PASTEBIN

GO API TOOLS FAQ DEALS

Name / Title	Added	Expires	Hits	Syntax
Trickbot EXE from .png URLs on Monday 2020-01-27	Jan 27th, 20	Never	158	None	-
2020-01-27 - Hancitor malspam example 2 of 2	Jan 27th, 20	Never	183	None	-
2020-01-27 - Hancitor malspam example 1 of 2	Jan 27th, 20	Never	170	None	-
2020-01-10: URLs for Trickbot seen from IcedID-inf...	Jan 10th, 20	Never	748	None	-
Info so far: Malware Traffic workshop for BSides T...	Jan 8th, 20	Never	698	None	-
Trickbot EXE from .png URLs on Wednesday 2020-01-08	Jan 8th, 20	Never	784	None	-
Trickbot EXE from .png URLs as of Monday 2020-01-06	Jan 6th, 20	Never	1,278	None	-
2020-01-03 - Word docs with macros (Ostap) possibl...	Jan 3rd, 20	Never	139	None	-
Trickbot EXE from .png URLs as of Thursday 2019-12-26	Dec 26th, 19	Never	1,269	None	-
Trickbot EXE from .png URLs as of Thursday 2019-12-19	Dec 19th, 19	Never	678	None	-
Trickbot EXE from .png URLs - Friday 2019-12-06	Dec 6th, 19	Never	777	None	-
Trickbot EXE from .png URLs as of Wed 2019-12-04	Dec 5th, 19	Never	629	None	-
Trickbot EXE from .png URLs - Tues 2019-12-03	Dec 3rd, 19	Never	965	None	-
2019-12-02 - Hancitor info	Dec 2nd, 19	Never	873	None	-
Trickbot EXE from .png URLs - Thursday 2019-11-28	Nov 28th, 19	Never	1,355	None	-
Trickbot EXE from .png URLs - Tuesday 2019-11-26	Nov 26th, 19	Never	1,002	None	-
Trickbot EXE from .png URLs - Monday 2019-11-25	Nov 25th, 19	Never	542	None	-
Trickbot EXE from .png URLs - Monday 2019-11-18	Nov 18th, 19	Never	774	None	-
Trickbot EXE from .png URLs - Friday 2019-11-15	Nov 15th, 19	Never	1,050	None	-
Trickbot EXE files seen from .png URLs on 2019-10-29	Oct 29th, 19	Never	1,509	None	-
2019-10-09 - Hancitor acitivity	Oct 9th, 19	Never	1,499	None	-
2019-10-03 - Netsupport RAT malspam campaign	Oct 4th, 19	Never	1,305	None	-
2019-09-30 - Info from malspam pushing Shade ranso...	Sep 30th, 19	Never	1,059	None	-
2019-09-30 - example of malspam pushing Shade rans...	Sep 30th, 19	Never	232	None	-
Trickbot EXE files seen from .png URLs on 2019-09-25	Sep 25th, 19	Never	852	None	-
2019-09-13 - Malspam pushing Shade ransomware	Sep 13th, 19	Never	1,501	None	-
2019-09-03 - Malspam with password-protected Word ...	Sep 3rd, 19	Never	3,404	None	-
2019-08-28 - File info from today's Ursnif infection	Aug 28th, 19	Never	1,407	None	-
2019-08-26 - files from Ursnif infection with Tric...	Aug 26th, 19	Never	1,510	None	-
2019-08-22: Trickbot EXEs associated with IcedID (...	Aug 22nd, 19	Never	1,998	None	-
2019-08-22 - info on malspam pushing Shade ransomware	Aug 22nd, 19	Never	1,660	None	-
2019-08-22 - malspam pushing Shade (Troldesh) rans...	Aug 22nd, 19	Never	384	None	-
2019-08-21 - malspam pushing Shade (Troldesh) rans...	Aug 21st, 19	Never	1,315	None	-
2019-08-21 - malspam pushing Shade (Troldesh) - 2 ...	Aug 21st, 19	Never	176	None	-
2019-08-21 - malspam pushing Shade (Troldesh) - 1 ...	Aug 21st, 19	Never	181	None	-
2019-08-19 - Trickbot binaries, "the PNGs"	Aug 20th, 19	Never	1,313	None	-
2019-08-12 - Trickbot EXEs from URLs ending with .png	Aug 12th, 19	Never	1,009	None	-
IcedID (Bokbot)-related Trickbot binaries seen on ...	Aug 12th, 19	Never	1,103	None	-
2019-07-30 - Trickbot binaries, "the PNGs"	Jul 30th, 19	Never	820	None	-
File hashes from Hancitor infection on Monday 2019...	Jul 22nd, 19	Never	1,453	None	-
2019-06-25 and 06-26 - Malspam pushing Trickbot (g...	Jun 26th, 19	Never	2,191	None	-
2019-06-20 - malspam pushing Nanocore RAT	Jun 20th, 19	Never	983	None	-
2019-06-13 - Malspam with XLS attachment	Jun 13th, 19	Never	1,068	None	-
2019-05-30 - PASSWORD-PROTECTED WORD DOCS FROM MAL...	May 30th, 19	Never	1,473	None	-
2019-05-28 - EXAMPLE OF EMOTET MALSPAM (2 OF 2)	May 29th, 19	Never	1,404	None	-
2019-05-28 - EXAMPLE OF EMOTET MALSPAM (1 OF 2)	May 29th, 19	Never	1,526	None	-
2019-05-20 - malspam pushing Lokibot	May 20th, 19	Never	1,243	None	-
2019-05-02 - Emotet malspam example	May 2nd, 19	Never	1,709	None	-
2019-04-24 - Emote malspam example	Apr 24th, 19	Never	1,791	None	-
