PASTEBIN

GO API TOOLS FAQ DEALS

Name / Title	Added	Expires	Hits	Syntax
2020-07-08 - Trickbot gtag chil61 from XLS macros	Jul 8th, 20	Never	340	None	-
2020-06-30 (Tues) - Valak (soft_sig: mas37) info	Jun 30th, 20	Never	1,048	None	-
2020-06-24 (Wednesday): Valak activity - Soft_sig:...	Jun 24th, 20	Never	1,058	None	-
2020-06-23 - Valak (soft_sig: mad34) activity	Jun 23rd, 20	Never	491	None	-
2020-06-22 - Valak (mad33) infection with IcedID (...	Jun 23rd, 20	Never	499	None	-
Trickbot propagation URLs on Tuesday 2020-06-23	Jun 23rd, 20	Never	532	None	-
Trickbot propagation URLs on Friday 2020-06-19	Jun 19th, 20	Never	987	None	-
2020-06-09 - Recent resume-themed malspam attachments	Jun 9th, 20	Never	118	None	-
2020-06-03 - Valak (Soft_sig: mad29)	Jun 4th, 20	Never	1,500	None	-
Trickbot propagation URLs (and EXEs) on Thursday 2...	May 28th, 20	Never	1,654	None	-
2020-05-22 - malspam with zip files pushes Valak w...	May 22nd, 20	Never	2,105	None	-
2020-05-19 - Qakbot (Qbot) spx122 zip archive URLs	May 19th, 20	Never	1,367	None	-
2020-05-18 - Qakbot (Qbot) zip archive URLs	May 18th, 20	Never	1,603	None	-
2020-05-12 - Word docs with macros for Valak	May 13th, 20	Never	1,233	None	-
2020-05-06 (Wednesday) - Qakbot (Qbot) spx114 info	May 6th, 20	Never	2,061	None	-
2020-05-06 - XLS attachments from malspam pushing ...	May 6th, 20	Never	1,388	None	-
2020-05-05: Links to zip files for Qakbot spx112 &...	May 5th, 20	Never	1,227	None	-
2020-05-04 (Monday) - malspam with XLS file pushin...	May 4th, 20	Never	1,078	None	-
2020-05-01 - XLS file w/ macros pushes Loader EXE ...	May 1st, 20	Never	1,066	None	-
2020-04-30 - Link-based malspam pushing Dridex - 2...	Apr 30th, 20	Never	1,100	None	-
2020-04-27 - Malspam with password-protected zip a...	Apr 28th, 20	Never	845	None	-
2020-04-23 - URLs/hashes for Qakbot (Qbot) spx103 ...	Apr 23rd, 20	Never	1,420	None	-
2020-04-22 - URLs/hashes for Qakbot (Qbot) spx102 ...	Apr 22nd, 20	Never	1,375	None	-
2020-04-21 - URLs/hashes for Qakbot (Qbot) spx101 ...	Apr 21st, 20	Never	1,261	None	-
Trickbot EXE files from ".png" URLs on M...	Apr 20th, 20	Never	2,313	None	-
2020-04-20 - URLs/hashes for Qakbot (Qbot) spx100 ...	Apr 20th, 20	Never	1,403	None	-
2020-04-17: Trickbot gtag ono38 from password-prot...	Apr 17th, 20	Never	2,221	None	-
2020-04-17 - URLs/hashes for Qakbot (Qbot) spx99 f...	Apr 17th, 20	Never	836	None	-
2020-04-16 - URLs/hashes for Qakbot (Qbot) spx98 f...	Apr 16th, 20	Never	1,902	None	-
2020-04-15 - URLs/hashes for Qakbot (Qbot) spx97 f...	Apr 15th, 20	Never	948	None	-
2020-04-14 - URLs/hashes for Qakbot (Qbot) spx96 z...	Apr 14th, 20	Never	1,144	None	-
2020-04-13 - URLs/hashes for Qakbot (Qbot) spx95 z...	Apr 13th, 20	Never	1,096	None	-
