57820 | MALWARE-OTHER ASPXSpy webshell download attempt | www.virustotal.com/g ui/file/e4ea1728e196 99612b5614cc0b882 9a4bf749870648be6 efc1b8a88c036f3607 /detection |
57681 | MALWARE-OTHER Sliver HTTP implant outbound poll attempt | github.com/bishopfox /sliver |
57824 | MALWARE-CNC ASPXSpy webshell outbound connection attempt | abs.sentinelone.com /from-wiper-to-ranso mware-the-evolutionof-agrius/ |
57782 | MALWARE-CNC Win.Backdoor.IPsecHelper outbound connection attempt | labs.sentinelone.com /from-wiper-to-ranso mware-the-evolutionof-agrius/ |
57780 | MALWARE-CNC Win.Backdoor.IPsecHelper outbound connection attempt | labs.sentinelone.com /from-wiper-to-ranso mware-the-evolutionof-agrius/ |
57781 | MALWARE-CNC Win.Backdoor.IPsecHelper outbound connection attempt | labs.sentinelone.com /from-wiper-to-ranso mware-the-evolutionof-agrius/ |
57786 | MALWARE-OTHER Win.Packed.SmokeLoader ransomware executable download attempt | virustotal.com/gui/file/d21c71a090cd6759 efc1f258b4d087e82c 281ce65a9d76f20a2 4857901e694fc/dete ction |
57743 | MALWARE-CNC Java.Backdoor.StrRAT outbound connection attempt | www.virustotal.com/g ui/file/7c24d9968562 3b604aa4b2686e9c1 b843a4243eb1b0b7b 096d73bcae3d8d5a7 9/detection |
57694 | MALWARE-TOOLS Py.Trojan.NecroBot malicious download attempt | virustotal.com/en/file/ d58c3694832812bc1 68834e2b8b3bfcb92f 85a9d4523140ad010 497baabc2c3d/analy sis/ |
57691 | MALWARE-OTHER Win.Trojan.Nobelium CobaltStrike beacon downloadattempt | microsoft.com/securit y/blog/2021/05/27/ne w-sophisticated-emai l-based-attack-from-n obelium/ |
57693 | MALWARE-TOOLS Py.Trojan.NecroBot TODELETE ious download attempt | virustotal.com/en/file/ 8797ce228b32d8907 73d5dbac71cefa505 b788cc8b25929be98 32db422d8239b/anal ysis/ |
57702 | MALWARE-TOOLS Win.Trojan.NecroBot malicious download attempt | virustotal.com/en/file/ 19c25ce4302050aec 3c921dd5cac546e82 00a7e951d570b52fe 344c421105ea8/anal ysis/ |
57700 | MALWARE-TOOLS Js.Trojan.NecroBot malicious download attempt | virustotal.com/en/file/ e884bd4015d1b9722 7074bcf6cb9e8134b 7afcfb6a3db758ca46 54088403430a/analy sis/ |
57706 | MALWARE-TOOLS Unix.Trojan.NecroBot malicious download attempt | virustotal.com/en/file/ 2b77b93b8e1b8ef86 50957d15aaf336cf70 a7df184da060f86b98 92c54eefb65/analysis/ |
57704 | MALWARE-TOOLS Win.Trojan.NecroBot malicious download attempt | virustotal.com/en/file/ 606258f10519be325 c39900504e50d79e5 51c7a9399efb9b22a 7323da3f6aa7a/anal ysis/ |
57708 | MALWARE-TOOLS Unix.Trojan.NecroBot malicious download attempt | virustotal.com/en/file/ 80659cc37cb7fb8318 66f7d7b0043edc691 8a99590bd9122815e 18abb68daa35/analy sis/ |
57721 | MALWARE-BACKDOOR Win.Trojan.Moserpass outbound request attempt | www.virustotal.com/g ui/file/c2169ab4a392 20d21709964d57e2e afe4b68c115061cbb6 4507cfbbddbe635c6/ |
6407 | APP-DETECT Gizmo register VOIP state | www.gizmoproject.co m |
