=coupang_bookmark&prd=gomplayer&type=view¶m=KOR,2.3.54.5318&uKey=14440
http://log.gomlab.com/player/cancel?build=new_kor&fpb=&version=2.3.54.5318&bit=32bit&os=windows764bit&lang=kor&step=Avast&guid=deeb24fef7b1b2ebdd504d97a79b4e30
http://ana.gomtv.com/cgi-bin/prdpromo.cgi?promo=clipdown&prd=gomplayer&type=view¶m=KOR,2.3.54.5318&uKey=14440
https://app.gomtv.com/gom/NEW_GOMPLAYERSETUP.EXE
|
14
sqm.telemetry.microsoft.com(65.55.252.93)
kr.msn.com(13.75.94.74)
log.gomlab.com(35.169.10.202)
playinfo.gomlab.com(13.227.76.12)
ocsp.int-x3.letsencrypt.org(119.207.65.27)
app.gomtv.com(58.228.255.24)
ncube.gomtv.com(183.110
119.207.65.56
13.227.76.7
183.110.10.189
183.110.10.192
183.111.235.201
35.169.10.202
65.55.252.93
|
|
|
9.2 |
M |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 49124 |
2020-07-08 13:05
|
https://app.gomtv.com/gom/NEW_... cdf0ee07031e51f2fb8648e1abe9f1f4
VirusTotal Malware Code Injection Check memory Creates executable files unpack itself Windows utilities Check virtual network interfaces AppData folder malicious URLs Interception Windows Browser |
10
http://ana.gomtv.com/cgi-bin/prdpromo.cgi?promo=relatedpop&prd=gomplayer&type=view¶m=KOR,2.3.54.5318&uKey=14440
http://playinfo.gomlab.com/cms/bundle/log.gom?mode=new&type=check&log=avast,KR,KR
http://ana.gomtv.com/cgi-bin/prdpromo.cgi?promo=coupang_bookmark_mo&prd=gomplayer&type=view¶m=KOR,2.3.54.5318&uKey=14440
http://ana.gomtv.com/cgi-bin/prdpromo.cgi?promo=zum_component&prd=gomplayer&type=view¶m=KOR,2.3.54.5318&uKey=14440
http://ncube.gomtv.com/gom/Promotion.ini
http://ana.gomtv.com/cgi-bin/prdpromo.cgi?promo=gomhelper2&prd=gomplayer&type=view¶m=KOR,2.3.54.5318&uKey=14440
http://ana.gomtv.com/cgi-bin/prdpromo.cgi?promo=coupang_bookmark&prd=gomplayer&type=view¶m=KOR,2.3.54.5318&uKey=14440
http://log.gomlab.com/player/cancel?build=new_kor&fpb=&version=2.3.54.5318&bit=32bit&os=windows764bit&lang=kor&step=eula&guid=df52ca854199d7161c12f107ac854308
http://ana.gomtv.com/cgi-bin/prdpromo.cgi?promo=clipdown&prd=gomplayer&type=view¶m=KOR,2.3.54.5318&uKey=14440
https://app.gomtv.com/gom/NEW_GOMPLAYERSETUP.EXE
|
11
ncube.gomtv.com(183.110.10.192)
playinfo.gomlab.com(13.227.76.12)
kr.msn.com(13.75.94.74)
app.gomtv.com(58.228.255.24)
log.gomlab.com(52.20.25.14)
ana.gomtv.com(183.110.10.189)
13.227.76.7
183.110.10.189
183.110.10.192
183.111.235.201
52.20.25.14
|
|
|
8.2 |
M |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 49125 |
2020-07-08 13:00
|
https://app.gomtv.com/gom/NEW_... cdf0ee07031e51f2fb8648e1abe9f1f4
VirusTotal Malware Code Injection Check memory Creates executable files unpack itself Windows utilities Check virtual network interfaces AppData folder malicious URLs Interception Windows Browser |
11
http://ana.gomtv.com/cgi-bin/prdpromo.cgi?promo=relatedpop&prd=gomplayer&type=view¶m=KOR,2.3.54.5318&uKey=14440
http://playinfo.gomlab.com/cms/bundle/log.gom?mode=new&type=check&log=avast,KR,KR
http://ana.gomtv.com/cgi-bin/prdpromo.cgi?promo=coupang_bookmark_mo&prd=gomplayer&type=view¶m=KOR,2.3.54.5318&uKey=14440
http://ana.gomtv.com/cgi-bin/prdpromo.cgi?promo=zum_component&prd=gomplayer&type=view¶m=KOR,2.3.54.5318&uKey=14440
http://log.gomlab.com/player/cancel?build=new_kor&fpb=&version=2.3.54.5318&bit=32bit&os=windows764bit&lang=kor&step=Avast&guid=e4aff5d415925ea72637126b4a98429e
http://ncube.gomtv.com/gom/Promotion.ini
http://ana.gomtv.com/cgi-bin/prdpromo.cgi?promo=gomhelper2&prd=gomplayer&type=view¶m=KOR,2.3.54.5318&uKey=14440
http://playinfo.gomlab.com/cms/bundle/log.gom?mode=new&type=show&log=avast,KR,KR
http://ana.gomtv.com/cgi-bin/prdpromo.cgi?promo=coupang_bookmark&prd=gomplayer&type=view¶m=KOR,2.3.54.5318&uKey=14440
http://ana.gomtv.com/cgi-bin/prdpromo.cgi?promo=clipdown&prd=gomplayer&type=view¶m=KOR,2.3.54.5318&uKey=14440
https://app.gomtv.com/gom/NEW_GOMPLAYERSETUP.EXE
|
13
ana.gomtv.com(183.110.10.189)
ncube.gomtv.com(183.110.10.192)
sqm.telemetry.microsoft.com(65.55.252.93)
app.gomtv.com(58.228.255.24)
playinfo.gomlab.com(13.227.76.44)
kr.msn.com(13.75.94.74)
log.gomlab.com(35.169.10.202)
13.227.76.44
183.110.10.189
183.110.10.192
52.20.25.14
58.228.255.24
65.55.252.93
|
|
|
8.2 |
M |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|