57820 | MALWARE-OTHER ASPXSpy webshell download attempt | www.virustotal.com/gui/file/e4ea1728e19699612b5614cc0b8829a4bf749870648be6efc1b8a88c036f3607/detection |
57681 | MALWARE-OTHER Sliver HTTP implant outbound poll attempt | github.com/bishopfox/sliver |
57824 | MALWARE-CNC ASPXSpy webshell outbound connection attempt | |
57782 | MALWARE-CNC Win.Backdoor.IPsecHelper outbound connection attempt | |
57780 | MALWARE-CNC Win.Backdoor.IPsecHelper outbound connection attempt | |
57781 | MALWARE-CNC Win.Backdoor.IPsecHelper outbound connection attempt | |
57786 | MALWARE-OTHER Win.Packed.SmokeLoader ransomware executable download attempt | www.virustotal.com/gui/file/d21c71a090cd6759efc1f258b4d087e82c281ce65a9d76f20a24857901e694fc/detection |
57743 | MALWARE-CNC Java.Backdoor.StrRAT outbound connection attempt | www.virustotal.com/gui/file/7c24d99685623b604aa4b2686e9c1b843a4243eb1b0b7b096d73bcae3d8d5a79/detection |
57694 | MALWARE-TOOLS Py.Trojan.NecroBot malicious download attempt | www.virustotal.com/en/file/d58c3694832812bc168834e2b8b3bfcb92f85a9d4523140ad010497baabc2c3d/analysis/ |
57691 | MALWARE-OTHER Win.Trojan.Nobelium CobaltStrike beacon downloadattempt | microsoft.com/security/blog/2021/05/27/new-sophisticated-email-based-attack-from-nobelium/ |
57693 | MALWARE-TOOLS Py.Trojan.NecroBot TODELETE ious download attempt | www.virustotal.com/en/file/8797ce228b32d890773d5dbac71cefa505b788cc8b25929be9832db422d8239b/analysis/ |
57702 | MALWARE-TOOLS Win.Trojan.NecroBot malicious download attempt | www.virustotal.com/en/file/19c25ce4302050aec3c921dd5cac546e8200a7e951d570b52fe344c421105ea8/analysis/ |
57700 | MALWARE-TOOLS Js.Trojan.NecroBot malicious download attempt | www.virustotal.com/en/file/e884bd4015d1b97227074bcf6cb9e8134b7afcfb6a3db758ca4654088403430a/analysis/ |
57706 | MALWARE-TOOLS Unix.Trojan.NecroBot malicious download attempt | www.virustotal.com/en/file/2b77b93b8e1b8ef8650957d15aaf336cf70a7df184da060f86b9892c54eefb65/analysis/ |
57704 | MALWARE-TOOLS Win.Trojan.NecroBot malicious download attempt | www.virustotal.com/en/file/606258f10519be325c39900504e50d79e551c7a9399efb9b22a7323da3f6aa7a/analysis/ |
57708 | MALWARE-TOOLS Unix.Trojan.NecroBot malicious download attempt | www.virustotal.com/en/file/80659cc37cb7fb831866f7d7b0043edc6918a99590bd9122815e18abb68daa35/analysis/ |
57721 | MALWARE-BACKDOOR Win.Trojan.Moserpass outbound request attempt | www.virustotal.com/gui/file/c2169ab4a39220d21709964d57e2eafe4b68c115061cbb64507cfbbddbe635c6/ |
6407 | APP-DETECT Gizmo register VOIP state | |
57696 | MALWARE-TOOLS Py.Trojan.NecroBot malicious download attempt | www.virustotal.com/en/file/8797ce228b32d890773d5dbac71cefa505b788cc8b25929be9832db422d8239b/analysis/ |
57697 | MALWARE-TOOLS Html.Trojan.NecroBot malicious download attempt | www.virustotal.com/en/file/d6403b9c069f08939fc2f9669dc7d5165ed66a1cae07788c3b27fffb30e890a0/analysis/ |
57690 | MALWARE-OTHER Win.Trojan.Nobelium ISO download attempt | microsoft.com/security/blog/2021/05/27/new-sophisticated-email-based-attack-from-nobelium/ |
57816 | MALWARE-OTHER ASPXSpy webshell download attempt | www.virustotal.com/gui/file/e9c6f384b63ebeaa729b7c97a179d409cdd859315ee2f6372a2a550e567445f/detection |
57817 | MALWARE-OTHER ASPXSpy webshell upload attempt | www.virustotal.com/gui/file/e9c6f384b63ebeaa729b7c97a179d409cdd859315ee2f6372a2a550e567445f/detection |
57814 | MALWARE-OTHER Win.Trojan.Deadwood download attempt | www.virustotal.com/gui/file/5eb5922b467474dccc7ab8780e32697f5afd59e8108b0cdafefb627b02bbd9ba/detection |
57815 | MALWARE-OTHER Win.Trojan.Apostle download attempt | www.virustotal.com/gui/file/19dbed996b1a814658bef433bad62b03e5c59c2bf2351b793d1a5d4a5216d27e/detection |