57696 | MALWARE-TOOLS Py.Trojan.NecroBot malicious download attempt | virustotal.com/en/file/ 8797ce228b32d8907 73d5dbac71cefa505 b788cc8b25929be98 32db422d8239b/anal ysis/ |
57697 | MALWARE-TOOLS Html.Trojan.NecroBot malicious download attempt | virustotal.com/en/file/ d6403b9c069f08939f c2f9669dc7d5165ed 66a1cae07788c3b27 fffb30e890a0/analysi s/ |
57690 | MALWARE-OTHER Win.Trojan.Nobelium ISO download attempt | microsoft.com/securit y/blog/2021/05/27/ne w-sophisticated-emai l-based-attack-from-n obelium/ |
57816 | MALWARE-OTHER ASPXSpy webshell download attempt | www.virustotal.com/g ui/file/e9c6f384b63eb eaa729b7c97a179d4 09cdd859315ee2f63 72a2a550e567445f/d etection |
57817 | MALWARE-OTHER ASPXSpy webshell upload attempt | www.virustotal.com/gui/file/e9c6f384b63eb eaa729b7c97a179d4 09cdd859315ee2f63 72a2a550e567445f/d etection |
57814 | MALWARE-OTHER Win.Trojan.Deadwood download attempt | www.virustotal.com/g ui/file/5eb5922b4674 74dccc7ab8780e326 97f5afd59e8108b0cd afefb627b02bbd9ba/ detection |
57815 | MALWARE-OTHER Win.Trojan.Apostle download attempt | www.virustotal.com/g ui/file/19dbed996b1a 814658bef433bad62 b03e5c59c2bf2351b 793d1a5d4a5216d27 e/detection |
57818 | MALWARE-OTHER Win.Backdoor.IPSecHelper download attempt | www.virustotal.com/g ui/file/40f329d0aaba0 d55fc657802761c78 be74e19a553de6fd2 df592bccf3119ec16/d etection |
57819 | MALWARE-OTHER ASPXSpy webshell upload attempt | www.virustotal.com/g ui/file/e4ea1728e196 99612b5614cc0b882 9a4bf749870648be6 efc1b8a88c036f3607 /detection |
57858 | MALWARE-CNC Win.Downloader.VictoryDll outbound connection attempt | research.checkpoint. com/2021/chinese-ap t-group-targets-south east-asian-governme nt-with-previously-un known-backdoor/ |
57852 | MALWARE-OTHER Win.Downloader.VictoryDll variant download attempt | www.virustotal.com/g ui/file/d198c4d82eba 42cc3ae512e4a1d4c e85ed92f3e5fdff5c24 8acd7b32bd46dc75/ detection |
57870 | MALWARE-CNC Netfilter rootkit outbound connection attempt | msrc-blog.microsoft.c om/2021/06/25/invest igating-and-mitigating -malicious-drivers/ |
57871 | MALWARE-CNC Netfilter rootkit download attempt | msrc-blog.microsoft.c om/2021/06/25/invest igating-and-mitigating -malicious-drivers/ |
57874 | MALWARE-OTHER Win.Ransomware.Babuk payload download attempt | www.virustotal.com/g ui/file/2138c8a34a1ef f40ba3fc81b6e3b756 4c6b695b140e82f3fc f23b2ec2bf291cf/det ection |
57826 | MALWARE-CNC ASPXSpy webshell inbound connection attempt | labs.sentinelone.com /from-wiper-to-ranso mware-the-evolutionof-agrius/ |
57676 | MALWARE-OTHER Sliver HTTP implant outbound public key request
attempt | github.com/bishopfox /sliver |
57677 | MALWARE-OTHER Sliver HTTP implant outbound session initializationattempt | github.com/bishopfox /sliver |
57675 | MALWARE-OTHER Sliver HTTP implant outbound public key request
attempt | github.com/bishopfox /sliver |
57678 | MALWARE-OTHER Sliver HTTP implant outbound message attempt | github.com/bishopfox /sliver |
57679 | MALWARE-OTHER Sliver HTTP implant outbound message attempt | github.com/bishopfox /sliver |
