malwageddon

Malwageddon's Pastebin

1,577 13,509 8 years ago
Name / Title Added Expires Hits Syntax  
IOC - cloudmade.com - 2015-09-22 Sep 22nd, 2015 Never 129 HTML -
Partially decoded attachment - 2015-09-16 Sep 16th, 2015 Never 594 HTML -
IOC - www.projectrace.com - 2015-09-07 Sep 7th, 2015 Never 218 HTML -
pDNS domain names on Hacking Team IPs Jul 6th, 2015 Never 434 None -
Neutrino EK landing page sample - Mar 2015 Mar 20th, 2015 Never 415 HTML -
Neutrino EK landing page sample - Dec 2014 Mar 20th, 2015 Never 573 HTML -
IOC - capovelo.com - 2014-12-18 Dec 18th, 2014 Never 399 JavaScript -
IOC - ads.financialcontent.com - 2014-12-16 Dec 16th, 2014 Never 289 JavaScript -
Config file extracts from a recent DYRE sample - 2... Oct 17th, 2014 Never 765 None -
IOC - ads.financialcontent.com - 2014-10-15 Oct 16th, 2014 Never 384 JavaScript -
Nuclear EK deobfuscated landing page - 2014-09-12 Sep 23rd, 2014 Never 384 JavaScript -
Nuclear EK landing page example - 2014-09-12 Sep 22nd, 2014 Never 628 JavaScript -
SweetOrange EK deobfuscated landing page - 2014-09... Sep 18th, 2014 Never 388 JavaScript -
SweetOrange EK landing page example - 2014-09-16 Sep 17th, 2014 Never 401 JavaScript -
IOC - www.coffeeandquinoa.com - 2014-09-10 Sep 10th, 2014 Never 252 HTML -
IOC - www.goldseek.com 2014-08-28 Aug 29th, 2014 Never 291 JavaScript -
IOC earthsky.org - 2014-08-27 Aug 27th, 2014 Never 236 JavaScript -
IOC - englishrussia.com Aug 25th, 2014 Never 254 JavaScript -
IOC - www.thecitywire.com Aug 13th, 2014 Never 265 JavaScript -
ibmtvdemo.edgesuite.net suspicious JS request Aug 7th, 2014 Never 256 HTML -
List of websites redirecting to Fiesta EK - 2014-0... Jul 24th, 2014 Never 414 None -
SweetOrange EK redirect chain example - 2014-06/07 Jul 3rd, 2014 Never 331 JavaScript -
Suspicious redirect - ibmtvdemo.edgesuite.net Jul 3rd, 2014 Never 430 HTML -
IOC - www.askmen.com Jun 25th, 2014 Never 292 JavaScript -
IOC - legacy.americanpayroll.org Jun 24th, 2014 Never 220 HTML -
IOC - www.homebusinessmag.com dishes out malicious... Jun 23rd, 2014 Never 186 JavaScript -
Suspicious - www.foxitsoftware.com JS script Jun 23rd, 2014 Never 241 HTML -
IOC - www.bankofbotswana.bw website leading to Mag... Jun 9th, 2014 Never 390 JavaScript -
Malware email campaign with .gadget files attachme... May 19th, 2014 Never 294 None -
Proof of Compromise / www.footballfoundation.org May 9th, 2014 Never 164 None -
UnrecomServer jRAT - sample by @zertox1 Apr 28th, 2014 Never 322 XML -
Unknown EK(listentobitcoin.com) - 2014-01-14 Jan 14th, 2014 Never 218 None -
Unknown EK URL pattern - 2013-11-22 Nov 23rd, 2013 Never 168 None -
LinkedIn SPAM campaign 2013-09-30 Sep 30th, 2013 Never 116 None -
Unknown EK / IE7 Exploit Sep 28th, 2013 Never 250 JavaScript -
FAX phishing email campaign Jul 18th, 2013 Never 122 None -
VISA phishing email campaign Jul 17th, 2013 Never 304 None -
ADP themed phishing Jul 15th, 2013 Never 119 None -
HSBC themed phishing Jul 15th, 2013 Never 390 None -
Xpiro.D domain names Jul 15th, 2013 Never 418 None -
"TAX Appeal Declinde" SPAM wave Jul 12th, 2013 Never 97 None -
WU SPAM wave Jul 11th, 2013 Never 77 None -
'Styxy' Cool EK pattern Jul 9th, 2013 Never 81 None -
Nuclear EK pattern seen on 2013-06-25 Jun 26th, 2013 Never 67 None -
Goofware pattern seen on 2013-06-21 Jun 21st, 2013 Never 60 None -
Sweet Orange EK pattern seen on 2013-06-18 Jun 19th, 2013 Never 88 None -
Flimkit pattern seen on 2013-06-17 Jun 18th, 2013 Never 96 None -