ioc[.]one - OSINT Cyber Threat Intelligence Database

ASEC Weekly Malware Statistics (September 26th, 2022 – October 2nd, 2022) - ASEC BLOG

Tags

maec-delivery-vectors:	Watering Hole
attack-pattern:	Malware - T1587.001 Malware - T1588.001 Server - T1583.004 Server - T1584.004

Show in Graph

Common Information

Type	Value
UUID	5587dd98-3978-41ac-b9ba-463a443c28b1
Fingerprint	ad12b869cdfb2291
Analysis status	DONE
Considered CTI value	0
Text language
Published	Oct. 12, 2022, 1:18 p.m.
Added to db	Jan. 16, 2023, 3:53 p.m.
Last updated	Nov. 17, 2024, 11:36 p.m.
Headline	ASEC Weekly Malware Statistics (September 26th, 2022 – October 2nd, 2022)
Title	ASEC Weekly Malware Statistics (September 26th, 2022 – October 2nd, 2022) - ASEC BLOG
Detected Hints/Tags/Attributes	34/2/84

Source URLs

	Redirection	Url
Details	Source	https://asec.ahnlab.com/en/39627/

URL Provider

Details	Provider	Source level domain
Details	ahnlab.com	asec.ahnlab.com

Attributes

Details	Type	#Events	Value
Details	Domain	5	gcl-gb.biz
Details	Domain	1	artislife.top
Details	Domain	4	forwardstorage.biz
Details	Domain	20	host-file-host6.com
Details	Domain	1	host-file-host8.com
Details	Domain	8	furubujjul.net
Details	Domain	3	starvestitibo.org
Details	Domain	6	liubertiyyyul.net
Details	Domain	6	bururutu44org.org
Details	Domain	7	nvulukuluir.net
Details	Domain	6	gulutina49org.org
Details	Domain	5	hulimudulinu.net
Details	Domain	5	stalnnuytyt.org
Details	Domain	6	nuluitnulo.me
Details	Domain	11	rgyui.top
Details	Domain	2	winnlinne.com
Details	Domain	12	wfsdragon.ru
Details	Domain	1	uyg5wye.2ihsfa.com
Details	Domain	2	gogamec.com
Details	Domain	1	mail.tricomcomputacion.com
Details	Domain	1	tricomcomputacion.com
Details	Domain	1175	gmail.com
Details	Domain	2	mail.thesharpening.com.au
Details	Domain	1	thesharpening.com.au
Details	Domain	1	mail.rylanlogisticsltd.com
Details	Domain	1	rylanlogisticsltd.com
Details	Email	1	danielventas@tricomcomputacion.com
Details	Email	1	dorotaannagrebowiec01@gmail.com
Details	Email	1	sales@thesharpening.com.au
Details	Email	1	mary@rylanlogisticsltd.com
Details	Email	4	ranjqnupreti3@gmail.com
Details	File	1260	explorer.exe
Details	File	14	build2.exe
Details	File	67	get.php
Details	File	12	build3.exe
Details	File	9	setstats.php
Details	File	15	server.txt
Details	File	7	getdata.php
Details	File	37	1.php
Details	File	16	check.php
Details	File	6	save.php
Details	File	1	eventsourceattrib.exe
Details	File	6	notification.exe
Details	File	1	099923512489_pdf.exe
Details	File	1	20220608.exe
Details	File	14	slip.exe
Details	IPv4	3	95.214.24.96
Details	IPv4	4	208.67.104.97
Details	IPv4	1	136.144.41.201
Details	IPv4	3	136.144.41.152
Details	IPv4	1	45.133.1.107
Details	IPv4	1	49.12.226.201
Details	IPv4	1	94.131.97.136
Details	IPv4	1	94.131.96.16
Details	IPv4	1	94.131.97.143
Details	IPv4	1	94.131.97.153
Details	IPv4	1	45.142.213.7
Details	IPv4	1	45.89.55.176
Details	IPv4	1	94.131.97.119
Details	IPv4	1	88.198.89.6
Details	IPv4	1	192.254.211.36
Details	IPv4	1	139.99.142.16
Details	IPv4	1	144.76.236.210
Details	Url	6	http://rgyui.top/dl/build2.exe
Details	Url	2	http://winnlinne.com/test3/get.php
Details	Url	2	http://winnlinne.com/files/1/build3.exe
Details	Url	9	http://wfsdragon.ru/api/setstats.php
Details	Url	1	http://136.144.41.201/server.txt
Details	Url	1	http://136.144.41.152/base/api/getdata.php
Details	Url	1	http://uyg5wye.2ihsfa.com/api/fbtime
Details	Url	1	http://45.133.1.107/server.txt
Details	Url	1	http://gcl-gb.biz/stats/1.php
Details	Url	1	http://gcl-gb.biz/check.php
Details	Url	1	http://gcl-gb.biz/stats/save.php
Details	Url	1	http://t.gogamec.com
Details	Url	1	http://49.12.226.201/base/api/getdata.php
Details	Url	1	http://94.131.97.136/1281
Details	Url	1	http://94.131.96.16/1281
Details	Url	1	http://94.131.97.143/1281
Details	Url	1	http://94.131.97.153/1191
Details	Url	1	http://45.142.213.7/1281
Details	Url	1	http://45.89.55.176/1281
Details	Url	1	http://94.131.97.119/1281
Details	Url	1	http://88.198.89.6/1695