Engine | Download Report | Detection | Info |
---|---|---|---|
|
malicious
Score: 100
|
System: Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
|
Name | Detection |
---|---|
http://blog.trendmicro.com/trendlabs-security-intelligence/lurk-retracing-five-y8 | |
http://blog.checkpoint.com/2017/05/10/diamondfox-modular-malware-one-stop-shop/Spear | |
http://researchcenter.paloaltonetworks.com/2015/10/yispecter-first-ios-malware-aOperation | |
Click to see the 97 hidden entries | |
https://www.welivesecurity.com/2017/12/08/strongpity-like-spyware-replaces-finfi | |
http://researchcenter.paloaltonetworks.com/2016/01/nettraveler-spear-phishing-emNetTraveler | |
https://blogs.rsa.com/wp-content/Operation | |
https://www.symantec.com/security_response/writeup.jsp?docid=2018-021208-2435-99Ransom.ShurL0ckr | |
http://go.cybereason.com/rs/996- | |
https://www.us-cert.gov/sites/default/files/publications/MAR-10135536-B_WHITE.PD1Truebot.A | |
http://researchcenter.paloaltonetworks.com/2016/05/unit42-krbanker-targets | |
http://blog.netlab.360.com/ddg-a-mining-botnet-aiming-at-database-server-en/dDDG: | |
https://researchcenter.paloaltonetworks.com/2018/01/unit42-powerstager-analysis/4PowerStager | |
http://www.malware-traffic-analysis.net/2017/03/30/index2.htmlxCaon | |
http://x.x.x/x.dll | |
http://www.clearskysec.com/dustysky/ | |
https://www.fireeye.com/blog/threat-research/2017/05/cyber-espionage-apt32.htmlAPT32 | |
http://www.waseda.jp/navi/security/2017/0414.htmlCallisto | |
https://www.proofpoint.com/us/threat-insight/post/threat-actors-using-legitimate | |
http://www.crysys.hu/miniduke/miniduke_indicators_public.pdfMiniduke | |
https://www.proofpoint.com/us/threat-insight/post/leviathan-espionage-actor-speaLeviathan: | |
http://www.clearskysec.com/winnti/Recent | |
https://blog.trendmicro.com/trendlabs-security-intelligence/vulnerabilities-apac9Vulnerabilities | |
http://community.hpe.com/t5/Security-Research/9002-RAT-a-second-building-on-the- | |
https://github.com/ptrrkssn/pnscan | |
http://www.cyphort.com/multiple-malwares-used-to-target-an-asian-financial-insti:/Multiple | |
http://blog.trendmicro.com/trendlabs-security-intelligence/following-trail-blackD1Following | |
http://research.zscaler.com/2016/01/there-goes-neighborhood-bad-actors-on.htmlTThere | |
http://researchcenter.paloaltonetworks.com/2017/03/unit42-dimnie-hiding-plain-si | |
https://blogs.forcepoint.com/security-labs/zeus-delivered-deloader-defraud-custoZEUS | |
https://blogs.forcepoint.com/security-labs/ursnif-variant-found-using-mouse-move8 | |
https://www.openssl.org/docs/faq.html | |
https://researchcenter.paloaltonetworks.com/2017/10/unit42-oilrig-group-steps-atOilRig | |
https://securelist.com/analysis/publications/69953/the-naikon-apt/ | |
https://www.us-cert.gov/sites/default/files/publications/MAR-10135536-B_WHITE.PDeBankshot | |
https://goo.gl/t3uUTG | |
