Malware_traffic's Pastebin

42,935 126,932 5 years ago
Name / Title Added Expires Hits Syntax  
Trickbot EXE from .png URLs on Monday 2020-01-27 Jan 27th, 20 Never 158 None -
2020-01-27 - Hancitor malspam example 2 of 2 Jan 27th, 20 Never 183 None -
2020-01-27 - Hancitor malspam example 1 of 2 Jan 27th, 20 Never 170 None -
2020-01-10: URLs for Trickbot seen from IcedID-inf... Jan 10th, 20 Never 748 None -
Info so far: Malware Traffic workshop for BSides T... Jan 8th, 20 Never 698 None -
Trickbot EXE from .png URLs on Wednesday 2020-01-08 Jan 8th, 20 Never 784 None -
Trickbot EXE from .png URLs as of Monday 2020-01-06 Jan 6th, 20 Never 1,278 None -
2020-01-03 - Word docs with macros (Ostap) possibl... Jan 3rd, 20 Never 139 None -
Trickbot EXE from .png URLs as of Thursday 2019-12-26 Dec 26th, 19 Never 1,269 None -
Trickbot EXE from .png URLs as of Thursday 2019-12-19 Dec 19th, 19 Never 678 None -
Trickbot EXE from .png URLs - Friday 2019-12-06 Dec 6th, 19 Never 777 None -
Trickbot EXE from .png URLs as of Wed 2019-12-04 Dec 5th, 19 Never 629 None -
Trickbot EXE from .png URLs - Tues 2019-12-03 Dec 3rd, 19 Never 965 None -
2019-12-02 - Hancitor info Dec 2nd, 19 Never 873 None -
Trickbot EXE from .png URLs - Thursday 2019-11-28 Nov 28th, 19 Never 1,355 None -
Trickbot EXE from .png URLs - Tuesday 2019-11-26 Nov 26th, 19 Never 1,002 None -
Trickbot EXE from .png URLs - Monday 2019-11-25 Nov 25th, 19 Never 542 None -
Trickbot EXE from .png URLs - Monday 2019-11-18 Nov 18th, 19 Never 774 None -
Trickbot EXE from .png URLs - Friday 2019-11-15 Nov 15th, 19 Never 1,050 None -
Trickbot EXE files seen from .png URLs on 2019-10-29 Oct 29th, 19 Never 1,509 None -
2019-10-09 - Hancitor acitivity Oct 9th, 19 Never 1,499 None -
2019-10-03 - Netsupport RAT malspam campaign Oct 4th, 19 Never 1,305 None -
2019-09-30 - Info from malspam pushing Shade ranso... Sep 30th, 19 Never 1,059 None -
2019-09-30 - example of malspam pushing Shade rans... Sep 30th, 19 Never 232 None -
Trickbot EXE files seen from .png URLs on 2019-09-25 Sep 25th, 19 Never 852 None -
2019-09-13 - Malspam pushing Shade ransomware Sep 13th, 19 Never 1,501 None -
2019-09-03 - Malspam with password-protected Word ... Sep 3rd, 19 Never 3,404 None -
2019-08-28 - File info from today's Ursnif infection Aug 28th, 19 Never 1,407 None -
2019-08-26 - files from Ursnif infection with Tric... Aug 26th, 19 Never 1,510 None -
2019-08-22: Trickbot EXEs associated with IcedID (... Aug 22nd, 19 Never 1,998 None -
2019-08-22 - info on malspam pushing Shade ransomware Aug 22nd, 19 Never 1,660 None -
2019-08-22 - malspam pushing Shade (Troldesh) rans... Aug 22nd, 19 Never 384 None -
2019-08-21 - malspam pushing Shade (Troldesh) rans... Aug 21st, 19 Never 1,315 None -
2019-08-21 - malspam pushing Shade (Troldesh) - 2 ... Aug 21st, 19 Never 176 None -
2019-08-21 - malspam pushing Shade (Troldesh) - 1 ... Aug 21st, 19 Never 181 None -
2019-08-19 - Trickbot binaries, "the PNGs" Aug 20th, 19 Never 1,313 None -
2019-08-12 - Trickbot EXEs from URLs ending with .png Aug 12th, 19 Never 1,009 None -
IcedID (Bokbot)-related Trickbot binaries seen on ... Aug 12th, 19 Never 1,103 None -
2019-07-30 - Trickbot binaries, "the PNGs" Jul 30th, 19 Never 820 None -
File hashes from Hancitor infection on Monday 2019... Jul 22nd, 19 Never 1,453 None -
2019-06-25 and 06-26 - Malspam pushing Trickbot (g... Jun 26th, 19 Never 2,191 None -
2019-06-20 - malspam pushing Nanocore RAT Jun 20th, 19 Never 983 None -
2019-06-13 - Malspam with XLS attachment Jun 13th, 19 Never 1,068 None -
2019-05-30 - PASSWORD-PROTECTED WORD DOCS FROM MAL... May 30th, 19 Never 1,473 None -
2019-05-28 - EXAMPLE OF EMOTET MALSPAM (2 OF 2) May 29th, 19 Never 1,404 None -
2019-05-28 - EXAMPLE OF EMOTET MALSPAM (1 OF 2) May 29th, 19 Never 1,526 None -
2019-05-20 - malspam pushing Lokibot May 20th, 19 Never 1,243 None -
2019-05-02 - Emotet malspam example May 2nd, 19 Never 1,709 None -
2019-04-24 - Emote malspam example Apr 24th, 19 Never 1,791 None -
