Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Rule	Score	Zero	VT	Player
12676	2023-06-01 09:41	dhssdf.exe 7788af5a8c3b75f2ed179ec0a4baa162 Raccoon Stealer Generic Malware UPX PE File PE32 VirusTotal Malware Remote Code Execution					1.8	M	49	ZeroCERT

12677	2023-06-01 09:33	doc_E795_May_31.js 2ca4534d37c1835049049fb15804ff50 VirusTotal Malware crashed					0.6		6	ZeroCERT

12678	2023-06-01 09:28	doc_E795_May_31.js 2ca4534d37c1835049049fb15804ff50 VirusTotal Malware unpack itself crashed					1.0		6	ZeroCERT

12679	2023-06-01 09:22	doc_E795_May_31.js 2ca4534d37c1835049049fb15804ff50 VirusTotal Malware crashed					0.6		6	ZeroCERT

12680	2023-06-01 09:04	doc_E793_May_31.js 789ecd6a7badb208e507b0f5ab9a2ecc unpack itself crashed					0.6			ZeroCERT

12681	2023-06-01 09:04	doc_E783_May_31.js ccb2066654f34eab673eade5480ae4e1 crashed					0.2			ZeroCERT

12682	2023-06-01 09:04	doc_E795_May_31.js 2ca4534d37c1835049049fb15804ff50 VirusTotal Malware crashed					0.6		6	ZeroCERT

12683	2023-06-01 07:41	hkcmd.exe e0a9b1817281c6393781144157ea9708 Loki_b Loki_m Socket DNS PWS[m] AntiDebug AntiVM .NET EXE PE File PE32 Browser Info Stealer LokiBot Malware download FTP Client Info Stealer Email Client Info Stealer Malware c&c suspicious privilege MachineGuid Code Injection Malicious Traffic Check memory Checks debugger buffers extracted unpack itself suspicious process malicious URLs AntiVM_Disk VM Disk Size Check installed browsers check Windows Browser Email ComputerName DNS Cryptographic key Software	1 Keyword trend analysis	1	7 Info ET MALWARE LokiBot User-Agent (Charon/Inferno) ET MALWARE LokiBot Checkin ET MALWARE LokiBot Request for C2 Commands Detected M1 ET MALWARE LokiBot Application/Credential Data Exfiltration Detected M1 ET MALWARE LokiBot Request for C2 Commands Detected M2 ET MALWARE LokiBot Application/Credential Data Exfiltration Detected M2 ET MALWARE LokiBot Fake 404 Response		13.4			ZeroCERT

12684	2023-06-01 07:40	smss.exe 77e3572af01c7a784cb49abc63dc3949 RAT PE64 PE File PDB Check memory Checks debugger unpack itself Windows Cryptographic key crashed					1.4			ZeroCERT

12685	2023-05-31 23:35	LB937WHXR.pdf a4537dfd7b0f26361cb2d5750685c606 PDF								guest

12686	2023-05-31 22:44	141.exe 6bb40ed95f770955ea7cf27e4785612e Cutwail Gene Malware download Cobalt Strike Cobalt VirusTotal Malware c&c Buffer PE MachineGuid Code Injection Malicious Traffic Check memory buffers extracted ICMP traffic unpack itself Check virtual network interfaces suspicious process suspicious TLD sandbox evasion Tofsee Windows Backdoor ComputerName Remote Code Execution DNS Cryptographic key	258 Keyword trend analysis Info http://www.xaicom.es/ - rule_id: 24556 http://atbauk.org/ - rule_id: 24914 http://pccj.net/ - rule_id: 24646 http://lyto.net/ - rule_id: 24647 http://www.pohlfood.com/ - rule_id: 26027 http://www.pb-games.com/ - rule_id: 26029 http://vdoherty.com/ - rule_id: 24650 http://cutchie.com/ - rule_id: 24693 http://www.sclover3.com/ - rule_id: 24652 http://scintel.com/ http://yhsll.com/ - rule_id: 24939 http://www.yocinc.org/ - rule_id: 23202 http://hamaker.net/ - rule_id: 24695 http://skypearl.com/ http://www.stnic.co.uk/ - rule_id: 26026 http://www.fnsds.org/ - rule_id: 24655 http://epc.com.au/ - rule_id: 24656 http://www.ka-mo-me.com/ - rule_id: 26050 http://msl-lock.com/ - rule_id: 24957 http://www.snugpak.com/ - rule_id: 23198 http://bible.org/ - rule_id: 24918 http://www.valdal.com/ - rule_id: 23188 http://gbmfg.com/ http://ramkome.com/ - rule_id: 24657 http://rkengg.com/ - rule_id: 24658 http://plaske.ua/ http://www.baijaku.com/ - rule_id: 23181 http://jsaps.com/ - rule_id: 24660 http://doggybag.org/ - rule_id: 24920 http://mcseurope.nl/ - rule_id: 24661 http://clinicasanluis.com.co/ - rule_id: 24662 http://www.myropcb.com/ - rule_id: 24663 http://amerifor.com/ - rule_id: 24755 http://www.depalo.com/ - rule_id: 23191 http://www.fink.com/ - rule_id: 26028 http://www.quadlock.com/ - rule_id: 23184 http://kumaden.com/ - rule_id: 24739 http://adeesa.net/ - rule_id: 24667 http://www.hummer.hu/ - rule_id: 23200 http://www.findbc.com/ - rule_id: 24562 http://hubbikes.com/ - rule_id: 24669 http://deckoviny.cz/ - rule_id: 24670 http://uhsa.edu.ag/ - rule_id: 24671 http://www.aevga.com/ - rule_id: 26030 http://www.tc17.com/ - rule_id: 24745 http://www.holleman.us/ - rule_id: 23213 http://burstner.ru/ - rule_id: 24922 http://roewer.de/ - rule_id: 24923 http://www.ex-olive.com/ - rule_id: 23224 http://metaforacom.com/ - rule_id: 24673 http://ludomemo.com/ - rule_id: 26031 http://www.spanesi.com/ - rule_id: 26024 http://dog-jog.net/ - rule_id: 26192 http://univi.it/ - rule_id: 24783 http://avse.hu/ - rule_id: 26193 http://amele.com/ http://www.railbook.net/ - rule_id: 26023 http://iranytu.net/ - rule_id: 26194 http://ruzee.com/ - rule_id: 24928 http://www.cel-cpa.com/ - rule_id: 