ioc[.]one - OSINT Cyber Threat Intelligence Database

ASEC Weekly Malware Statistics (May 17th, 2021 - May 23rd, 2021) - ASEC BLOG

Tags

maec-delivery-vectors:	Watering Hole
attack-pattern:	Domains - T1583.001 Domains - T1584.001 Keylogging - T1056.001 Keylogging - T1417.001 Malware - T1587.001 Malware - T1588.001 Phishing - T1660 Phishing - T1566 Server - T1583.004 Server - T1584.004 Tool - T1588.002 Program Download

Show in Graph

Common Information

Type	Value
UUID	f0392bfc-09ff-4ebc-a027-2d1e9d58a21a
Fingerprint	af1cb968a5fb0291
Analysis status	DONE
Considered CTI value	0
Text language
Published	June 2, 2021, 10:29 a.m.
Added to db	Sept. 11, 2022, 4:59 p.m.
Last updated	Nov. 17, 2024, 11:40 p.m.
Headline	ASEC Weekly Malware Statistics (May 17th, 2021 – May 23rd, 2021)
Title	ASEC Weekly Malware Statistics (May 17th, 2021 - May 23rd, 2021) - ASEC BLOG
Detected Hints/Tags/Attributes	42/2/122

Source URLs

	Redirection	Url
Details	Source	https://asec.ahnlab.com/en/23782/

URL Provider

Details	Provider	Source level domain
Details	ahnlab.com	asec.ahnlab.com

Attributes

Details	Type	#Events	Value
Details	Domain	1	mail.transitworldexpress.com
Details	Domain	1	transitworldexpress.com
Details	Domain	246	mail.ru
Details	Domain	2	smtp.babcockvalve.com
Details	Domain	2	babcockvalve.com
Details	Domain	8	smtp.vivaldi.net
Details	Domain	6	vivaldi.net
Details	Domain	1	soa.com
Details	Domain	5	vihaiha.com
Details	Domain	2	mbyi.xyz
Details	Domain	1	optimalwellengineering.com
Details	Domain	1	pkzz.xyz
Details	Domain	4	www.tomrings.com
Details	Domain	5	www.contorig2.com
Details	Domain	6	www.nelivo.com
Details	Domain	8	www.chaytel.com
Details	Domain	6	www.jumtix.xyz
Details	Domain	5	www.psm-gen.com
Details	Domain	3	www.senmec23.com
Details	Domain	4	www.racevx.xyz
Details	Domain	4	www.cunerier.com
Details	Domain	4	www.byonf.com
Details	Domain	2	www.magetu.info
Details	Domain	3	www.danfrem.com
Details	Domain	1	morkqz03.top
Details	Domain	1	remkdi35.top
Details	Domain	1	sulejx04.top
Details	Domain	1	morkcx01.top
Details	Domain	1	sogdkz15.top
Details	Domain	1	dousaj01.top
Details	Domain	2	moreru07.top
Details	Domain	2	soguex75.top
Details	Domain	2	doumbw10.top
Details	Domain	1	annapro.linkpc.net
Details	Domain	1	tzitziklishop.ddns.net
Details	Domain	1	wealthybillionaire.ddns.net
Details	Domain	1	swift-copy.ddns.net
Details	Domain	1	joetrump2022.ddns.net
Details	Domain	2	startedhere.ddns.net
Details	Domain	1	believe2021.ddns.net
Details	Domain	1	abdulkarim.ddns.net
Details	Email	1	r.laref@transitworldexpress.com
Details	Email	1	office.toney39@mail.ru
Details	Email	2	ziara.landa@babcockvalve.com
Details	Email	1	benzima@vivaldi.net
Details	File	17	details.exe
Details	File	1	yaha.xlsx
Details	File	1	sc202102-00013.exe
Details	File	1	h1bnpo1olcwzsfh.exe
Details	File	7	images.exe
Details	File	8	dhl.exe
Details	File	47	order.exe
Details	File	1	20s32.exe
Details	File	21	document.pdf
Details	File	2	21089.exe
Details	File	28	list.exe
Details	File	11	form.exe
Details	File	1	mx1.exe
Details	File	1	transferencia.jpeg
Details	File	1	___________________________.exe
Details	File	1	consoleapp12.exe
Details	File	82	fre.php
Details	File	15	k.php
Details	File	4	pin.php
Details	File	1	scan001.exe
Details	File	1	2021_pdf.exe
Details	File	1	a2-d55.pdf
Details	File	1260	explorer.exe
Details	File	22	www.ps
Details	File	1206	index.php
Details	File	98	download.php
Details	File	17	lv.exe
Details	File	1	transfer.bat
Details	File	1	3471.exe
Details	File	1	astra.exe
Details	File	1	7jxv8p4c.exe
Details	File	17	setup_x86_x64_install.exe
Details	File	108	0.exe
Details	File	208	setup.exe
Details	File	1	rnld0f8.exe
Details	File	3	p6.exe
Details	File	1	msyzfdsk.exe
Details	File	1	plf.exe
Details	File	1	2300003590.pdf
Details	File	1	copy_00213118570001.exe
Details	File	19	copy.pdf
Details	IPv4	1	192.185.119.206
Details	IPv4	4	193.239.84.207
Details	IPv4	3	31.209.137.12
Details	IPv4	5	104.168.175.179
Details	IPv4	6	173.208.204.37
Details	IPv4	1	74.201.28.138
Details	Url	3	http://vihaiha.com/.cc/news/school/boy/choo/fre.php
Details	Url	1	http://104.168.175.179/oyaka/panel/fre.php
Details	Url	1	http://104.168.175.179/votes1/panel/fre.php
Details	Url	2	http://mbyi.xyz/five/fre.php
Details	Url	1	http://173.208.204.37/k.php/ly0xuvgkjma3b
Details	Url	1	http://173.208.204.37/k.php/hhq0lrvuyhpmx
Details	Url	1	http://optimalwellengineering.com/wp0041/five/fre.php
Details	Url	1	http://pkzz.xyz/jst/five/fre.php
Details	Url	1	http://74.201.28.138/kpi/03/pin.php
Details	Url	1	http://www.tomrings.com/un8c
Details	Url	4	http://www.contorig2.com/u8nw
Details	Url	2	http://www.nelivo.com/sve
Details	Url	6	http://www.chaytel.com/dxe
Details	Url	1	http://www.jumtix.xyz/fmjo
Details	Url	4	http://www.psm-gen.com/dei5
Details	Url	1	http://www.senmec23.com/oerg
Details	Url	2	http://www.racevx.xyz/3edq
Details	Url	2	http://www.cunerier.com/m3rc
Details	Url	3	http://www.byonf.com/nyd
Details	Url	2	http://www.magetu.info/p2io
Details	Url	1	http://www.danfrem.com/gnr/hxxp
Details	Url	1	http://morkqz03.top/index.php
Details	Url	1	http://remkdi35.top/index.php
Details	Url	1	http://sulejx04.top/download.php?file=lv.exe
Details	Url	1	http://morkcx01.top/index.php
Details	Url	1	http://sogdkz15.top/index.php
Details	Url	1	http://dousaj01.top/download.php?file=lv.exe
Details	Url	2	http://moreru07.top/index.php
Details	Url	2	http://soguex75.top/index.php
Details	Url	2	http://doumbw10.top/download.php?file=lv.exe