ioc[.]one - OSINT Cyber Threat Intelligence Database

ASEC Weekly Malware Statistics (October 11th, 2021 – October 17th, 2021) - ASEC BLOG

Tags

maec-delivery-vectors:	Watering Hole
attack-pattern:	Keylogging - T1056.001 Keylogging - T1417.001 Malware - T1587.001 Malware - T1588.001 Server - T1583.004 Server - T1584.004 Tool - T1588.002

Show in Graph

Common Information

Type	Value
UUID	9d21f558-7cb4-431d-aef7-e4acefc034bc
Fingerprint	af34bba8a5fb0291
Analysis status	DONE
Considered CTI value	0
Text language
Published	Oct. 22, 2021, 1 p.m.
Added to db	Sept. 11, 2022, 4:59 p.m.
Last updated	Nov. 17, 2024, 6:49 p.m.
Headline	ASEC Weekly Malware Statistics (October 11th, 2021 – October 17th, 2021)
Title	ASEC Weekly Malware Statistics (October 11th, 2021 – October 17th, 2021) - ASEC BLOG
Detected Hints/Tags/Attributes	31/2/100

Source URLs

	Redirection	Url
Details	Source	https://asec.ahnlab.com/en/28007/

URL Provider

Details	Provider	Source level domain
Details	ahnlab.com	asec.ahnlab.com

Attributes

Details	Type	#Events	Value
Details	Domain	4	ggg-cl.biz
Details	Domain	3	ppp-gl.biz
Details	Domain	1	mail.globalmedical.nl
Details	Domain	1	globalmedical.nl
Details	Domain	14	com.cn
Details	Domain	29	dr.com
Details	Domain	1	smtp.copangroup.xyz
Details	Domain	2	copangroup.xyz
Details	Domain	1	mail.appalliser.com
Details	Domain	1	appalliser.com
Details	Domain	1	www.kufazo.online
Details	Domain	2	www.dirums.online
Details	Domain	2	www.sasanos.com
Details	Domain	4	www.besrbee.com
Details	Domain	1	www.besasin09.com
Details	Domain	5	www.norllix.com
Details	Domain	3	www.tes5ci.com
Details	Domain	1	www.pokvy.online
Details	Domain	7	www.renaziv.online
Details	Domain	2	www.bits-clicks.com
Details	Domain	2	www.afcerd.com
Details	Domain	4	checkvim.com
Details	Domain	1	akiwinds.duckdns.org
Details	Domain	3	frinqy.gq
Details	Domain	4	74f26d34ffff049368a6cff8812f86ee.gq
Details	Domain	36	us2.smtp.mailhostbox.com
Details	Domain	1	mtech-edu.com
Details	Domain	1	mail.alliedhealthga.com
Details	Domain	1	alliedhealthga.com
Details	Domain	1	mail.anglifesciences.com
Details	Domain	1	anglifesciences.com
Details	Domain	1	eze-love.com
Details	Email	1	vic@globalmedical.nl
Details	Email	1	sarah_borte.com.cn@dr.com
Details	Email	2	paola.micheli@copangroup.xyz
Details	Email	1	newwork1@appalliser.com
Details	Email	1	newwork2@appalliser.com
Details	Email	1	abs.metal@mtech-edu.com
Details	Email	1	info@alliedhealthga.com
Details	Email	1	tab5@anglifesciences.com
Details	Email	1	darl@eze-love.com
Details	File	37	1.php
Details	File	6	loot.php
Details	File	16	check.php
Details	File	1	sam-am912042_pdf.exe
Details	File	3	comprobante.pdf
Details	File	1	6578000.pdf
Details	File	4	pago.pdf
Details	File	1	pago_pdf___________________________.exe
Details	File	1	05311.exe
Details	File	1	bbrrq12345.exe
Details	File	1	formu.exe
Details	File	1	3931000689_pdf____________________________.exe
Details	File	1	19615.exe
Details	File	6	audio.exe
Details	File	70	vbc.exe
Details	File	1	d0bd09.exe
Details	File	1260	explorer.exe
Details	File	1	po721900.exe
Details	File	1	audit.exe
Details	File	1	so21101311001877.exe
Details	File	1	374785895.exe
Details	File	1	nsslhcicc2102824.exe
Details	File	1	s55-21011258.exe
Details	File	1	bci.exe
Details	File	1	doc100921-101220211101.exe
Details	File	82	fre.php
Details	File	4	pin.php
Details	md5	4	74f26d34ffff049368a6cff8812f86ee
Details	IPv4	6	45.9.20.13
Details	IPv4	1	185.104.29.70
Details	IPv4	1	194.195.211.26
Details	IPv4	1	185.237.206.6
Details	IPv4	6	23.254.225.235
Details	IPv4	2	37.0.10.190
Details	IPv4	11	208.91.198.143
Details	IPv4	2	107.180.56.180
Details	IPv4	1	192.185.160.32
Details	Url	1	http://ggg-cl.biz/stats/1.php
Details	Url	1	http://45.9.20.13/partner/loot.php?pub=mixinte
Details	Url	1	http://ppp-gl.biz/check.php
Details	Url	1	http://www.kufazo.online/rv9n
Details	Url	2	http://www.dirums.online/mg0t
Details	Url	1	http://www.sasanos.com/mxnu
Details	Url	1	http://www.besrbee.com/mexq
Details	Url	1	http://www.besasin09.com/pfrp
Details	Url	1	http://www.norllix.com/ni8b
Details	Url	1	http://www.tes5ci.com/g91q
Details	Url	1	http://www.pokvy.online/jw9u
Details	Url	2	http://www.renaziv.online/ss5s
Details	Url	2	http://www.bits-clicks.com/a49i
Details	Url	1	http://www.afcerd.com/o4ms
Details	Url	1	http://23.254.225.235/wjj/fre.php
Details	Url	1	http://checkvim.com/fd11/fre.php
Details	Url	1	http://akiwinds.duckdns.org/chats/fre.php
Details	Url	3	http://frinqy.gq/apps/fre.php
Details	Url	1	http://37.0.10.190/300/n2/pin.php
Details	Url	2	http://checkvim.com/fd4/fre.php
Details	Url	4	http://74f26d34ffff049368a6cff8812f86ee.gq/bn111/fre.php
Details	Url	1	http://23.254.225.235/main1/fre.php