New password-protected docs in malspam since 2018-... Apr 19th, 19 Never 916 None -
2019-04-19 - malspam pushing Danabot Apr 19th, 19 Never 733 None -
2019-04-16 - Trickbot malspam - gtag: sat43 Apr 16th, 19 Never 1,157 None -
2019-04-15 - Lokibot malspam example Apr 15th, 19 Never 1,769 None -
2019-04-04 - Example of Emotet malspam Apr 4th, 19 Never 1,602 None -
2019-04-03 - Hancitor malspam example Apr 3rd, 19 Never 1,142 None -
2019-04-01 - Active URLs for Emotet Apr 1st, 19 Never 1,016 None -
2019-03-25 - Rig EK landing page from 79.174.13.20 Mar 25th, 19 Never 1,073 None -
2019-03-18 - malspam pushing Trickbot (gtag: ono1) Mar 18th, 19 Never 802 None -
2019-03-14 - Info on Trickbot malspam wave Mar 14th, 19 Never 736 None -
2019-03-14 - Trickbot malspam example (gtag day2) Mar 14th, 19 Never 581 None -
2019-03-14 - Malware from password-protected Word doc Mar 14th, 19 Never 815 None -
2019-03-12 - Qakbot EXE sent to Emotet-infected Wi... Mar 12th, 19 Never 795 None -
2019-03-11 - Emotet malspam example Mar 11th, 19 Never 1,395 None -
2019-03-11 - Example of malspam pushing Trickbot g... Mar 11th, 19 Never 698 None -
2019-03-11 - Malspam pushing Trickbot - gtag: day2 Mar 11th, 19 Never 1,193 None -
2019-03-06 - Trickbot malspam example (gtag ser030... Mar 6th, 19 Never 565 None -
2019-03-05 and 06: malware from malspam pushing Ur... Mar 6th, 19 Never 498 None -
2019-03-05 - Trickbot inject module name tied to g... Mar 5th, 19 Never 715 None -
2019-03-04 - #Emotet #malspam example Mar 4th, 19 Never 771 None -
2019-03-04 - malspam pushes Hawkeye keylogger/info... Mar 4th, 19 Never 498 None -
2019-02-28 - Hancitor malspam example Feb 28th, 19 Never 1,015 None -
2019-02-26 - Malware from Hancitor infection Feb 26th, 19 Never 595 None -
2019-02-26 - Example of malspam pushing Hancitor Feb 26th, 19 Never 1,004 None -
2019-02-25 - Example of malspam pushing Hancitor Feb 25th, 19 Never 809 None -
2019-02-25 - malware from Hancitor infection Feb 25th, 19 Never 547 None -
2019-02-21 - Example of malspam pushing Hanctor Feb 21st, 19 Never 1,022 None -
2019-02-14 - Emotet malspam example with download ... Feb 14th, 19 Never 1,152 None -
2019-02-14 - Recent Trickbot weirdness Feb 14th, 19 Never 2,122 None -
2019-02-14 - Malspam using password-protected Word... Feb 14th, 19 Never 2,917 None -
2019-02-14 - Malspam uses Dropbox link to push For... Feb 14th, 19 Never 2,674 None -
2019-02-13 - Hancitor malspam example Feb 13th, 19 Never 1,077 None -
2019-02-13 - Emotet malspam example with PDF attac... Feb 13th, 19 Never 1,168 None -
2019-02-12 - Emotet malspam example with PDF attac... Feb 12th, 19 Never 1,368 None -
2019-02-12 - malware from Hancitor infection Feb 12th, 19 Never 1,044 None -
2019-02-12 - Hancitor malspam (USPS theme) Feb 12th, 19 Never 1,223 None -
2019-02-09 - Fake Updates campaign pushes Chthonic Feb 8th, 19 Never 1,132 None -
Since 2019-02-04 - Trickbot EXEs as PNG: Sin, Tin,... Feb 8th, 19 Never 925 None -
2019-02-08 (Friday) - Trickbot malspam (gtag: sat36) Feb 8th, 19 Never 972 None -
2019-02-05 - Trickbot malspam - gtag: ser0205us Feb 5th, 19 Never 1,393 None -
2019-02-04 - Trickbot EXEs as .png from 185.68.93[... Feb 4th, 19 Never 935 None -
2019-01-29 - Fallout EK possible exploit Jan 29th, 19 Never 246 None -
2019-01-29 - Fallout EK landing page Jan 29th, 19 Never 239 None -
2019-01-29 - Fallout EK (HTTPS) sends SmokeLoader ... Jan 29th, 19 Never 1,128 None -
2019-01-29 - Malspam pushing AZORult Jan 29th, 19 Never 1,377 None -
2019-01-29 - example of Emotet malspam Jan 29th, 19 Never 1,185 None -
2019-01-28 - Trickbot malspam (gtag: ser0128us) Jan 28th, 19 Never 939 None -
2019-01-08 - Trickbot EXEs as .png from 107.173.10... Jan 28th, 19 Never 683 None -
2019-01-28 - Hancitor malspam example Jan 28th, 19 Never 1,372 None -
2019-01-28 - malware from Hancitor infection Jan 28th, 19 Never 1,172 None -
2019-01-23 - malware from Hancitor infection Jan 23rd, 19 Never 4,227 None -
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy. OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!
 
Top