https://twitter.com/0x766c6164/status/794176576011309056 | |
https://www.riskiq.com/blog/labs/fake-flash-update-watering-hole-attack/ | |
https://www.welivesecurity.com/wp-content/uploads/2017/07/Stantinko.pdf. | |
http://www.bleepingcomputer.com/news/security/cryptoluck-ransomware-being-malverNew | |
http://researchcenter.paloaltonetworks.com/2015/07/apt-group-ups-targets-us-gove | |
http://blog.talosintelligence.com/2017/02/korean-maldoc.htmlCloud | |
https://objective-see.com/blog/blog_0x26.html | |
http://www.intezer.com/another-distraction-new-version-north-korean-ransomware-h24A | |
https://twitter.com/cyb3rops/status/1097423665472376832ASCS | |
https://blogs.rsa.com/terracotta-vpn-enabler-of-advanced-threat-anonymity/ | |
https://bitbucket.org/cybertools/whitepapers/downloads/Pitty%20Tiger%20Final%20RRSA | |
https://twitter.com/eyaBanking | |
https://www.arbornetworks.com/blog/asert/flokibot-invades-pos-trouble-brazil/ | |
https://www.bluecoat.com/security-blog/2015-04-09/visual-basic-script-malware-rePotential | |
http://pwc.blogs.com/files/cto-tib-20150223-01a.pdfSakula | |
http://phishme.com/disrupting-an-adware-serving-skype-botnet/ | |
http://blog.cylance.com/spear-a-threat-actor-resurfacesThe | |
http://blog.checkpoint.com/wp-content/uploads/2015/10/sb-report-threat-intellige8 | |
https://www.bluecoat.com/security-blog/2015-08-21/tinted-cve-decoy-spearphising-Spearphising | |
https://cysinfo.com/malware-actors-using-nic-cyber-security-themed-spear-phishinn | |
https://goo.gl/rW1yvZ | |
http://cyber.verint.com/nymaim-malware-variant/aAPT28 | |
http://goo.gl/SGcS2HSymantec | |
https://mymalwareparty.blogspot.co.uk/2017/07/operation-desert-eagle.htmls/Operation | |
https://labs.bitdefender.com/wp-content/uploads/downloads/operation-pzchao-insidsOperation | |
http://www.welivesecurity.com/2015/04/09/operation-buhtrap/ROKRAT | |
http://www.secureworks.com/cyber-threat-intelligence/threats/sakula-malware-famiComment | |
https://www.proofpoint.com/us/threat-insight/post/Meet-GreenDispenser | |
https://blog.trendmicro.com/trendlabs-security-intelligence/deciphering-confuciuClDeciphering | |
http://news.asiaone.com/news | |
https://www.welivesecurity.com/wp-content/uploads/2017/07/Stantinko.pdfStantinko | |
https://asert.arbornetworks.com/uncovering-the-seven-pointed-dagger/ | |
http://www.trendmicro.com/cloud-content/us/pdfs/security-intelligence/white-papeNwOperation | |
https://www.fireeye.com/blog/threat-research/2017/05/eps-processing-zero-days.htThe | |
http://www.symantec.com/content/en/us/enterprise/media/security_response/docs/ScBanking | |
http://cylance.com/assets/Cleaver/Cylance_Operation_Cleaver_Report.pdfpoOperation | |
http://www.certego.net/en/news/nearly-undetectable-qarallax-rat-spreading-via-spfdNearly | |
https://www.arbornetworks.com/blog/asert/dirtjumpers-ddos-engine-gets-a-tune-up-kCommunities | |
http://paper.seebug.org/papers/APT/APT_CyberCriminal_Campagin/2013/Unveiling%20araHangover | |