26032 http://orlyhotel.com/ - rule_id: 24651 http://magicomm.co.uk/ - rule_id: 24678 http://tbvlugus.nl/ - rule_id: 24930 http://fundeo.com/ - rule_id: 24931 http://akr.co.id/ - rule_id: 24679 http://acraloc.com/ - rule_id: 24945 http://www.item-pr.com/ - rule_id: 24680 http://www.jchysk.com/ - rule_id: 24561 http://kavram.com/ - rule_id: 24932 http://sgk.home.pl/ - rule_id: 24933 http://www.vazir.se/ - rule_id: 23203 http://coxkitchensandbaths.com/ - rule_id: 24716 http://beafin.com/ - rule_id: 24686 http://www.domon.com/ - rule_id: 24688 http://vonparis.com/ - rule_id: 24689 http://sigtoa.com/ - rule_id: 24742 http://kustnara.com/ http://listel.co.jp/ - rule_id: 24700 http://shittas.com/ - rule_id: 24691 http://ascc.org.au/ - rule_id: 24936 http://missnue.com/ - rule_id: 24937 http://bossinst.com/ - rule_id: 24692 http://angework.com/ http://vivastay.com/ - rule_id: 24694 http://t-trust.jp/ - rule_id: 24654 http://sanfotek.net/ - rule_id: 24964 http://www.wifi4all.nl/ - rule_id: 23195 http://aoinko.net/ - rule_id: 24940 http://mondopp.net/ - rule_id: 26195 http://aluminox.es/ - rule_id: 24697 http://nekono.net/ - rule_id: 24941 http://holp-ai.com/ - rule_id: 24942 http://shanks.co.uk/ - rule_id: 24943 http://www.photo4b.com/ - rule_id: 23201 http://www.crcsi.org/ - rule_id: 23206 http://www.kernsafe.com/ - rule_id: 23218 http://ccssinc.com/ - rule_id: 24698 http://mackusick.com/ - rule_id: 24699 http://www.vitaindu.com/ - rule_id: 23210 http://pellys.co.uk/ - rule_id: 24767 http://wvs-net.de/ - rule_id: 26196 http://shiner.com/ - rule_id: 26037 http://bigzz.by/ - rule_id: 24946 http://karmy.com.pl/ - rule_id: 24703 http://ikulani.com/ http://www.transsib.com/ - rule_id: 23204 http://shteeble.com/ - rule_id: 24947 http://www.medius.si/ - rule_id: 26038 http://www.nelipak.nl/ - rule_id: 23217 http://www.pdqhomes.com/ - rule_id: 23183 http://www.iamdirt.com/ - rule_id: 23192 http://impexnc.com/ - rule_id: 24706 http://floopis.com/ http://jnf.at/ - rule_id: 24948 http://wanoa.com/ - rule_id: 26198 http://vvsteknik.dk/ - rule_id: 26040 http://stopllc.com/ - rule_id: 24954 http://vfcindia.com/ - rule_id: 24955 http://www.yoruksut.com/ - rule_id: 26042 http://scip.org.uk/ http://www.edimart.hu/ - rule_id: 23221 http://4locals.net/ - rule_id: 24676 http://www.netcr.com/ - rule_id: 23219 http://www.abart.pl/ - rule_id: 23208 http://valselit.com/ - rule_id: 26197 http://www.pcgrate.com/ - rule_id: 24560 http://dayvo.com/ - rule_id: 24917 http://www.valselit.com/ - rule_id: 23216 http://akdeniz.nl/ - rule_id: 24735 http://www.com-sit.com/ - rule_id: 26045 http://www.x0c.com/ - rule_id: 23225 http://skgm.ru/ http://www.fcwcvt.org/ - rule_id: 23196 http://www.gpthink.com/ - rule_id: 23215 http://adventist.ro/ - rule_id: 24959 http://infotech.pl/ - rule_id: 24960 http://kayoaiba.com/ - rule_id: 24718 http://com-edit.fr/ - rule_id: 24708 http://www.maktraxx.com/ - rule_id: 24720 http://dhh.la.gov/ - rule_id: 24721 http://insia.com/ - rule_id: 24722 http://flamingorecordings.com/ - rule_id: 24759 http://www.credo.edu.pl/ - rule_id: 23190 http://nrsi.com/ - rule_id: 26199 http://daytonir.com/ - rule_id: 24753 http://kamptal.at/ - rule_id: 24702 http://agulatex.com/ - rule_id: 26200 http://zupraha.cz/ - rule_id: 26046 http://sjbmw.com/ - rule_id: 24725 http://www.dgmna.com/ - rule_id: 23187 http://mijash3.com/ - rule_id: 24726 http://www.dayvo.com/ - rule_id: 24724 http://rappich.de/ - rule_id: 26201 http://www.ottospm.com/ - rule_id: 24727 http://www.mobilnic.net/ - rule_id: 24643 http://www.naoi-a.com/ - rule_id: 23209 http://redgiga.com/ - rule_id: 24730 http://fortknox.bm/ - rule_id: 24754 http://www.evcpa.com/ - rule_id: 24550 http://www.petsfan.com/ - rule_id: 23194 http://muhr-soehne.de/ - rule_id: 24732 http://www.mqs.com.br/ - rule_id: 23205 http://www.rs-ag.com/ - rule_id: 23199 http://www.olras.com/ - rule_id: 23186 http://lpver.com/ - rule_id: 24965 http://sinwal.com/ - rule_id: 24734 http://siongann.com/ - rule_id: 24966 http://www.lrsuk.com/ - rule_id: 23223 http://diamir.de/ - rule_id: 24736 http://www.alteor.cl/ - rule_id: 23182 http://www.fe-bauer.de/ - rule_id: 24738 http://alexpope.biz/ - rule_id: 24968 http://603888.com/ - rule_id: 24926 http://kallman.net/ http://top1oil.com/ - rule_id: 26202 http://www.pwd.org/ - rule_id: 24741 http://www.c9dd.com/ - rule_id: 26051 http://oaith.ca/ - rule_id: 26048 http://hyab.se/ - rule_id: 24743 http://softizer.com/ - rule_id: 26052 http://www.t-tre.com/ - rule_id: 23214 http://banvari.com/ - rule_id: 24744 http://nettle.pl/ - rule_id: 24938 http://gujarat.com/ - rule_id: 24746 http://rast.se/ - rule_id: 24747 http://www.sjbs.org/ - rule_id: 24664 http://kairel.com/ - rule_id: 24969 http://cbras.com/ - rule_id: 26205 http://nts-web.net/ - rule_id: 24749 http://camamat.com/ - rule_id: 26053 http://cpmteam.com/ - rule_id: 24971 http://www.speelhal.net/ - rule_id: 23228 http://hes.pt/ - rule_id: 24972 http://araax.com/ - rule_id: 24750 http://htsmx.net/ - rule_id: 26204 http://bggs.com/ - rule_id: 24751 http://ntc.edu.au/ - rule_id: 24752 http://yasuma.com/ - rule_id: 24963 http://www.jenco.co.uk/ - rule_id: 23179 http://touchfam.ca/ - rule_id: 24975 http://duiops.net/ - rule_id: 24976 http://canasil.com/ - rule_id: 24977 http://snf.it/ - rule_id: 24756 http://forbin.net/ - rule_id: 24757 http://www.pupi.cz/ - rule_id: 24758 http://captlfix.com/ - rule_id: 24979 http://anduran.com/ - rule_id: 24978 http://www.tvtools.fi/ - rule_id: 23185 http://www.jacomfg.com/ - rule_id: 23226 http://www.ora-ito.com/ - rule_id: 23211 http://www.waldi.pl/ - rule_id: 23207 http://a-domani.com/ - rule_id: 24760 http://www.otena.com/ - rule_id: 24532 http://shesfit.com/ - rule_id: 26060 http://fdlymca.org/ - rule_id: 24649 http://gbp-jp.com/ - rule_id: 26056 http://semuk.com/ - rule_id: 24690 http://www.2print.com/ - rule_id: 23222 http://cubodown.com/ - rule_id: 24762 http://www.pr-park.com/ - rule_id: 23180 http://hchc.org/ - rule_id: 24763 http://linac.co.uk/ - rule_id: 24984 http://ftmobile.com/ - rule_id: 24728 http://webways.com/ - rule_id: 26207 http://cbaben.com/ - rule_id: 24653 http://www.vexcom.com/ - rule_id: 24764 http://dbnet.at/ - rule_id: 24765 http://host.do/ - rule_id: 24696 http://www.cokocoko.com/ - rule_id: 23220 http://www.11tochi.net/ - rule_id: 24659 http://simetar.com/ - rule_id: 26058 http://www.ora.ecnet.jp/ - rule_id: 23212 http://any-s.net/ - rule_id: 24990 http://themark.org/ - rule_id: 26208 http://www.abdg.com/ - rule_id: 23193 http://e-kami.net/ - rule_id: 24770 http://popbook.com/ - rule_id: 24991 http://arowines.com/ - rule_id: 24919 http://esmoke.net/ http://uster.com/ - rule_id: 24956 http://www.tyrns.com/ - rule_id: 23227 http://dspears.com/ - rule_id: 24683 http://smitko.net/ - rule_id: 24784 http://shztm.ru/ - rule_id: 24993 http://biurohera.pl/ - rule_id: 24774 http://www.synetik.net/ - rule_id: 23197 http://www.nqks.com/ - rule_id: 24775 http://strazynski.pl/ - rule_id: 24777 http://peminet.net/ - rule_id: 24778 http://apps.identrust.com/roots/dstrootcax3.p7c http://karila.fr/ - rule_id: 24780 http://indonesiamedia.com/ - rule_id: 24781 http://web-york.com/ - rule_id: 24782 http://ifesnet.com/ - rule_id: 26055 http://mackusick.de/ - rule_id: 24769 http://www.elpro.si/ - rule_id: 23189 http://pleszew.policja.gov.pl/ - rule_id: 24773 https://pleszew.policja.gov.pl/	666 Info banvari.com(23.227.38.32) - mailcious gbp-jp.com(208.80.122.205) - mailcious www.vazir.se(206.191.152.37) - mailcious duiops.net(135.125.108.170) - mailcious top1oil.com(172.67.71.55) - mailcious daytonir.com(104.18.40.43) - mailcious nekono.net(202.172.28.187) - mailcious in1.smtp.messagingengine.com(103.168.172.219) floopis.com(3.64.163.50) lpver.com(92.204.129.113) - mailcious univi.it(18.197.121.220) - mailcious nels.co.uk(5.134.13.210) - mailcious insia.com(82.208.6.9) - mailcious www.yoruksut.com(93.187.206.66) www.mqs.com.br(170.82.174.30) www.photo4b.com(195.78.66.50) mackusick.de(217.160.0.131) - mailcious www.sjbs.org(69.163.239.62) - mailcious skypearl.com(153.122.170.15) www.netcr.com(3.130.253.23) - mailcious usadig.com(198.100.146.220) www.fnsds.org(34.197.121.219) - mailcious missnue.com(104.21.234.120) - mailcious pro-fa.com() shztm.ru(62.122.170.171) - mailcious skgm.ru(91.201.52.102) sigtoa.com(172.67.160.168) - mailcious www.owsports.ca() - mailcious shanks.co.uk(217.19.254.22) - mailcious fifa-ews.com(172.67.189.227) - mailcious 89gospel.com() roewer.de(45.142.176.225) - mailcious dwid.de(87.230.93.218) www.abart.pl(89.161.163.246) yhsll.com(107.186.187.147) - mailcious wahw.com.au(54.194.190.151) canasil.com(172.67.68.180) - mailcious canmore.com() kustnara.com(75.2.70.75) johnlyon.org(141.193.213.20) - mailcious www.holleman.us(51.79.51.72) - mailcious www.vexcom.com(104.21.55.224) - mailcious c-drop.net() avc.com.sa() www.reglera.com(64.125.133.18) clinicasanluis.com.co(172.67.164.178) - mailcious pellys.co.uk(77.72.4.226) - mailcious www.yocinc.org(66.94.119.160) nolaoig.org(54.212.145.129) www.wkhk.net() - mailcious cqdgroup.com(221.132.33.88) vvsteknik.dk(185.31.76.90) - mailcious infotech.pl(79.96.32.254) - mailcious assideum.com(52.219.177.224) www.mobilnic.net(154.203.14.100) www.myropcb.com(74.208.236.101) - mailcious kallman.net(185.76.64.25) www.findbc.com(13.248.169.48) - mailcious hubbikes.com(75.2.70.75) - mailcious ccssinc.com(104.21.19.68) - mailcious amba-tc.si() stopllc.com(162.241.233.114) - mailcious polprime.com() - mailcious rappich.de(89.31.143.1) - mailcious aoinko.net(157.7.107.38) - mailcious absblast.com(141.193.213.20) - mailcious yasuma.com(61.200.81.23) - mailcious pertex.com(185.151.30.147) - mailcious www.domon.com(23.227.38.74) - mailcious