57818 | MALWARE-OTHER Win.Backdoor.IPSecHelper download attempt | www.virustotal.com/gui/file/40f329d0aaba0d55fc657802761c78be74e19a553de6fd2df592bccf3119ec16/detection |
57819 | MALWARE-OTHER ASPXSpy webshell upload attempt | www.virustotal.com/gui/file/e4ea1728e19699612b5614cc0b8829a4bf749870648be6efc1b8a88c036f3607/detection |
57858 | MALWARE-CNC Win.Downloader.VictoryDll outbound connection attempt | research.checkpoint.com/2021/chinese-apt-group-targets-southeast-asian-government-with-previously-unknown-backdoor/ |
57852 | MALWARE-OTHER Win.Downloader.VictoryDll variant download attempt | www.virustotal.com/gui/file/d198c4d82eba42cc3ae512e4a1d4ce85ed92f3e5fdff5c248acd7b32bd46dc75/detection |
57870 | MALWARE-CNC Netfilter rootkit outbound connection attempt | msrc-blog.microsoft.com/2021/06/25/investigating-and-mitigating-malicious-drivers/ |
57871 | MALWARE-CNC Netfilter rootkit download attempt | msrc-blog.microsoft.com/2021/06/25/investigating-and-mitigating-malicious-drivers/ |
57874 | MALWARE-OTHER Win.Ransomware.Babuk payload download attempt | www.virustotal.com/gui/file/2138c8a34a1eff40ba3fc81b6e3b7564c6b695b140e82f3fcf23b2ec2bf291cf/detection |
57826 | MALWARE-CNC ASPXSpy webshell inbound connection attempt | |
57676 | MALWARE-OTHER Sliver HTTP implant outbound public key request
attempt | github.com/bishopfox/sliver |
57677 | MALWARE-OTHER Sliver HTTP implant outbound session initializationattempt | github.com/bishopfox/sliver |
57675 | MALWARE-OTHER Sliver HTTP implant outbound public key request
attempt | github.com/bishopfox/sliver |
57678 | MALWARE-OTHER Sliver HTTP implant outbound message attempt | github.com/bishopfox/sliver |
57679 | MALWARE-OTHER Sliver HTTP implant outbound message attempt | github.com/bishopfox/sliver |
57797 | INDICATOR-OBFUSCATION Javascript obfuscation using parseInt | |
57788 | MALWARE-OTHER Win.Trojan.Lazagne malicious executable downloadattempt | www.virustotal.com/gui/file/5a2e947aace9e081ecd2cfa7bc2e485528238555c7eeb6bcca560576d4750a50/detection |
57787 | MALWARE-OTHER Win.Malware.Agent malicious executable download
attempt | www.virustotal.com/gui/file/234e4df3d9304136224f2a6c37cb6b5f6d8336c4e105afce857832015e97f27a/detection |
57838 | BROWSER-CHROME Google Chrome NewFixedDoubleArray memorycorruption attempt | |
57832 | OS-OTHER Apple macOS Gatekeeper bypass attempt | CVE-2021-30657 |
57682 | MALWARE-OTHER Sliver HTTP implant outbound public key request
attempt | github.com/bishopfox/sliver |
57773 | MALWARE-CNC Win.Trojan.Bazaloader variant outbound request detected | |
57710 | MALWARE-TOOLS Win.Trojan.NecroBot malicious download attempt | www.virustotal.com/en/file/19269ce9a0a44aca9d6b2deed7de71cf576ac611787c2af46819ca2aff44ce2a/analysis/ |
57712 | MALWARE-TOOLS Win.Trojan.NecroBot malicious download attempt | www.virustotal.com/en/file/a8bb386fa3a6791e72f5ec6f1dc26359b00d0ee8cb0ce866f452b7fff6dbb319/analysis/ |
57715 | MALWARE-CNC Multios.Trojan.NecroBot outbound connection attempt | www.virustotal.com/en/file/8797ce228b32d890773d5dbac71cefa505b788cc8b25929be9832db422d8239b/analysis/ |
57714 | MALWARE-CNC Multios.Trojan.NecroBot outbound connection attempt | www.virustotal.com/en/file/8797ce228b32d890773d5dbac71cefa505b788cc8b25929be9832db422d8239b/analysis/ |
57717 | MALWARE-CNC Multios.Trojan.NecroBot outbound connection attempt | www.virustotal.com/en/file/8797ce228b32d890773d5dbac71cefa505b788cc8b25929be9832db422d8239b/analysis/ |
57716 | MALWARE-CNC Multios.Trojan.NecroBot outbound connection attempt | www.virustotal.com/en/file/8797ce228b32d890773d5dbac71cefa505b788cc8b25929be9832db422d8239b/analysis/ |