57797 | INDICATOR-OBFUSCATION Javascript obfuscation using parseInt | attack.mitre.org/tech niques/t1027 |
57788 | MALWARE-OTHER Win.Trojan.Lazagne malicious executable downloadattempt | virustotal.com/gui/file /5a2e947aace9e081 ecd2cfa7bc2e485528 238555c7eeb6bcca5 60576d4750a50/dete ction |
57787 | MALWARE-OTHER Win.Malware.Agent malicious executable download
attempt | virustotal.com/gui/file /234e4df3d93041362 24f2a6c37cb6b5f6d8 336c4e105afce8578 32015e97f27a/detect ion |
57838 | BROWSER-CHROME Google Chrome NewFixedDoubleArray memorycorruption attempt | |
57832 | OS-OTHER Apple macOS Gatekeeper bypass attempt | CVE-2021-30657 |
57682 | MALWARE-OTHER Sliver HTTP implant outbound public key request
attempt | github.com/bishopfox /sliver |
57773 | MALWARE-CNC Win.Trojan.Bazaloader variant outbound request detected | |
57710 | MALWARE-TOOLS Win.Trojan.NecroBot malicious download attempt | virustotal.com/en/file/ 19269ce9a0a44aca9 d6b2deed7de71cf57 6ac611787c2af46819 ca2aff44ce2a/analysi s/ |
57712 | MALWARE-TOOLS Win.Trojan.NecroBot malicious download attempt | virustotal.com/en/file/ a8bb386fa3a6791e7 2f5ec6f1dc26359b00 d0ee8cb0ce866f452 b7fff6dbb319/analysi s/ |
57715 | MALWARE-CNC Multios.Trojan.NecroBot outbound connection attempt | virustotal.com/en/file/ 8797ce228b32d8907 73d5dbac71cefa505 b788cc8b25929be98 32db422d8239b/anal ysis/ |
57714 | MALWARE-CNC Multios.Trojan.NecroBot outbound connection attempt | virustotal.com/en/file/ 8797ce228b32d8907 73d5dbac71cefa505 b788cc8b25929be98 32db422d8239b/anal ysis/ |
57717 | MALWARE-CNC Multios.Trojan.NecroBot outbound connection attempt | virustotal.com/en/file/ 8797ce228b32d8907 73d5dbac71cefa505 b788cc8b25929be98 32db422d8239b/anal ysis/ |
57716 | MALWARE-CNC Multios.Trojan.NecroBot outbound connection attempt | virustotal.com/en/file/ 8797ce228b32d8907 73d5dbac71cefa505 b788cc8b25929be98 32db422d8239b/anal ysis/ |
57739 | MALWARE-OTHER Win.Trojan.C3Framework payload download attempt | www.virustotal.com/g ui/file/04e4d5038235 157b0e708831ead40 cc97eeb1e82cb8eb4 be8357e3698ec2d51 a/detection |
57840 | BROWSER-CHROME Google Chrome NewFixedDoubleArray memorycorruption attempt | |
57846 | MALWARE-CNC Win.Trojan.ActionRAT variant outbound connection | www.virustotal.com/g ui/file/e53a25c5ee5d e4c9dc4ca53129327 0d1aa921b9fc110ecb 2a0afb57872c51324/ detection |
57680 | MALWARE-OTHER Sliver HTTP implant outbound message attempt | github.com/bishopfox /sliver |
57687 | MALWARE-OTHER Win.Trojan.Nobelium malicious shortcut download
attempt | |
57850 | MALWARE-OTHER Win.Backdoor.VictoryDll variant download attempt | www.virustotal.com/g ui/file/0e8fb748cd58a b2fa754e2fa16e4390 327a10593ca72bb6a 3b90a1885cbe5387/ detection |
57851 | MALWARE-OTHER Doc.Dropper.RoyalRoadRTF variant download attempt | www.virustotal.com/g ui/file/d198c4d82eba 42cc3ae512e4a1d4c e85ed92f3e5fdff5c24 8acd7b32bd46dc75/ detection |
