ASEC Weekly Malware Statistics (January 9th, 2023 – January 15th, 2023) - ASEC BLOG
Tags
| country: | Qatar |
| maec-delivery-vectors: | Watering Hole |
| attack-pattern: | Keylogging - T1056.001 Keylogging - T1417.001 Malware - T1587.001 Malware - T1588.001 Server - T1583.004 Server - T1584.004 |
Common Information
| Type | Value |
|---|---|
| UUID | 454bf224-2785-4a83-a05e-4a27dd620a91 |
| Fingerprint | ff191840adfa02b3 |
| Analysis status | DONE |
| Considered CTI value | 0 |
| Text language | |
| Published | Jan. 20, 2023, 2:04 p.m. |
| Added to db | Jan. 20, 2023, 8:25 a.m. |
| Last updated | Nov. 17, 2024, 6:53 p.m. |
| Headline | ASEC Weekly Malware Statistics (January 9th, 2023 – January 15th, 2023) |
| Title | ASEC Weekly Malware Statistics (January 9th, 2023 – January 15th, 2023) - ASEC BLOG |
| Detected Hints/Tags/Attributes | 33/3/81 |
Source URLs
| Redirection | Url | |
|---|---|---|
| Details | Source | https://asec.ahnlab.com/en/46169/ |
URL Provider
RSS Feed
| Details | Id | Enabled | Feed title | Url | Added to db |
|---|---|---|---|---|---|
| Details | 17 | ✔ | ASEC | https://asec.ahnlab.com/en/feed/ | 2024-08-30 22:08 |
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | Domain | 4 | vatra.at |
|
| Details | Domain | 4 | spbdg.ru |
|
| Details | Domain | 4 | skinndia.com |
|
| Details | Domain | 7 | mightys.at |
|
| Details | Domain | 4 | forwardstorage.biz |
|
| Details | Domain | 5 | gcl-gb.biz |
|
| Details | Domain | 3 | web-stat.biz |
|
| Details | Domain | 12 | wfsdragon.ru |
|
| Details | Domain | 2 | whatisart.top |
|
| Details | Domain | 2 | www.baskmarketing.online |
|
| Details | Domain | 2 | www.ciexol.xyz |
|
| Details | Domain | 2 | www.hairmall.info |
|
| Details | Domain | 2 | www.outreacmore.site |
|
| Details | Domain | 2 | www.wertoz.xyz |
|
| Details | Domain | 36 | us2.smtp.mailhostbox.com |
|
| Details | Domain | 5 | habitatbreks.org |
|
| Details | Domain | 2 | mail.sseximclearing.com |
|
| Details | Domain | 2 | sseximclearing.com |
|
| Details | Domain | 1174 | gmail.com |
|
| Details | Domain | 2 | smtp.elec-qatar.com |
|
| Details | Domain | 3 | elec-qatar.com |
|
| Details | Domain | 145 | api.telegram.org |
|
| Details | Domain | 3 | shopper.bulutlogistic.com |
|
| Details | 5 | support@habitatbreks.org |
||
| Details | 2 | saurav.roy@sseximclearing.com |
||
| Details | 4 | davidsurly1@gmail.com |
||
| Details | 3 | mohammed.abrar@elec-qatar.com |
||
| Details | 5 | jinhux31@gmail.com |
||
| Details | File | 1260 | explorer.exe |
|
| Details | File | 8 | statistics.php |
|
| Details | File | 24 | count.php |
|
| Details | File | 6 | loot.php |
|
| Details | File | 16 | check.php |
|
| Details | File | 49 | info.php |
|
| Details | File | 9 | setstats.php |
|
| Details | File | 48 | documents.exe |
|
| Details | File | 31 | document.exe |
|
| Details | File | 18 | advice.exe |
|
| Details | File | 14 | slip.exe |
|
| Details | File | 7 | docs.exe |
|
| Details | File | 2 | pfi20-21008_.exe |
|
| Details | File | 2 | gosusnh1637860.exe |
|
| Details | File | 47 | order.exe |
|
| Details | File | 2 | 000056.exe |
|
| Details | File | 2 | 303092.exe |
|
| Details | File | 17 | details.exe |
|
| Details | File | 32 | copy.exe |
|
| Details | File | 4 | enquiry.exe |
|
| Details | File | 2 | 221005549.exe |
|
| Details | File | 82 | fre.php |
|
| Details | IPv4 | 8 | 2.56.59.42 |
|
| Details | IPv4 | 2 | 212.192.241.62 |
|
| Details | IPv4 | 2 | 31.210.20.251 |
|
| Details | IPv4 | 21 | 45.139.105.171 |
|
| Details | IPv4 | 2 | 51.178.186.149 |
|
| Details | IPv4 | 3 | 208.67.105.148 |
|
| Details | IPv4 | 4 | 171.22.30.147 |
|
| Details | Url | 2 | http://vatra.at/tmp |
|
| Details | Url | 2 | http://spbdg.ru/tmp |
|
| Details | Url | 2 | http://skinndia.com/tmp |
|
| Details | Url | 5 | http://mightys.at/tmp |
|
| Details | Url | 2 | http://2.56.59.42/base/api/statistics.php |
|
| Details | Url | 2 | http://212.192.241.62/base/api/statistics.php |
|
| Details | Url | 2 | http://31.210.20.251/base/api/statistics.php |
|
| Details | Url | 3 | http://45.139.105.171/itsnotmalware/count.php?sub= |
|
| Details | Url | 2 | http://51.178.186.149/base/api/statistics.php |
|
| Details | Url | 2 | http://forwardstorage.biz/partner/loot.php?pub=mixone |
|
| Details | Url | 2 | http://gcl-gb.biz/check.php?pub=mixone |
|
| Details | Url | 2 | http://web-stat.biz/info.php?pub=mixtwo |
|
| Details | Url | 9 | http://wfsdragon.ru/api/setstats.php |
|
| Details | Url | 2 | http://whatisart.top/check.php?source=mix1h1 |
|
| Details | Url | 2 | http://www.baskmarketing.online/bd6z |
|
| Details | Url | 2 | http://www.ciexol.xyz/ci07 |
|
| Details | Url | 2 | http://www.hairmall.info/chd4 |
|
| Details | Url | 2 | http://www.outreacmore.site/neoe |
|
| Details | Url | 2 | http://www.wertoz.xyz/jn85 |
|
| Details | Url | 8 | https://api.telegram.org/bot2134979594 |
|
| Details | Url | 2 | http://208.67.105.148/fresh2/five/fre.php |
|
| Details | Url | 2 | http://171.22.30.147/kelly/five/fre.php |
|
| Details | Url | 2 | http://171.22.30.147/gk1/five/fre.php |
|
| Details | Url | 2 | http://shopper.bulutlogistic.com/fre.php |