57739 | MALWARE-OTHER Win.Trojan.C3Framework payload download attempt | www.virustotal.com/gui/file/04e4d5038235157b0e708831ead40cc97eeb1e82cb8eb4be8357e3698ec2d51a/detection |
57840 | BROWSER-CHROME Google Chrome NewFixedDoubleArray memorycorruption attempt | |
57846 | MALWARE-CNC Win.Trojan.ActionRAT variant outbound connection | www.virustotal.com/gui/file/e53a25c5ee5de4c9dc4ca531293270d1aa921b9fc110ecb2a0afb57872c51324/detection |
57680 | MALWARE-OTHER Sliver HTTP implant outbound message attempt | github.com/bishopfox/sliver |
57687 | MALWARE-OTHER Win.Trojan.Nobelium malicious shortcut download
attempt | |
57850 | MALWARE-OTHER Win.Backdoor.VictoryDll variant download attempt | www.virustotal.com/gui/file/0e8fb748cd58ab2fa754e2fa16e4390327a10593ca72bb6a3b90a1885cbe5387/detection |
57851 | MALWARE-OTHER Doc.Dropper.RoyalRoadRTF variant download attempt | www.virustotal.com/gui/file/d198c4d82eba42cc3ae512e4a1d4ce85ed92f3e5fdff5c248acd7b32bd46dc75/detection |
57740 | MALWARE-OTHER Win.Trojan.C3Framework payload download attempt | www.virustotal.com/gui/file/04e4d5038235157b0e708831ead40cc97eeb1e82cb8eb4be8357e3698ec2d51a/detection |
57823 | MALWARE-CNC ASPXSpy webshell outbound connection attempt | |
57827 | MALWARE-CNC ASPXSpy webshell inbound connection attempt | |
57825 | MALWARE-CNC ASPXSpy webshell inbound connection attempt | |
57828 | MALWARE-CNC ASPXSpy webshell outbound connection attempt | |
57849 | MALWARE-CNC Win.Trojan.CetaRAT variant outbound connection | www.virustotal.com/gui/file/3f34c61025b5cf46075d79e68efb5da0f4ac01c113d8c1aaff3903ccd9a0fa3e/detection |
57848 | MALWARE-CNC Win.Trojan.CetaRAT variant outbound connection | www.virustotal.com/gui/file/19e680eaa52c0ad14274b04141a8e172d2ec1a01a3f429263090a990120ad9df/detection |
57843 | MALWARE-CNC Win.Trojan.ActionRAT variant outbound connection | www.virustotal.com/gui/file/45918acc04ad790445fd423b348aa88855570d57ebed870741603a7e5473d456/detection |
57842 | MALWARE-CNC Win.Trojan.ActionRAT variant outbound connection | www.virustotal.com/gui/file/120d1835df79b464dce91fd4151a69bae5ef5603e6eb4821a79f8a84767f7724/detection |
57845 | MALWARE-CNC Win.Trojan.ActionRAT variant outbound connection | www.virustotal.com/gui/file/433a3e3023179959f8d99d29a645f0c29ed86beb172c23b22ca311a767cfbb74/detection |
57844 | MALWARE-CNC Win.Trojan.ActionRAT variant outbound connection | www.virustotal.com/gui/file/3a435ad1c01335d31c05ca77a125d0162c223c135363c120071b7bac284a64e3/detection |
57847 | MALWARE-CNC Win.Trojan.CetaRAT variant outbound connection | www.virustotal.com/gui/file/fa02de1f2dbd29f19e8ab0ff2931b063bd8f8ccadf0d7e321f0a02d2e2f86419/detection |
57867 | MALWARE-CNC Netfilter rootkit download attempt | msrc-blog.microsoft.com/2021/06/25/investigating-and-mitigating-malicious-drivers/ |
57866 | MALWARE-CNC Netfilter rootkit outbound connection attempt | msrc-blog.microsoft.com/2021/06/25/investigating-and-mitigating-malicious-drivers/ |
57865 | MALWARE-CNC Netfilter rootkit download attempt | msrc-blog.microsoft.com/2021/06/25/investigating-and-mitigating-malicious-drivers/ |
57864 | MALWARE-CNC Netfilter rootkit outbound connection attempt | msrc-blog.microsoft.com/2021/06/25/investigating-and-mitigating-malicious-drivers/ |
57869 | MALWARE-CNC Netfilter rootkit outbound connection attempt | msrc-blog.microsoft.com/2021/06/25/investigating-and-mitigating-malicious-drivers/ |
57868 | MALWARE-CNC Netfilter rootkit outbound connection attempt | msrc-blog.microsoft.com/2021/06/25/investigating-and-mitigating-malicious-drivers/ |
57998 | BROWSER-IE Microsoft Internet Explorer memory corruption attempt | CVE-2021-34480 |