www.maktraxx.com(72.44.93.236) - mailcious de() host.do(217.79.248.38) - mailcious gujarat.com(104.21.73.143) - mailcious mail.airmail.net(66.226.70.66) www.stnic.co.uk(77.68.50.105) vonparis.com(23.185.0.4) - mailcious www.dayvo.com(104.21.68.7) - mailcious samtv.ro() ftmobile.com(199.34.228.78) - mailcious amele.com(85.159.66.62) bossinst.com(205.178.189.131) - mailcious sjbmw.com(164.92.82.47) - mailcious shesfit.com(104.21.74.141) - mailcious ldh.la.gov(75.2.95.235) www.koz1.net() - mailcious biurohera.pl(79.96.161.192) - mailcious xsui.com(127.0.0.1) www.olras.com(80.93.82.33) - mailcious techtrans.de(185.237.66.112) www.jroy.net() - mailcious acraloc.com(192.64.150.164) - mailcious ludomemo.com(27.0.174.59) - mailcious www.nqks.com(147.154.3.56) - mailcious redgiga.com(172.67.186.153) - mailcious hchc.org(34.224.10.110) - mailcious mackusick.com(217.160.0.179) - mailcious www.t-tre.com(135.181.73.98) araax.com(54.209.32.212) - mailcious webband.com() www.11tochi.net(157.112.176.4) - mailcious sinwal.com(172.67.206.199) - mailcious apcotex.com(35.154.163.204) dog-jog.net(153.122.24.177) - mailcious tbvlugus.nl(174.129.25.170) - mailcious magicomm.co.uk(83.223.113.46) - mailcious www.item-pr.com(213.186.33.17) - mailcious webways.com(172.67.128.139) - mailcious www.depalo.com(142.250.206.211) - mailcious deckoviny.cz(88.86.118.82) - mailcious www.nelipak.nl(82.201.61.230) kavram.com(172.67.189.68) - mailcious www.ora-ito.com(213.186.33.40) www.wnsavoy.com(96.91.204.114) simetar.com(104.21.79.166) - mailcious www.railbook.net(103.224.212.221) from30ty.com(157.7.231.224) - mailcious peminet.net(198.54.117.242) - mailcious gmail-smtp-in.l.google.com(142.251.170.26) icd-host.com(192.252.159.165) - mailcious yoruksut.com(93.187.206.66) - mailcious e-kami.net(202.172.28.89) - mailcious www.pohlfood.com(104.218.10.254) hyab.se(104.21.52.126) - mailcious www.alteor.cl(34.117.168.233) www.tyrns.com(62.75.216.137) 603888.com(67.21.93.229) - mailcious fdlymca.org(192.124.249.9) - mailcious nts-web.net(49.212.235.175) - mailcious bigzz.by(178.249.70.75) - mailcious zupraha.cz(77.78.104.3) - mailcious burstner.ru(62.122.170.171) - mailcious www.jenco.co.uk(172.67.208.67) - mailcious sanfotek.net(216.69.141.67) - mailcious eos-i.com() - mailcious amerifor.com(64.18.191.61) - mailcious kayoaiba.com(154.213.117.166) - mailcious www.elpro.si(104.26.15.53) - mailcious ultibax.org() plaske.ua(52.211.245.146) vdoherty.com(91.216.241.100) - mailcious dbnet.at(188.94.254.88) - mailcious fundeo.com(172.67.97.62) - mailcious cnti.krsn.ru(217.74.161.133) www.naoi-a.com(202.254.236.40) - mailcious jnf.at(136.243.147.81) - mailcious themark.org(35.172.94.1) - mailcious rkengg.com(52.71.57.184) - mailcious uster.com(172.67.32.172) - mailcious invictus.pl() mjrcpas.com(47.91.170.222) www.pwd.org(208.109.214.162) - mailcious hamaker.net(34.102.136.180) - mailcious cjcagent.com() - mailcious impexnc.com(204.11.56.48) - mailcious shteeble.com(185.106.129.180) - mailcious beafin.com(133.125.38.187) - mailcious www.com-sit.com(104.26.11.81) ramkome.com(62.75.216.107) - mailcious www.ottospm.com(104.21.63.28) - mailcious rast.se(93.188.2.51) - mailcious ikulani.com(157.7.107.88) ntc.edu.au(192.124.249.15) - mailcious www.pb-games.com(173.254.28.29) workplus.hu() - mailcious angework.com(219.94.128.87) mondopp.net(173.231.184.124) - mailcious ie-roi.com() flamingorecordings.com(35.214.171.193) - mailcious wanoa.com(159.89.244.183) - mailcious cubodown.com(172.67.150.50) - mailcious dspears.com(3.94.41.167) - mailcious touchfam.ca(15.197.142.173) - mailcious xinhui.net(43.255.29.192) vfcindia.com(103.191.209.76) - mailcious reproar.com(194.143.194.23) - mailcious karmy.com.pl(185.253.212.22) - mailcious mijash3.com(198.49.23.144) - mailcious www.valdal.com(104.26.7.221) www.abdg.com(192.252.154.18) averwin.com() kairel.com(54.217.118.81) - mailcious h-et-l.com() - mailcious pccj.net(104.21.29.72) - mailcious nrsi.com(76.223.35.103) - mailcious www.valselit.com(193.70.68.254) www.pcgrate.com(172.67.201.26) - mailcious someikan.com() www.ex-olive.com(210.140.73.39) metaforacom.com(185.42.105.162) - mailcious www.cokocoko.com(54.161.222.85) - mailcious nblewis.com(35.169.15.168) www.hummer.hu(185.80.51.179) xult.org(65.52.128.33) - mailcious s5w.com(192.99.226.184) - mailcious avse.hu(185.129.138.60) - mailcious dhh.la.gov(52.200.51.73) - mailcious epc.com.au(103.4.16.43) - mailcious www.udesign.biz() www.ftchat.com() - mailcious snf.it(95.174.22.233) - mailcious mkm-gr.com(79.124.76.247) www.ora.ecnet.jp(60.43.154.138) isom.org(192.124.249.14) - mailcious www.rs-ag.com(172.67.152.88) strazynski.pl(85.128.196.22) - mailcious www.credo.edu.pl(62.122.190.121) oaith.ca(192.124.249.12) - mailcious popbook.com(47.91.167.60) - mailcious lyto.net(172.67.138.3) - mailcious