ioc[.]one - OSINT Cyber Threat Intelligence Database

ASEC Weekly Malware Statistics (January 17th, 2022 - January 23rd, 2022) - ASEC BLOG

Tags

maec-delivery-vectors:	Watering Hole
attack-pattern:	Credentials - T1589.001 Domains - T1583.001 Domains - T1584.001 Keylogging - T1056.001 Keylogging - T1417.001 Malware - T1587.001 Malware - T1588.001 Server - T1583.004 Server - T1584.004 Software - T1592.002 Tool - T1588.002

Show in Graph

Common Information

Type	Value
UUID	7fab73d1-3780-43da-8e67-67553e7f98a8
Fingerprint	ef0c3d688df30293
Analysis status	DONE
Considered CTI value	0
Text language
Published	Feb. 8, 2022, 10:34 a.m.
Added to db	Sept. 11, 2022, 4:59 p.m.
Last updated	Nov. 17, 2024, 11:36 p.m.
Headline	ASEC Weekly Malware Statistics (January 17th, 2022 – January 23rd, 2022)
Title	ASEC Weekly Malware Statistics (January 17th, 2022 - January 23rd, 2022) - ASEC BLOG
Detected Hints/Tags/Attributes	35/2/66

Source URLs

	Redirection	Url
Details	Source	https://asec.ahnlab.com/en/31083/

URL Provider

Details	Provider	Source level domain
Details	ahnlab.com	asec.ahnlab.com

Attributes

Details	Type	#Events	Value
Details	Domain	36	us2.smtp.mailhostbox.com
Details	Domain	2	aaecebemo.nl
Details	Domain	3	mail.modularelect.com
Details	Domain	4	modularelect.com
Details	Domain	1	aestheticsspace.com
Details	Domain	2	mail.scsgroups.com
Details	Domain	2	scsgroups.com
Details	Domain	1175	gmail.com
Details	Domain	3	www.haztol.xyz
Details	Domain	2	www.dirums.online
Details	Domain	2	www.gobits3.com
Details	Domain	1	www.busipe6.com
Details	Domain	2	www.hype-clicks.com
Details	Domain	1	yabynennet.xyz
Details	Domain	2	mainlandtoisland.ml
Details	Domain	10	secure01-redirect.net
Details	Email	2	yasser.alsheakh@aaecebemo.nl
Details	Email	4	zspamming@modularelect.com
Details	Email	1	kenneth@aestheticsspace.com
Details	Email	2	sales@scsgroups.com
Details	Email	3	godwingodwin397@gmail.com
Details	File	10	purchase_order.exe
Details	File	1	import_documents.exe
Details	File	1	quote_002242020.exe
Details	File	1	_packing_list.exe
Details	File	30	doc.exe
Details	File	1	0020012022.exe
Details	File	1	bl_docs_213843846.exe
Details	File	35	invoice.exe
Details	File	1	material_specifications.exe
Details	File	2	nn.exe
Details	File	1	fb_e4d4.tmp
Details	File	1	c38077.exe
Details	File	2	po_5882022.exe
Details	File	1	gas_corp_estimate.exe
Details	File	1260	explorer.exe
Details	File	1	202201021-01212a.exe
Details	File	1	_po4622010221.exe
Details	File	82	fre.php
Details	File	61	search.php
Details	md5	2	8d66e77fc413068c4827bb206e1618f5
Details	IPv4	9	208.91.199.225
Details	IPv4	2	103.248.80.5
Details	IPv4	1	103.6.196.179
Details	IPv4	2	45.156.25.78
Details	IPv4	2	62.182.156.179
Details	IPv4	2	45.142.215.180
Details	IPv4	2	185.64.76.74
Details	IPv4	2	185.112.83.99
Details	IPv4	2	65.21.94.84
Details	IPv4	4	91.243.32.101
Details	IPv4	3	178.128.244.245
Details	IPv4	8	78.46.73.125
Details	IPv4	2	185.148.168.15
Details	IPv4	8	195.77.239.39
Details	IPv4	3	104.131.62.48
Details	IPv4	5	62.171.178.147
Details	IPv4	5	168.197.250.14
Details	Url	3	http://www.haztol.xyz/n62s
Details	Url	2	http://www.dirums.online/mg0t
Details	Url	2	http://www.gobits3.com/8vrd
Details	Url	1	http://www.busipe6.com/h60c
Details	Url	1	http://www.hype-clicks.com/eqhv
Details	Url	2	http://mainlandtoisland.ml/bn2/fre.php
Details	Url	1	http://secure01-redirect.net/gc11/fre.php
Details	Url	2	http://178.128.244.245/search.php?key=8d66e77fc413068c4827bb206e1618f5