https://www.alienvault.com/open-threat-ex/Operation | |
http://www.welivesecurity.com/2016/07/12/nymaim-rides-2016-reaches-brazil/Regin | |
https://www.alienvault.com/blogs/labs-researcwrWannaCry | |
http://blog.trendmicro.com/trendlabs-security-intelligence/trend-micro-discoversKorplug | |
https://securelist.com/scarcruft-continues-to-evolve-introduces-bluetooth-harvester/90729/ | |
http://blogs.cisco.com/security/talos/malicious-pngs6b44c772bac7cc958b1b4535f02a584fc3a55377a3e7f4cc | |
http://www.trendmicro.com/cloud-content/us/pdfs/security-intelligence/white-papeioOperation | |
https://circl.lu/assets/files/tr-12/tr-12-circl-plugx-analysis-v1.pdfampAnalysis | |
https://vms.drweb.com/virus/?_is=1&Linux.Proxy.10 | |
http://2016.eicar.org/85-0-Download.html | |
http://phishme.com/disrupting-an-adware-serving-skype-botnet/Pushdo | |
https://securelist.com/analysis/publications/69953/the-naikon-apt/Citadel | |
http://www.aftana.ir/images/docs/files/000002/nf00002716-1.pdfHancitor | |
https://www.blueliv.com | |
https://goo.gl/joxXHF | |
http://blog.talosintelligence.com/2017/09/brazilbanking.htmlGlobe | |
https://goo.gl/7jGkpV | |
https://public.gdatasoftware.com/Presse/Publikationen/Whitepaper/EN/GDATA_TooHas.Operation | |
https://www.welivesecurity.com/wp-content/uploads/2018/01/ESET_Turla_Mosquito.pd | |
http://phishme.com/bolek-leaked-carberp-kbot-source-code-complicit-new-phishing-Bolek: | |
https://securingtomorrow.mcafee.com/mcafee-labs/gold-dragon-widens-olympics-malware-attacks-gains-pe | |
https://blogs.forcepoint.com/security-labs/zeus-delivered-deloader-defraud-custoChinese | |
https://research.checkpoint.com/apt-attack-middle-east-big-bang/ | |
https://cert.gov.il/Updates/Alerts/SiteAssets/CERT-IL-ALERT-W-120.pdfLegspin | |
https://securingtomorrow.mcafee.com/mcafee-labs/gold-dragon-widens-olympics-malw-Gold | |
https://researchcenter.paloaltonetworks.com/2017/11/unit42-new-malware-with-tieseNew |
Name | File Type | Hashes | Detection |
---|---|---|---|
C:\Users\user\Desktop\otx-c2-iocs.txt |
Unknown | # | |
C:\Users\user\Desktop\filename-iocs.txt |
Unknown | # | |
C:\Users\user\Desktop\lib\win32ui.pyd |
Unknown | # | |
Click to see the 97 hidden entries | |||
C:\Users\user\Desktop\status.log |
ASCII text, with no line terminators | # | |
C:\Users\user\Desktop\python27.dll |
Unknown | # | |
C:\Users\user\Desktop\otx-hash-iocs.txt |
Unknown | # | |
C:\Users\user\Desktop\otx-filename-iocs.txt |
Unknown | # | |
C:\Users\user\Desktop\otx-c2-iocs-ipv4.txt |
Unknown | # | |
C:\Users\user\Desktop\msvcr100.dll |
Unknown | # | |
C:\Users\user\Desktop\msvcp90.dll |
Unknown | # | |
C:\Users\user\Desktop\msvcm90.dll |
Unknown | # | |
C:\Users\user\Desktop\lib\yara.pyd |
Unknown | # | |
C:\Users\user\Desktop\lib\winxpgui.pyd |
Unknown | # | |
C:\Users\user\Desktop\lib\win32wnet.pyd |
Unknown | # | |
C:\Users\user\Desktop\tcl\clock.tcl |