www.pdqhomes.com(3.94.41.167) - mailcious www.fe-bauer.de(3.65.101.129) - mailcious www.medius.si(99.86.207.38) scip.org.uk(104.26.13.244) nettlinx.org(202.53.77.146) - mailcious htsmx.net(63.251.106.25) - mailcious bible.org(172.67.33.95) - mailcious www.dgmna.com(192.124.249.20) - mailcious www.jchysk.com(208.97.178.138) - mailcious camamat.com(104.21.235.32) - mailcious hyab.com(172.67.193.133) akdeniz.nl(109.71.54.22) - mailcious cpmteam.com(172.67.188.75) - mailcious alt4.gmail-smtp-in.l.google.com(142.250.152.26) cutchie.com(199.59.243.223) - mailcious www.tvtools.fi(172.67.152.159) - mailcious captlfix.com(198.185.159.144) - mailcious t-trust.jp(183.181.82.14) - mailcious smtp.sbcglobal.yahoo.com(67.195.12.38) www.stajum.com(162.43.120.128) www.evcpa.com(192.124.249.10) - mailcious web-york.com(219.94.129.97) - mailcious com() www.petsfan.com(18.119.154.66) - mailcious juso-gr.ch() - mailcious www.synetik.net(193.166.255.171) nettle.pl(195.128.140.29) - mailcious www.yumgiskor.kz() anduran.com(34.205.242.146) - mailcious www.kernsafe.com(104.26.2.124) forbin.net(104.21.41.152) - mailcious thiessen.net(62.75.251.116) karila.fr(89.107.169.125) - mailcious esmoke.net(204.15.134.44) kewlmail.com(63.251.106.25) - mailcious akr.co.id(172.67.33.252) - mailcious www.quadlock.com(70.39.251.249) - mailcious www.cel-cpa.com(104.196.26.65) www.wifi4all.nl(172.67.198.26) - mailcious www.x0c.com(185.53.177.50) - mailcious atbauk.org(104.21.92.170) - mailcious shittas.com(43.246.117.171) - mailcious adeesa.net(172.67.209.11) - mailcious iranytu.net(103.224.212.222) - mailcious www.jacomfg.com(96.127.180.42) - mailcious koz1.net() bggs.com(35.230.155.43) - mailcious orbitgas.com(107.180.58.31) - mailcious hbfuels.com(85.233.160.146) - mailcious softizer.com(185.163.45.187) - mailcious www.otena.com(3.64.163.50) www.ka-mo-me.com(211.1.226.67) www.edimart.hu(81.2.194.241) - mailcious smitko.net(31.15.12.103) - mailcious siongann.com(104.21.8.75) - mailcious muhr-soehne.de(5.189.171.125) - mailcious www.c9dd.com(188.166.152.188) kumaden.com(49.212.180.178) - mailcious valselit.com(193.70.68.254) - mailcious mail7.digitalwaves.co.nz() www.tc17.com(104.21.79.244) - mailcious www.speelhal.net(217.19.237.54) scintel.com(23.239.201.14) uhsa.edu.ag(192.124.249.13) - mailcious jsaps.com(49.212.235.59) - mailcious diamir.de(94.130.146.206) - mailcious www.aevga.com(108.167.164.216) www.crcsi.org(165.227.252.190) clysma.com() www.spanesi.com(5.196.166.214) com-edit.fr(63.251.106.25) - mailcious any-s.net(108.170.12.50) - mailcious pleszew.policja.gov.pl(91.229.22.126) - mailcious www.lrsuk.com(99.86.207.106) - mailcious www.fcwcvt.org(172.67.134.134) cbaben.com(173.205.126.33) - mailcious fr-dat.com(127.0.0.1) www.fink.com(69.163.218.51) envogen.com(104.21.73.149) - mailcious unicus.jp(49.212.232.113) - mailcious k-nikko.com(18.177.67.59) - mailcious mxs.mail.ru(94.100.180.31) mcseurope.nl(46.19.218.80) - mailcious ccrsi.org(198.209.253.30) www.transsib.com(80.74.154.6) vivastay.com(52.86.6.113) - mailcious nme.co.jp(203.0.113.0) dzm.cz(83.167.255.150) - mailcious www.medisa.info() agitz.com.br() agulatex.com(133.125.38.187) - mailcious ossir.org(51.159.3.117) - mailcious doggybag.org(213.186.33.16) - mailcious wvs-net.de(104.21.43.163) - mailcious msl-lock.com(165.160.13.20) - mailcious wolffkran.de() www.xaicom.es(188.165.133.163) www.baijaku.com(59.106.19.204) - mailcious dayvo.com(172.67.184.30) - mailcious www.iamdirt.com(34.117.168.233) - mailcious coxkitchensandbaths.com(205.149.134.32) - mailcious cbras.com(54.39.198.18) - mailcious indonesiamedia.com(74.208.215.145) - mailcious holp-ai.com(59.106.13.169) - mailcious www.snugpak.com(104.21.73.182) - mailcious adventist.ro(49.12.155.123) - mailcious ymlp15.net() www.waldi.pl(46.242.238.60) - mailcious www.nunomira.com(192.241.158.94) haigh-me.com() multip.hu() gbmfg.com(151.101.2.132) www.usadig.com(198.100.146.220) 4locals.net(80.82.115.227) - mailcious ascc.org.au(203.210.102.34) - mailcious hes.pt(52.19.230.145) - mailcious orlyhotel.com(104.21.48.207) - mailcious sgk.home.pl(89.161.136.188) - mailcious ifesnet.com(172.67.137.15) - mailcious nt-hat.com() kamptal.at(128.204.134.138) - mailcious listel.co.jp(49.212.243.77) - mailcious semuk.com(86.105.245.69) - mailcious linac.co.uk(23.236.62.147) - mailcious www.2print.com(107.180.98.101) websy.com() e-asset.net() www.gpthink.com(39.99.233.155) - mailcious www.vitaindu.com(122.128.109.107) www.fnw.us(137.118.26.67) a-domani.com(183.90.232.24) - mailcious aluminox.es(37.59.243.164) - mailcious arowines.com(75.2.18.233) - mailcious www.pr-park.com(118.27.125.181) shiner.com(172.67.143.148) - mailcious www.sclover3.com(157.112.182.239) - mailcious grlawcc.com() org() alexpope.biz(76.74.184.61) - mailcious aba.org.eg(192.169.149.78) - mailcious ruzee.com(207.180.198.201) - mailcious