Trickbot EXE files from ".png" URLs on F...	Apr 10th, 20	Never	657	None	-
2020-04-10 - Qakbot (Qbot) spx94 - 30 URLs for zip...	Apr 10th, 20	Never	458	None	-
2020-04-10 - malpsam pushes GuLodader/NanoCore RAT	Apr 10th, 20	Never	3,318	None	-
URLs with "/extend/" for Qakbot (Qbot) s...	Apr 10th, 20	Never	917	None	-
2020-04-08: OneDrive links to zip archives for Qak...	Apr 9th, 20	Never	1,484	None	-
URLs from VT on 2020-04-08 for Qakbot/Qbot zip arc...	Apr 8th, 20	Never	2,218	None	-
Trickbot EXE files from ".png" URLs on W...	Apr 1st, 20	Never	1,355	None	-
2020-03-30 - malspam pushing kpot stealer	Mar 30th, 20	Never	1,629	None	-
2020-03-17 - FedEx themed malspam pushes Dridex	Mar 18th, 20	Never	1,387	None	-
Trickbot EXE files from ".png" URLs on M...	Mar 16th, 20	Never	859	None	-
Trickbot EXE files from ".png" URLs on W...	Mar 4th, 20	Never	814	None	-
Trickbot EXE files from ".png" URLs on W...	Feb 26th, 20	Never	1,578	None	-
Trickbot EXE files from ".png" URLs on W...	Feb 19th, 20	Never	1,555	None	-
Trickbot EXE files from ".png" URLs on T...	Feb 6th, 20	Never	1,963	None	-
2020-02-03 - malspam with attachment for Emotet ep...	Feb 3rd, 20	Never	2,390	None	-
2020-02-03 - Malspam pushing Qbot (Qakbot)	Feb 3rd, 20	Never	2,070	None	-
Trickbot EXE files from .png URLs on Monday 2020-0...	Feb 3rd, 20	Never	1,389	None	-
Trickbot EXE from .png URLs on Monday 2020-01-27	Jan 27th, 20	Never	1,068	None	-
2020-01-27 - Hancitor malspam example 2 of 2	Jan 27th, 20	Never	1,010	None	-
2020-01-27 - Hancitor malspam example 1 of 2	Jan 27th, 20	Never	741	None	-
2020-01-10: URLs for Trickbot seen from IcedID-inf...	Jan 10th, 20	Never	890	None	-
Info so far: Malware Traffic workshop for BSides T...	Jan 8th, 20	Never	933	None	-
Trickbot EXE from .png URLs on Wednesday 2020-01-08	Jan 8th, 20	Never	900	None	-
Trickbot EXE from .png URLs as of Monday 2020-01-06	Jan 6th, 20	Never	1,376	None	-
2020-01-03 - Word docs with macros (Ostap) possibl...	Jan 3rd, 20	Never	185	None	-
Trickbot EXE from .png URLs as of Thursday 2019-12-26	Dec 26th, 19	Never	1,339	None	-
Trickbot EXE from .png URLs as of Thursday 2019-12-19	Dec 19th, 19	Never	726	None	-
Trickbot EXE from .png URLs - Friday 2019-12-06	Dec 6th, 19	Never	869	None	-
Trickbot EXE from .png URLs as of Wed 2019-12-04	Dec 5th, 19	Never	666	None	-
Trickbot EXE from .png URLs - Tues 2019-12-03	Dec 3rd, 19	Never	1,099	None	-
2019-12-02 - Hancitor info	Dec 2nd, 19	Never	973	None	-
Trickbot EXE from .png URLs - Thursday 2019-11-28	Nov 28th, 19	Never	1,411	None	-
Trickbot EXE from .png URLs - Tuesday 2019-11-26	Nov 26th, 19	Never	1,041	None	-
Trickbot EXE from .png URLs - Monday 2019-11-25	Nov 25th, 19	Never	579	None	-
