Malware_traffic's Pastebin

58,715 188,492 5 years ago
Name / Title Added Expires Hits Syntax  
2020-05-22 - malspam with zip files pushes Valak w... May 22nd, 20 Never 578 None -
2020-05-19 - Qakbot (Qbot) spx122 zip archive URLs May 19th, 20 Never 739 None -
2020-05-18 - Qakbot (Qbot) zip archive URLs May 18th, 20 Never 933 None -
2020-05-12 - Word docs with macros for Valak May 13th, 20 Never 997 None -
2020-05-06 (Wednesday) - Qakbot (Qbot) spx114 info May 6th, 20 Never 2,008 None -
2020-05-06 - XLS attachments from malspam pushing ... May 6th, 20 Never 1,286 None -
2020-05-05: Links to zip files for Qakbot spx112 &... May 5th, 20 Never 1,182 None -
2020-05-04 (Monday) - malspam with XLS file pushin... May 4th, 20 Never 1,044 None -
2020-05-01 - XLS file w/ macros pushes Loader EXE ... May 1st, 20 Never 1,023 None -
2020-04-30 - Link-based malspam pushing Dridex - 2... Apr 30th, 20 Never 1,078 None -
2020-04-27 - Malspam with password-protected zip a... Apr 28th, 20 Never 812 None -
2020-04-23 - URLs/hashes for Qakbot (Qbot) spx103 ... Apr 23rd, 20 Never 1,325 None -
2020-04-22 - URLs/hashes for Qakbot (Qbot) spx102 ... Apr 22nd, 20 Never 1,303 None -
2020-04-21 - URLs/hashes for Qakbot (Qbot) spx101 ... Apr 21st, 20 Never 1,195 None -
Trickbot EXE files from ".png" URLs on M... Apr 20th, 20 Never 2,213 None -
2020-04-20 - URLs/hashes for Qakbot (Qbot) spx100 ... Apr 20th, 20 Never 1,344 None -
2020-04-17: Trickbot gtag ono38 from password-prot... Apr 17th, 20 Never 1,977 None -
2020-04-17 - URLs/hashes for Qakbot (Qbot) spx99 f... Apr 17th, 20 Never 799 None -
2020-04-16 - URLs/hashes for Qakbot (Qbot) spx98 f... Apr 16th, 20 Never 1,565 None -
2020-04-15 - URLs/hashes for Qakbot (Qbot) spx97 f... Apr 15th, 20 Never 913 None -
2020-04-14 - URLs/hashes for Qakbot (Qbot) spx96 z... Apr 14th, 20 Never 1,120 None -
2020-04-13 - URLs/hashes for Qakbot (Qbot) spx95 z... Apr 13th, 20 Never 1,050 None -
Trickbot EXE files from ".png" URLs on F... Apr 10th, 20 Never 631 None -
2020-04-10 - Qakbot (Qbot) spx94 - 30 URLs for zip... Apr 10th, 20 Never 422 None -
2020-04-10 - malpsam pushes GuLodader/NanoCore RAT Apr 10th, 20 Never 3,208 None -
URLs with "/extend/" for Qakbot (Qbot) s... Apr 10th, 20 Never 891 None -
2020-04-08: OneDrive links to zip archives for Qak... Apr 9th, 20 Never 1,323 None -
URLs from VT on 2020-04-08 for Qakbot/Qbot zip arc... Apr 8th, 20 Never 2,181 None -
Trickbot EXE files from ".png" URLs on W... Apr 1st, 20 Never 1,332 None -
2020-03-30 - malspam pushing kpot stealer Mar 30th, 20 Never 1,614 None -
2020-03-17 - FedEx themed malspam pushes Dridex Mar 18th, 20 Never 1,340 None -
Trickbot EXE files from ".png" URLs on M... Mar 16th, 20 Never 836 None -
Trickbot EXE files from ".png" URLs on W... Mar 4th, 20 Never 794 None -
Trickbot EXE files from ".png" URLs on W... Feb 26th, 20 Never 1,562 None -
Trickbot EXE files from ".png" URLs on W... Feb 19th, 20 Never 1,542 None -
Trickbot EXE files from ".png" URLs on T... Feb 6th, 20 Never 1,941 None -
2020-02-03 - malspam with attachment for Emotet ep... Feb 3rd, 20 Never 2,276 None -
2020-02-03 - Malspam pushing Qbot (Qakbot) Feb 3rd, 20 Never 1,943 None -
Trickbot EXE files from .png URLs on Monday 2020-0... Feb 3rd, 20 Never 1,374 None -
Trickbot EXE from .png URLs on Monday 2020-01-27 Jan 27th, 20 Never 1,056 None -
2020-01-27 - Hancitor malspam example 2 of 2 Jan 27th, 20 Never 980 None -
2020-01-27 - Hancitor malspam example 1 of 2 Jan 27th, 20 Never 723 None -
2020-01-10: URLs for Trickbot seen from IcedID-inf... Jan 10th, 20 Never 874 None -
Info so far: Malware Traffic workshop for BSides T... Jan 8th, 20 Never 906 None -
Trickbot EXE from .png URLs on Wednesday 2020-01-08 Jan 8th, 20 Never 879 None -
Trickbot EXE from .png URLs as of Monday 2020-01-06 Jan 6th, 20 Never 1,353 None -
2020-01-03 - Word docs with macros (Ostap) possibl... Jan 3rd, 20 Never 176 None -
Trickbot EXE from .png URLs as of Thursday 2019-12-26 Dec 26th, 19 Never 1,323 None -
Trickbot EXE from .png URLs as of Thursday 2019-12-19 Dec 19th, 19 Never 712 None -