Unknown | # | |
C:\Users\user\Desktop\lib\win32trace.pyd |
Unknown | # | |
C:\Users\user\Desktop\lib\win32process.pyd |
Unknown | # | |
C:\Users\user\Desktop\lib\win32pipe.pyd |
Unknown | # | |
C:\Users\user\Desktop\lib\win32pdh.pyd |
Unknown | # | |
C:\Users\user\Desktop\lib\win32gui.pyd |
Unknown | # | |
C:\Users\user\Desktop\lib\win32file.pyd |
Unknown | # | |
C:\Users\user\Desktop\lib\win32event.pyd |
Unknown | # | |
C:\Users\user\Desktop\lib\win32com.taskscheduler.taskscheduler.pyd |
Unknown | # | |
C:\Users\user\Desktop\lib\win32com.shell.shell.pyd |
Unknown | # | |
C:\Users\user\Desktop\lib\win32com.propsys.propsys.pyd |
Unknown | # | |
C:\Users\user\Desktop\lib\win32com.mapi.mapi.pyd |
Unknown | # | |
C:\Users\user\Desktop\tcl\encoding\cp1258.enc |
Unknown | # | |
C:\Users\user\Desktop\tcl\encoding\cp864.enc |
Unknown | # | |
C:\Users\user\Desktop\tcl\encoding\cp863.enc |
Unknown | # | |
C:\Users\user\Desktop\tcl\encoding\cp862.enc |
Unknown | # | |
C:\Users\user\Desktop\tcl\encoding\cp861.enc |
Unknown | # | |
C:\Users\user\Desktop\tcl\encoding\cp860.enc |
Unknown | # | |
C:\Users\user\Desktop\tcl\encoding\cp857.enc |
Unknown | # | |
C:\Users\user\Desktop\tcl\encoding\cp855.enc |
Unknown | # | |
C:\Users\user\Desktop\tcl\encoding\cp852.enc |
Unknown | # | |
C:\Users\user\Desktop\tcl\encoding\cp850.enc |
Unknown | # | |
C:\Users\user\Desktop\tcl\encoding\cp775.enc |
Unknown | # | |
C:\Users\user\Desktop\tcl\encoding\cp737.enc |
Unknown | # | |
C:\Users\user\Desktop\tcl\encoding\cp437.enc |
Unknown | # | |
C:\Users\user\Desktop\tcl\auto.tcl |
Unknown | # | |
C:\Users\user\Desktop\tcl\encoding\cp1257.enc |
Unknown | # | |
C:\Users\user\Desktop\tcl\encoding\cp1256.enc |
Unknown | # | |
C:\Users\user\Desktop\tcl\encoding\cp1255.enc |
Unknown | # | |
C:\Users\user\Desktop\tcl\encoding\cp1254.enc |
Unknown | # | |
C:\Users\user\Desktop\tcl\encoding\cp1253.enc |
Unknown | # | |
C:\Users\user\Desktop\tcl\encoding\cp1252.enc |
Unknown | # | |
C:\Users\user\Desktop\tcl\encoding\cp1251.enc |
Unknown | # | |
C:\Users\user\Desktop\tcl\encoding\cp1250.enc |
Unknown | # | |
C:\Users\user\Desktop\tcl\encoding\big5.enc |
Unknown | # | |
C:\Users\user\Desktop\tcl\encoding\ascii.enc |
Unknown | # | |
C:\Users\user\Desktop\lib\win32com.mapi.exchdapi.pyd |
Unknown | # | |
C:\Users\user\Desktop\hash-iocs.txt |
Unknown | # | |
C:\Users\user\Desktop\lib\cryptography.hazmat.bindings._constant_time.pyd |
Unknown | # | |
C:\Users\user\Desktop\lib\bz2.pyd |
Unknown | # | |
C:\Users\user\Desktop\lib\_win32sysloader.pyd |
Unknown | # | |
C:\Users\user\Desktop\lib\_tkinter.pyd |
Unknown | # | |
C:\Users\user\Desktop\lib\_ssl.pyd |
Unknown | # | |
C:\Users\user\Desktop\lib\_socket.pyd |
Unknown | # | |
C:\Users\user\Desktop\lib\_multiprocessing.pyd |
Unknown | # | |
C:\Users\user\Desktop\lib\_hashlib.pyd |
Unknown | # | |
C:\Users\user\Desktop\lib\_ctypes.pyd |