57740 | MALWARE-OTHER Win.Trojan.C3Framework payload download attempt | www.virustotal.com/g ui/file/04e4d5038235 157b0e708831ead40 cc97eeb1e82cb8eb4 be8357e3698ec2d51 a/detection |
57823 | MALWARE-CNC ASPXSpy webshell outbound connection attempt | labs.sentinelone.com /from-wiper-to-ranso mware-the-evolutionof-agrius/ |
57827 | MALWARE-CNC ASPXSpy webshell inbound connection attempt | labs.sentinelone.com /from-wiper-to-ranso mware-the-evolutionof-agrius/ |
57825 | MALWARE-CNC ASPXSpy webshell inbound connection attempt | labs.sentinelone.com /from-wiper-to-ranso mware-the-evolutionof-agrius/ |
57828 | MALWARE-CNC ASPXSpy webshell outbound connection attempt | labs.sentinelone.com /from-wiper-to-ranso mware-the-evolutionof-agrius/ |
57849 | MALWARE-CNC Win.Trojan.CetaRAT variant outbound connection | www.virustotal.com/g ui/file/3f34c61025b5c f46075d79e68efb5da 0f4ac01c113d8c1aaff 3903ccd9a0fa3e/det ection |
57848 | MALWARE-CNC Win.Trojan.CetaRAT variant outbound connection | www.virustotal.com/g ui/file/19e680eaa52c 0ad14274b04141a8e 172d2ec1a01a3f429 263090a990120ad9d f/detection |
57843 | MALWARE-CNC Win.Trojan.ActionRAT variant outbound connection | www.virustotal.com/g ui/file/45918acc04ad 790445fd423b348aa 88855570d57ebed87 0741603a7e5473d45 6/detection |
57842 | MALWARE-CNC Win.Trojan.ActionRAT variant outbound connection | www.virustotal.com/g ui/file/120d1835df79b 464dce91fd4151a69 bae5ef5603e6eb482 1a79f8a84767f7724/ detection |
57845 | MALWARE-CNC Win.Trojan.ActionRAT variant outbound connection | www.virustotal.com/g ui/file/433a3e302317 9959f8d99d29a645f0 c29ed86beb172c23b 22ca311a767cfbb74/ detection |
57844 | MALWARE-CNC Win.Trojan.ActionRAT variant outbound connection | www.virustotal.com/g ui/file/3a435ad1c013 35d31c05ca77a125d 0162c223c135363c1 20071b7bac284a64e 3/detection |
57847 | MALWARE-CNC Win.Trojan.CetaRAT variant outbound connection | www.virustotal.com/g ui/file/fa02de1f2dbd2 9f19e8ab0ff2931b06 3bd8f8ccadf0d7e321 f0a02d2e2f86419/det ection |
57867 | MALWARE-CNC Netfilter rootkit download attempt | msrc-blog.microsoft.c om/2021/06/25/invest igating-and-mitigating -malicious-drivers/ |
57866 | MALWARE-CNC Netfilter rootkit outbound connection attempt | msrc-blog.microsoft.c om/2021/06/25/invest igating-and-mitigating -malicious-drivers/ |
57865 | MALWARE-CNC Netfilter rootkit download attempt | msrc-blog.microsoft.c om/2021/06/25/invest igating-and-mitigating -malicious-drivers/ |
57864 | MALWARE-CNC Netfilter rootkit outbound connection attempt | msrc-blog.microsoft.c om/2021/06/25/invest igating-and-mitigating -malicious-drivers/ |
57869 | MALWARE-CNC Netfilter rootkit outbound connection attempt | msrc-blog.microsoft.c om/2021/06/25/invest igating-and-mitigating -malicious-drivers/ |
57868 | MALWARE-CNC Netfilter rootkit outbound connection attempt | msrc-blog.microsoft.c om/2021/06/25/invest igating-and-mitigating -malicious-drivers/ |
57998 | BROWSER-IE Microsoft Internet Explorer memory corruption attempt | CVE-2021-34480 |