n23china.com() www.pupi.cz(103.224.182.241) - mailcious ciicsc.com() smtp.live.com(204.79.197.212) fortknox.bm(216.177.137.32) - mailcious 64.125.133.18 79.124.76.247 208.80.123.104 192.64.150.164 - mailcious 77.78.104.3 - phishing 204.15.134.44 192.241.158.94 185.163.45.187 - mailcious 211.13.196.162 172.67.186.153 - mailcious 3.64.163.50 - mailcious 188.166.152.188 104.21.26.154 - mailcious 86.105.245.69 - mailcious 159.89.244.183 192.252.154.18 - mailcious 107.180.98.101 13.225.131.58 198.185.159.144 - mailcious 5.189.171.125 - mailcious 135.181.73.98 52.19.230.145 - mailcious 79.96.32.254 - mailcious 104.21.19.68 - mailcious 43.246.117.171 - mailcious 45.142.176.225 - mailcious 157.7.107.88 49.12.155.123 136.243.147.81 - mailcious 49.212.235.59 - mailcious 47.91.170.222 - mailcious 153.120.34.73 49.212.232.113 - mailcious 192.169.149.78 - mailcious 104.21.234.121 - mailcious 142.250.66.51 104.21.52.126 - mailcious 217.74.161.133 217.19.254.22 - mailcious 104.21.235.32 - mailcious 142.250.152.27 219.94.129.97 - mailcious 23.236.62.147 - mailcious 172.67.201.26 83.223.113.46 - mailcious 91.216.241.100 - mailcious 80.74.154.6 - mailcious 104.26.1.82 141.193.213.20 - malware 62.122.170.171 205.149.134.32 - mailcious 172.67.206.199 - mailcious 193.166.255.171 - mailcious 137.118.26.67 192.124.249.9 - mailcious 75.2.70.75 - mailcious 60.43.154.138 74.125.23.27 217.160.0.179 - mailcious 153.122.24.177 - mailcious 62.75.251.116 172.67.184.30 - mailcious 89.107.169.125 - mailcious 172.67.165.62 199.59.243.223 121.254.136.27 104.21.23.9 202.172.28.187 - mailcious 74.208.236.101 185.129.138.60 - mailcious 172.67.150.50 - mailcious 172.67.70.223 213.186.33.40 - mailcious 205.178.189.131 - phishing 151.101.2.132 104.21.48.207 54.217.118.81 - mailcious 67.21.93.229 104.21.43.163 - mailcious 95.174.22.233 - mailcious 47.91.167.60 - mailcious 122.128.109.107 153.122.170.15 172.67.193.133 203.210.102.34 - mailcious 172.67.73.176 54.39.198.18 - mailcious 154.213.117.166 - mailcious 82.201.61.230 - mailcious 198.100.146.220 18.197.121.220 - mailcious 157.112.182.239 - mailcious 172.67.142.169 157.7.231.224 - mailcious 128.8.10.90 210.140.73.39 - mailcious 185.53.177.50 - mailcious 192.203.230.10 54.212.145.129 31.15.12.103 - mailcious 72.44.93.236 - mailcious 77.68.50.105 107.180.58.31 - mailcious 80.82.115.227 - mailcious 162.241.233.114 - mailcious 208.97.178.138 - mailcious 5.134.13.210 - mailcious 198.209.253.30 170.82.174.30 185.31.76.90 - mailcious 104.21.89.126 128.204.134.138 - mailcious 192.99.226.184 - mailcious 211.1.226.67 104.21.32.240 - malware 5.196.166.214 34.117.168.233 - mailcious 104.26.13.244 192.5.5.241 49.212.243.77 - mailcious 213.186.33.17 - mailcious 213.186.33.16 - mailcious 188.94.254.88 - mailcious 217.19.237.54 - mailcious 96.127.180.42 - mailcious 118.27.125.181 221.132.33.88 - mailcious 104.21.62.182 51.159.3.117 - mailcious 173.231.184.124 - mailcious 27.0.174.59 - mailcious 103.4.16.43 - mailcious 157.112.176.4 - malware 54.161.222.85 - mailcious 35.154.163.204 185.151.30.147 - mailcious 193.70.68.254 - mailcious 165.160.15.20 - mailcious 202.254.236.40 - mailcious 133.125.38.187 - mailcious 69.163.218.51 - mailcious 52.71.57.184 - mailcious 67.195.12.38 35.172.94.1 - phishing 103.168.172.217 75.2.95.235 43.255.29.192 216.69.141.67 194.143.194.23 - mailcious 108.167.164.216 104.21.79.166 198.1.81.28 103.191.209.76 52.0.29.214 185.237.66.112 173.205.126.33 - mailcious 172.67.198.26 - phishing 76.223.35.103 - mailcious 89.161.163.246 - mailcious 172.67.143.148 34.102.136.180 - mailcious 154.203.14.100 88.86.118.82 - mailcious 104.21.8.75 195.128.140.29 - mailcious 34.224.10.110 - mailcious 62.75.216.107 - mailcious 208.109.214.162 185.76.64.25 82.208.6.9 - mailcious 89.31.143.1 - mailcious 104.21.68.7 - mailcious 104.21.88.198 - mailcious 3.140.13.188 - mailcious 165.227.252.190 - suspicious 49.212.180.178 - mailcious 183.181.82.14 - mailcious 104.26.15.53 75.2.18.233 - mailcious 81.2.194.241 - mailcious 202.172.28.89 - mailcious 172.67.163.101 108.170.12.50 185.42.105.162 - mailcious 198.54.117.242 - mailcious 192.124.249.20 - mailcious 85.233.160.146 207.180.198.201 - mailcious 188.165.133.163 23.227.38.74 - mailcious 64.18.191.61 - mailcious 174.129.25.170 - mailcious 103.224.182.241 - mailcious 35.230.155.43 - mailcious 66.94.119.160 63.251.106.25 - mailcious 74.208.215.145 - mailcious 104.26.2.14 202.53.77.146 - mailcious 66.226.70.66 34.205.242.146 - mailcious 147.154.3.56 - mailcious 192.36.148.17 172.67.189.227 - mailcious 37.59.243.164 - mailcious 172.67.146.154 - mailcious 65.52.128.33 - malware 185.80.51.179 - mailcious 80.93.82.33 - mailcious 89.161.136.188 - mailcious 204.11.56.48 - phishing 195.78.66.50 - mailcious 107.186.187.147 93.187.206.66 - mailcious 172.67.164.178 104.21.77.146 92.204.129.113 - mailcious 183.90.232.24 - mailcious 162.43.120.128 104.26.3.124 - mailcious 99.86.207.125 172.67.158.251 - phishing 52.219.142.72 79.96.161.192 59.106.19.204 - mailcious 34.197.121.219 172.67.148.147 23.239.201.14 77.72.4.226 - mailcious 109.71.54.22 - mailcious 3.130.253.23 - mailcious 103.224.212.221 - mailcious 103.224.212.222 - mailcious 104.21.73.143 - mailcious 94.130.146.206 217.69.139.150 165.160.13.20 - mailcious 61.200.81.23 - mailcious 192.124.249.14 - mailcious 104.20.123.68 178.249.70.75 - mailcious 76.74.184.61 - mailcious 104.20.54.214 - mailcious 39.99.233.155 - mailcious 70.39.251.249 - mailcious 69.163.239.62 46.19.218.80 - mailcious 104.218.10.254 172.67.148.35 54.194.190.151 104.21.79.244 83.167.255.150 - mailcious 104.21.1.213 104.196.26.65 - mailcious 87.230.93.218 164.92.82.47 173.254.28.29 - phishing 104.21.55.224 - mailcious 46.242.238.60 - mailcious 15.197.142.173 - mailcious 85.128.196.22 - mailcious 216.177.137.32 - mailcious 103.168.172.221 104.21.25.200 192.58.128.30 13.248.169.48 51.79.51.72 - mailcious 192.252.159.165 - mailcious 193.0.14.129 85.159.66.62 - mailcious 217.160.0.131 - mailcious 62.122.190.121 172.67.97.62 3.65.101.129 - mailcious 62.75.216.137 104.18.40.43 - mailcious 3.19.116.195 - mailcious 172.67.128.139 - mailcious 23.227.38.32 - mailcious 204.79.197.212 52.211.245.146 217.79.248.38 - mailcious 172.67.196.145 - mailcious 49.212.235.175 - mailcious 185.253.212.22 - mailcious 199.34.228.78 - mailcious 59.106.13.169 - mailcious 35.169.15.168 93.188.2.51 - malware 35.214.171.193 23.185.0.4 - malware 96.91.204.114 - mailcious 52.219.176.112 91.229.22.126 - mailcious 104.21.49.75 - mailcious 135.125.108.170 - mailcious 172.67.189.68 - mailcious 192.124.249.15 - mailcious 18.177.67.59 - mailcious 192.124.249.13 - mailcious 192.124.249.12 - mailcious 91.201.52.102 192.124.249.10 - mailcious 104.20.221.29 185.106.129.180 - mailcious 206.191.152.37 219.94.128.87 164.90.244.158 - mailcious 157.7.107.38 - mailcious 3.94.41.167 - mailcious 52.200.51.73 - mailcious	8 Info ET MALWARE Backdoor.Win32.Pushdo.s Checkin ET INFO Observed DNS Query to .biz TLD ET MALWARE Possible Compromised Host AnubisNetworks Sinkhole Cookie Value Snkz SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) ET INFO TLS Handshake Failure ET Threatview.io High Confidence Cobalt Strike C2 IP group 1 ET MALWARE Possible Compromised Host AnubisNetworks Sinkhole Cookie Value btst SURICATA ICMPv4 invalid checksum	243 Info http://www.xaicom.es/ http://atbauk.org/ http://pccj.net/ http://lyto.net/ http://www.pohlfood.com/ http://www.pb-games.com/ http://vdoherty.com/ http://cutchie.com/ http://www.sclover3.com/ http://yhsll.com/ http://www.yocinc.org/ http://hamaker.net/ http://www.stnic.co.uk/ http://www.fnsds.org/ http://epc.com.au/ http://www.ka-mo-me.com/ http://msl-lock.com/ http://www.snugpak.com/ http://bible.org/ http://www.valdal.com/ http://ramkome.com/ http://rkengg.com/ http://www.baijaku.com/ http://jsaps.com/ http://doggybag.org/ http://mcseurope.nl/ http://clinicasanluis.com.co/ http://www.myropcb.com/ http://amerifor.com/ http://www.depalo.com/ http://www.fink.com/ http://www.quadlock.com/ http://kumaden.com/ http://adeesa.net/ http://www.hummer.hu/ http://www.findbc.com/ http://hubbikes.com/ http://deckoviny.cz/ http://uhsa.edu.ag/ http://www.aevga.com/ http://www.tc17.com/ http://www.holleman.us/ http://burstner.ru/ http://roewer.de/ http://www.ex-olive.com/ http://metaforacom.com/ http://ludomemo.com/ http://www.spanesi.com/ http://dog-jog.net/ http://univi.it/ http://avse.hu/ http://www.railbook.net/ http://iranytu.net/ http://ruzee.com/ http://www.cel-cpa.com/ http://orlyhotel.com/ http://magicomm.co.uk/ http://tbvlugus.nl/ http://fundeo.com/ http://akr.co.id/ http://acraloc.com/ http://www.item-pr.com/ http://www.jchysk.com/ http://kavram.com/ http://sgk.home.pl/ http://www.vazir.se/ http://coxkitchensandbaths.com/ http://beafin.com/ http://www.domon.com/ http://vonparis.com/ http://sigtoa.com/ http://listel.co.jp/ http://shittas.com/ http://ascc.org.au/ http://missnue.com/ http://bossinst.com/ http://vivastay.com/ http://t-trust.jp/ http://sanfotek.net/ http://www.wifi4all.nl/ http://aoinko.net/ http://mondopp.net/ http://aluminox.es/ http://nekono.net/ http://holp-ai.com/ http://shanks.co.uk/ http://www.photo4b.com/ http://www.crcsi.org/ http://www.kernsafe.com/ http://ccssinc.com/ http://mackusick.com/ http://www.vitaindu.com/ http://pellys.co.uk/ http://wvs-net.de/ http://shiner.com/ http://bigzz.by/ http://karmy.com.pl/ http://www.transsib.com/ http://shteeble.com/ http://www.medius.si/ http://www.nelipak.nl/ http://www.pdqhomes.com/ http://www.iamdirt.com/ http://impexnc.com/ http://jnf.at/ http://wanoa.com/ http://vvsteknik.dk/ http://stopllc.com/ http://vfcindia.com/ http://www.yoruksut.com/ http://www.edimart.hu/ http://4locals.net/ http://www.netcr.com/ http://www.abart.pl/ http://valselit.com/ http://www.pcgrate.com/ http://dayvo.com/ http://www.valselit.com/ http://akdeniz.nl/ http://www.com-sit.com/ http://www.x0c.com/ http://www.fcwcvt.org/ http://www.gpthink.com/ http://adventist.ro/ http://infotech.pl/ http://kayoaiba.com/ http://com-edit.fr/ http://www.maktraxx.com/ http://dhh.la.gov/ http://insia.com/ http://flamingorecordings.com/ http://www.credo.edu.pl/ http://nrsi.com/ http://daytonir.com/ http://kamptal.at/ http://agulatex.com/ http://zupraha.cz/ http://sjbmw.com/ http://www.dgmna.com/ http://mijash3.com/ http://www.dayvo.com/ http://rappich.de/ http://www.ottospm.com/ http://www.mobilnic.net/ http://www.naoi-a.com/ http://redgiga.com/ http://fortknox.bm/ http://www.evcpa.com/ http://www.petsfan.com/ http://muhr-soehne.de/ http://www.mqs.com.br/ http://www.rs-ag.com/ http://www.olras.com/ http://lpver.com/ http://sinwal.com/ http://siongann.com/ http://www.lrsuk.com/ http://diamir.de/ http://www.alteor.cl/ http://www.fe-bauer.de/ http://alexpope.biz/ http://603888.com/ http://top1oil.com/ http://www.pwd.org/ http://www.c9dd.com/ http://oaith.ca/ http://hyab.se/ http://softizer.com/ http://www.t-tre.com/ http://banvari.com/ http://nettle.pl/ http://gujarat.com/ http://rast.se/ http://www.sjbs.org/ http://kairel.com/ http://cbras.com/ http://nts-web.net/ http://camamat.com/ http://cpmteam.com/ http://www.speelhal.net/ http://hes.pt/ http://araax.com/ http://htsmx.net/ http://bggs.com/ http://ntc.edu.au/ http://yasuma.com/ http://www.jenco.co.uk/ http://touchfam.ca/ http://duiops.net/ http://canasil.com/ http://snf.it/ http://forbin.net/ http://www.pupi.cz/ http://captlfix.com/ http://anduran.com/ http://www.tvtools.fi/ http://www.jacomfg.com/ http://www.ora-ito.com/ http://www.waldi.pl/ http://a-domani.com/ http://www.otena.com/ http://shesfit.com/ http://fdlymca.org/ http://gbp-jp.com/ http://semuk.com/ http://www.2print.com/ http://cubodown.com/ http://www.pr-park.com/ http://hchc.org/ http://linac.co.uk/ http://ftmobile.com/ http://webways.com/ http://cbaben.com/ http://www.vexcom.com/ http://dbnet.at/ http://host.do/ http://www.cokocoko.com/ http://www.11tochi.net/ http://simetar.com/ http://www.ora.ecnet.jp/ http://any-s.net/ http://themark.org/ http://www.abdg.com/ http://e-kami.net/ http://popbook.com/ http://arowines.com/ http://uster.com/ http://www.tyrns.com/ http://dspears.com/ http://smitko.net/ http://shztm.ru/ http://biurohera.pl/ http://www.synetik.net/ http://www.nqks.com/ http://strazynski.pl/ http://peminet.net/ http://karila.fr/ http://indonesiamedia.com/ http://web-york.com/ http://ifesnet.com/ http://mackusick.de/ http://www.elpro.si/ http://pleszew.policja.gov.pl/	16.2	M	17	ZeroCERT

12687	2023-05-31 22:28	IE_CACHE.exe e57e1575e0737614cd18c1320b1b1183 UPX Malicious Library PE File PE32 PNG Format DLL PE64 VirusTotal Malware Check memory Creates executable files unpack itself AppData folder					3.0	M	34	ZeroCERT

12688	2023-05-31 22:26	oig ff7e3106b49aed84ccf0cc485ddb5ee8 ZIP Format DNS		18 Info 89.161.136.188 - mailcious 164.92.82.47 153.122.24.177 - mailcious 135.125.108.170 - mailcious 13.225.131.58 91.201.52.102 99.86.207.125 77.78.104.3 - phishing 153.122.170.15 79.96.161.192 49.12.155.123 5.134.13.210 - mailcious 216.177.137.32 - mailcious 62.122.170.171 133.125.38.187 - mailcious 80.82.115.227 - mailcious 104.21.48.207 79.96.32.254 - mailcious			0.6			ZeroCERT

12689	2023-05-31 22:26	smss.exe 2cdc1ec873cdfe7feaa1b2ec9c246629 NSIS UPX Malicious Library PE File PE32 OS Processor Check DLL Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware AutoRuns suspicious privilege Check memory Checks debugger buffers extracted WMI Creates executable files unpack itself Check virtual network interfaces AppData folder IP Check Tofsee Windows Browser Email ComputerName Cryptographic key Software crashed keylogger	1 Keyword trend analysis	4	2		12.0	M	33	ZeroCERT

12690	2023-05-31 22:24	INTERNET.exe ab63cd70848e6c0cc499abcb927735e8 Loki Loki_b Loki_m Socket DNS PWS[m] AntiDebug AntiVM .NET EXE PE File PE32 Browser Info Stealer LokiBot Malware download FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware c&c suspicious privilege MachineGuid Code Injection Malicious Traffic Check memory Checks debugger buffers extracted unpack itself Windows utilities malicious URLs installed browsers check Windows Browser Email ComputerName DNS Cryptographic key Software	1 Keyword trend analysis	2	7 Info ET MALWARE LokiBot User-Agent (Charon/Inferno) ET MALWARE LokiBot Checkin ET MALWARE LokiBot Application/Credential Data Exfiltration Detected M1 ET MALWARE LokiBot Application/Credential Data Exfiltration Detected M2 ET MALWARE LokiBot Request for C2 Commands Detected M1 ET MALWARE LokiBot Request for C2 Commands Detected M2 ET MALWARE LokiBot Fake 404 Response	1	13.8	M	26	ZeroCERT