Trickbot EXE from .png URLs - Friday 2019-12-06 Dec 6th, 19 Never 856 None -
Trickbot EXE from .png URLs as of Wed 2019-12-04 Dec 5th, 19 Never 655 None -
Trickbot EXE from .png URLs - Tues 2019-12-03 Dec 3rd, 19 Never 1,081 None -
2019-12-02 - Hancitor info Dec 2nd, 19 Never 955 None -
Trickbot EXE from .png URLs - Thursday 2019-11-28 Nov 28th, 19 Never 1,399 None -
Trickbot EXE from .png URLs - Tuesday 2019-11-26 Nov 26th, 19 Never 1,029 None -
Trickbot EXE from .png URLs - Monday 2019-11-25 Nov 25th, 19 Never 566 None -
Trickbot EXE from .png URLs - Monday 2019-11-18 Nov 18th, 19 Never 790 None -
Trickbot EXE from .png URLs - Friday 2019-11-15 Nov 15th, 19 Never 1,078 None -
Trickbot EXE files seen from .png URLs on 2019-10-29 Oct 29th, 19 Never 1,534 None -
2019-10-09 - Hancitor acitivity Oct 9th, 19 Never 1,589 None -
2019-10-03 - Netsupport RAT malspam campaign Oct 4th, 19 Never 1,349 None -
2019-09-30 - Info from malspam pushing Shade ranso... Sep 30th, 19 Never 1,105 None -
2019-09-30 - example of malspam pushing Shade rans... Sep 30th, 19 Never 271 None -
Trickbot EXE files seen from .png URLs on 2019-09-25 Sep 25th, 19 Never 880 None -
2019-09-13 - Malspam pushing Shade ransomware Sep 13th, 19 Never 1,582 None -
2019-09-03 - Malspam with password-protected Word ... Sep 3rd, 19 Never 4,960 None -
2019-08-28 - File info from today's Ursnif infection Aug 28th, 19 Never 1,446 None -
2019-08-26 - files from Ursnif infection with Tric... Aug 26th, 19 Never 1,543 None -
2019-08-22: Trickbot EXEs associated with IcedID (... Aug 22nd, 19 Never 2,024 None -
2019-08-22 - info on malspam pushing Shade ransomware Aug 22nd, 19 Never 1,693 None -
2019-08-22 - malspam pushing Shade (Troldesh) rans... Aug 22nd, 19 Never 488 None -
2019-08-21 - malspam pushing Shade (Troldesh) rans... Aug 21st, 19 Never 1,342 None -
2019-08-21 - malspam pushing Shade (Troldesh) - 2 ... Aug 21st, 19 Never 211 None -
2019-08-21 - malspam pushing Shade (Troldesh) - 1 ... Aug 21st, 19 Never 212 None -
2019-08-19 - Trickbot binaries, "the PNGs" Aug 20th, 19 Never 1,337 None -
2019-08-12 - Trickbot EXEs from URLs ending with .png Aug 12th, 19 Never 1,031 None -
IcedID (Bokbot)-related Trickbot binaries seen on ... Aug 12th, 19 Never 1,125 None -
2019-07-30 - Trickbot binaries, "the PNGs" Jul 30th, 19 Never 849 None -
File hashes from Hancitor infection on Monday 2019... Jul 22nd, 19 Never 1,512 None -
2019-06-25 and 06-26 - Malspam pushing Trickbot (g... Jun 26th, 19 Never 2,213 None -
2019-06-20 - malspam pushing Nanocore RAT Jun 20th, 19 Never 1,054 None -
2019-06-13 - Malspam with XLS attachment Jun 13th, 19 Never 1,109 None -
2019-05-30 - PASSWORD-PROTECTED WORD DOCS FROM MAL... May 30th, 19 Never 1,547 None -
2019-05-28 - EXAMPLE OF EMOTET MALSPAM (2 OF 2) May 29th, 19 Never 1,526 None -
2019-05-28 - EXAMPLE OF EMOTET MALSPAM (1 OF 2) May 29th, 19 Never 1,683 None -
2019-05-20 - malspam pushing Lokibot May 20th, 19 Never 1,400 None -
2019-05-02 - Emotet malspam example May 2nd, 19 Never 1,782 None -
2019-04-24 - Emote malspam example Apr 24th, 19 Never 1,846 None -
New password-protected docs in malspam since 2018-... Apr 19th, 19 Never 929 None -
2019-04-19 - malspam pushing Danabot Apr 19th, 19 Never 753 None -
2019-04-16 - Trickbot malspam - gtag: sat43 Apr 16th, 19 Never 1,172 None -
2019-04-15 - Lokibot malspam example Apr 15th, 19 Never 1,981 None -
2019-04-04 - Example of Emotet malspam Apr 4th, 19 Never 1,647 None -
2019-04-03 - Hancitor malspam example Apr 3rd, 19 Never 1,188 None -
2019-04-01 - Active URLs for Emotet Apr 1st, 19 Never 1,053 None -
2019-03-25 - Rig EK landing page from 79.174.13.20 Mar 25th, 19 Never 1,241 None -
2019-03-18 - malspam pushing Trickbot (gtag: ono1) Mar 18th, 19 Never 839 None -
2019-03-14 - Info on Trickbot malspam wave Mar 14th, 19 Never 816 None -
2019-03-14 - Trickbot malspam example (gtag day2) Mar 14th, 19 Never 594 None -
2019-03-14 - Malware from password-protected Word doc Mar 14th, 19 Never 854 None -
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy. OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!
 
Top