Unknown | # | |
C:\Users\user\Desktop\lib\_cffi_backend.pyd |
Unknown | # | |
C:\Users\user\Desktop\lib\MSVCR90.dll |
Unknown | # | |
C:\Users\user\Desktop\keywords.txt |
Unknown | # | |
C:\Users\user\Desktop\lib\cryptography.hazmat.bindings._openssl.pyd |
Unknown | # | |
C:\Users\user\Desktop\fc38c7ee-ad18-4c74-a67c-9df763b1d8a4.bin |
ASCII text, with very long lines, with CRLF line terminators | # | |
C:\Users\user\Desktop\falsepositive-hashes.txt |
Unknown | # | |
C:\Users\user\Desktop\c2-iocs.txt |
Unknown | # | |
C:\Users\user\Desktop\ad421c32-aaf8-4995-847c-18069215aace.md |
Unknown | # | |
C:\Users\user\Desktop\a6be3467-9cec-43b3-8e87-ded73d446923.bin |
ASCII text, with very long lines, with CRLF line terminators | # | |
C:\Users\user\Desktop\Microsoft.VC90.CRT.manifest |
Unknown | # | |
C:\Users\user\Desktop\MSVCR90.dll |
Unknown | # | |
C:\Users\user\Desktop\9703e260-d265-4332-8de3-4e5fab56a248.dll |
Unknown | # | |
C:\Users\user\Desktop\93d72046-08db-4412-ab52-b014148c1823.bin |
ASCII text, with very long lines, with CRLF line terminators | # | |
C:\Users\user\Desktop\2a5e15fa-fe3f-471c-b784-6a56e4aeac95.bin |
ASCII text, with CRLF line terminators | # | |
C:\Users\user\Desktop\28f4fa56-e109-42e0-9d12-1e216cf1181f.bin |
ASCII text, with very long lines, with CRLF line terminators | # | |
C:\Users\user\Desktop\lib\win32api.pyd |
Unknown | # | |
C:\Users\user\Desktop\lib\win32com.mapi.exchange.pyd |
Unknown | # | |
C:\Users\user\Desktop\lib\win32com.internet.internet.pyd |
Unknown | # | |
C:\Users\user\Desktop\lib\win32com.ifilter.ifilter.pyd |
Unknown | # | |
C:\Users\user\Desktop\lib\win32com.directsound.directsound.pyd |
Unknown | # | |
C:\Users\user\Desktop\lib\win32com.bits.bits.pyd |
Unknown | # | |
C:\Users\user\Desktop\lib\win32com.axscript.axscript.pyd |
Unknown | # | |
C:\Users\user\Desktop\lib\win32com.axdebug.axdebug.pyd |
Unknown | # | |
C:\Users\user\Desktop\lib\win32com.axcontrol.axcontrol.pyd |
Unknown | # | |
C:\Users\user\Desktop\lib\win32com.authorization.authorization.pyd |
Unknown | # | |
C:\Users\user\Desktop\lib\win32com.adsi.adsi.pyd |
Unknown | # | |
C:\Users\user\Desktop\lib\win32clipboard.pyd |
Unknown | # | |
C:\Users\user\Desktop\00554e26-4141-4a67-98c4-9454bf8d1c70.dll |
Unknown | # | |
C:\Users\user\Desktop\lib\unicodedata.pyd |
Unknown | # | |
C:\Users\user\Desktop\lib\tk85.dll |
Unknown | # | |
C:\Users\user\Desktop\lib\tcl85.dll |
Unknown | # | |
C:\Users\user\Desktop\lib\select.pyd |
Unknown | # | |
C:\Users\user\Desktop\lib\pywintypes27.dll |
Unknown | # | |
C:\Users\user\Desktop\lib\pythoncom27.dll |
Unknown | # | |
C:\Users\user\Desktop\lib\python27.dll |
Unknown | # | |
C:\Users\user\Desktop\lib\pyexpat.pyd |
Unknown | # | |
C:\Users\user\Desktop\lib\mfc90.dll |
Unknown | # | |
C:\Users\user\Desktop\lib\library.zip |
Unknown | # | |
C:\Users\user\Desktop\lib\cryptography.hazmat.bindings._padding.pyd |
Unknown | # |