Trickbot EXE from .png URLs - Monday 2019-11-18	Nov 18th, 19	Never	800	None	-
Trickbot EXE from .png URLs - Friday 2019-11-15	Nov 15th, 19	Never	1,089	None	-
Trickbot EXE files seen from .png URLs on 2019-10-29	Oct 29th, 19	Never	1,543	None	-
2019-10-09 - Hancitor acitivity	Oct 9th, 19	Never	1,622	None	-
2019-10-03 - Netsupport RAT malspam campaign	Oct 4th, 19	Never	1,364	None	-
2019-09-30 - Info from malspam pushing Shade ranso...	Sep 30th, 19	Never	1,127	None	-
2019-09-30 - example of malspam pushing Shade rans...	Sep 30th, 19	Never	287	None	-
Trickbot EXE files seen from .png URLs on 2019-09-25	Sep 25th, 19	Never	888	None	-
2019-09-13 - Malspam pushing Shade ransomware	Sep 13th, 19	Never	1,600	None	-
2019-09-03 - Malspam with password-protected Word ...	Sep 3rd, 19	Never	5,409	None	-
2019-08-28 - File info from today's Ursnif infection	Aug 28th, 19	Never	1,456	None	-
2019-08-26 - files from Ursnif infection with Tric...	Aug 26th, 19	Never	1,553	None	-
2019-08-22: Trickbot EXEs associated with IcedID (...	Aug 22nd, 19	Never	2,040	None	-
2019-08-22 - info on malspam pushing Shade ransomware	Aug 22nd, 19	Never	1,703	None	-
2019-08-22 - malspam pushing Shade (Troldesh) rans...	Aug 22nd, 19	Never	513	None	-
2019-08-21 - malspam pushing Shade (Troldesh) rans...	Aug 21st, 19	Never	1,353	None	-
2019-08-21 - malspam pushing Shade (Troldesh) - 2 ...	Aug 21st, 19	Never	224	None	-
2019-08-21 - malspam pushing Shade (Troldesh) - 1 ...	Aug 21st, 19	Never	219	None	-
2019-08-19 - Trickbot binaries, "the PNGs"	Aug 20th, 19	Never	1,348	None	-
2019-08-12 - Trickbot EXEs from URLs ending with .png	Aug 12th, 19	Never	1,043	None	-
IcedID (Bokbot)-related Trickbot binaries seen on ...	Aug 12th, 19	Never	1,133	None	-
2019-07-30 - Trickbot binaries, "the PNGs"	Jul 30th, 19	Never	857	None	-
File hashes from Hancitor infection on Monday 2019...	Jul 22nd, 19	Never	1,524	None	-
2019-06-25 and 06-26 - Malspam pushing Trickbot (g...	Jun 26th, 19	Never	2,225	None	-
2019-06-20 - malspam pushing Nanocore RAT	Jun 20th, 19	Never	1,083	None	-
2019-06-13 - Malspam with XLS attachment	Jun 13th, 19	Never	1,121	None	-
2019-05-30 - PASSWORD-PROTECTED WORD DOCS FROM MAL...	May 30th, 19	Never	1,567	None	-
2019-05-28 - EXAMPLE OF EMOTET MALSPAM (2 OF 2)	May 29th, 19	Never	1,554	None	-
2019-05-28 - EXAMPLE OF EMOTET MALSPAM (1 OF 2)	May 29th, 19	Never	1,794	None	-
2019-05-20 - malspam pushing Lokibot	May 20th, 19	Never	1,413	None	-
2019-05-02 - Emotet malspam example	May 2nd, 19	Never	1,802	None	-
2019-04-24 - Emote malspam example	Apr 24th, 19	Never	1,870	None	-
New password-protected docs in malspam since 2018-...	Apr 19th, 19	Never	945	None	-
2019-04-19 - malspam pushing Danabot	Apr 19th, 19	Never	773	None	-