New password-protected docs in malspam since 2018-...	Apr 19th, 19	Never	916	None	-
2019-04-19 - malspam pushing Danabot	Apr 19th, 19	Never	733	None	-
2019-04-16 - Trickbot malspam - gtag: sat43	Apr 16th, 19	Never	1,157	None	-
2019-04-15 - Lokibot malspam example	Apr 15th, 19	Never	1,769	None	-
2019-04-04 - Example of Emotet malspam	Apr 4th, 19	Never	1,602	None	-
2019-04-03 - Hancitor malspam example	Apr 3rd, 19	Never	1,142	None	-
2019-04-01 - Active URLs for Emotet	Apr 1st, 19	Never	1,016	None	-
2019-03-25 - Rig EK landing page from 79.174.13.20	Mar 25th, 19	Never	1,073	None	-
2019-03-18 - malspam pushing Trickbot (gtag: ono1)	Mar 18th, 19	Never	802	None	-
2019-03-14 - Info on Trickbot malspam wave	Mar 14th, 19	Never	736	None	-
2019-03-14 - Trickbot malspam example (gtag day2)	Mar 14th, 19	Never	581	None	-
2019-03-14 - Malware from password-protected Word doc	Mar 14th, 19	Never	815	None	-
2019-03-12 - Qakbot EXE sent to Emotet-infected Wi...	Mar 12th, 19	Never	795	None	-
2019-03-11 - Emotet malspam example	Mar 11th, 19	Never	1,395	None	-
2019-03-11 - Example of malspam pushing Trickbot g...	Mar 11th, 19	Never	698	None	-
2019-03-11 - Malspam pushing Trickbot - gtag: day2	Mar 11th, 19	Never	1,193	None	-
2019-03-06 - Trickbot malspam example (gtag ser030...	Mar 6th, 19	Never	565	None	-
2019-03-05 and 06: malware from malspam pushing Ur...	Mar 6th, 19	Never	498	None	-
2019-03-05 - Trickbot inject module name tied to g...	Mar 5th, 19	Never	715	None	-
2019-03-04 - #Emotet #malspam example	Mar 4th, 19	Never	771	None	-
2019-03-04 - malspam pushes Hawkeye keylogger/info...	Mar 4th, 19	Never	498	None	-
2019-02-28 - Hancitor malspam example	Feb 28th, 19	Never	1,015	None	-
2019-02-26 - Malware from Hancitor infection	Feb 26th, 19	Never	595	None	-
2019-02-26 - Example of malspam pushing Hancitor	Feb 26th, 19	Never	1,004	None	-
2019-02-25 - Example of malspam pushing Hancitor	Feb 25th, 19	Never	809	None	-
2019-02-25 - malware from Hancitor infection	Feb 25th, 19	Never	547	None	-
2019-02-21 - Example of malspam pushing Hanctor	Feb 21st, 19	Never	1,022	None	-
2019-02-14 - Emotet malspam example with download ...	Feb 14th, 19	Never	1,152	None	-
2019-02-14 - Recent Trickbot weirdness	Feb 14th, 19	Never	2,122	None	-
2019-02-14 - Malspam using password-protected Word...	Feb 14th, 19	Never	2,917	None	-
2019-02-14 - Malspam uses Dropbox link to push For...	Feb 14th, 19	Never	2,674	None	-
2019-02-13 - Hancitor malspam example	Feb 13th, 19	Never	1,077	None	-
2019-02-13 - Emotet malspam example with PDF attac...	Feb 13th, 19	Never	1,168	None	-
2019-02-12 - Emotet malspam example with PDF attac...	Feb 12th, 19	Never	1,368	None	-
2019-02-12 - malware from Hancitor infection	Feb 12th, 19	Never	1,044	None	-
2019-02-12 - Hancitor malspam (USPS theme)	Feb 12th, 19	Never	1,223	None	-
2019-02-09 - Fake Updates campaign pushes Chthonic	Feb 8th, 19	Never	1,132	None	-
Since 2019-02-04 - Trickbot EXEs as PNG: Sin, Tin,...	Feb 8th, 19	Never	925	None	-
2019-02-08 (Friday) - Trickbot malspam (gtag: sat36)	Feb 8th, 19	Never	972	None	-
2019-02-05 - Trickbot malspam - gtag: ser0205us	Feb 5th, 19	Never	1,393	None	-
2019-02-04 - Trickbot EXEs as .png from 185.68.93[...	Feb 4th, 19	Never	935	None	-
2019-01-29 - Fallout EK possible exploit	Jan 29th, 19	Never	246	None	-
2019-01-29 - Fallout EK landing page	Jan 29th, 19	Never	239	None	-
2019-01-29 - Fallout EK (HTTPS) sends SmokeLoader ...	Jan 29th, 19	Never	1,128	None	-
2019-01-29 - Malspam pushing AZORult	Jan 29th, 19	Never	1,377	None	-
2019-01-29 - example of Emotet malspam	Jan 29th, 19	Never	1,185	None	-
2019-01-28 - Trickbot malspam (gtag: ser0128us)	Jan 28th, 19	Never	939	None	-
2019-01-08 - Trickbot EXEs as .png from 107.173.10...	Jan 28th, 19	Never	683	None	-
2019-01-28 - Hancitor malspam example	Jan 28th, 19	Never	1,372	None	-
2019-01-28 - malware from Hancitor infection	Jan 28th, 19	Never	1,172	None	-
2019-01-23 - malware from Hancitor infection	Jan 23rd, 19	Never	4,227	None	-