PASTEBIN

GO API TOOLS FAQ DEALS

Name / Title	Added	Expires	Hits	Syntax
2020-05-22 - malspam with zip files pushes Valak w...	May 22nd, 20	Never	578	None	-
2020-05-19 - Qakbot (Qbot) spx122 zip archive URLs	May 19th, 20	Never	739	None	-
2020-05-18 - Qakbot (Qbot) zip archive URLs	May 18th, 20	Never	933	None	-
2020-05-12 - Word docs with macros for Valak	May 13th, 20	Never	997	None	-
2020-05-06 (Wednesday) - Qakbot (Qbot) spx114 info	May 6th, 20	Never	2,008	None	-
2020-05-06 - XLS attachments from malspam pushing ...	May 6th, 20	Never	1,286	None	-
2020-05-05: Links to zip files for Qakbot spx112 &...	May 5th, 20	Never	1,182	None	-
2020-05-04 (Monday) - malspam with XLS file pushin...	May 4th, 20	Never	1,044	None	-
2020-05-01 - XLS file w/ macros pushes Loader EXE ...	May 1st, 20	Never	1,023	None	-
2020-04-30 - Link-based malspam pushing Dridex - 2...	Apr 30th, 20	Never	1,078	None	-
2020-04-27 - Malspam with password-protected zip a...	Apr 28th, 20	Never	812	None	-
2020-04-23 - URLs/hashes for Qakbot (Qbot) spx103 ...	Apr 23rd, 20	Never	1,325	None	-
2020-04-22 - URLs/hashes for Qakbot (Qbot) spx102 ...	Apr 22nd, 20	Never	1,303	None	-
2020-04-21 - URLs/hashes for Qakbot (Qbot) spx101 ...	Apr 21st, 20	Never	1,195	None	-
Trickbot EXE files from ".png" URLs on M...	Apr 20th, 20	Never	2,213	None	-
2020-04-20 - URLs/hashes for Qakbot (Qbot) spx100 ...	Apr 20th, 20	Never	1,344	None	-
2020-04-17: Trickbot gtag ono38 from password-prot...	Apr 17th, 20	Never	1,977	None	-
2020-04-17 - URLs/hashes for Qakbot (Qbot) spx99 f...	Apr 17th, 20	Never	799	None	-
2020-04-16 - URLs/hashes for Qakbot (Qbot) spx98 f...	Apr 16th, 20	Never	1,565	None	-
2020-04-15 - URLs/hashes for Qakbot (Qbot) spx97 f...	Apr 15th, 20	Never	913	None	-
2020-04-14 - URLs/hashes for Qakbot (Qbot) spx96 z...	Apr 14th, 20	Never	1,120	None	-
2020-04-13 - URLs/hashes for Qakbot (Qbot) spx95 z...	Apr 13th, 20	Never	1,050	None	-
Trickbot EXE files from ".png" URLs on F...	Apr 10th, 20	Never	631	None	-
2020-04-10 - Qakbot (Qbot) spx94 - 30 URLs for zip...	Apr 10th, 20	Never	422	None	-
2020-04-10 - malpsam pushes GuLodader/NanoCore RAT	Apr 10th, 20	Never	3,208	None	-
URLs with "/extend/" for Qakbot (Qbot) s...	Apr 10th, 20	Never	891	None	-
2020-04-08: OneDrive links to zip archives for Qak...	Apr 9th, 20	Never	1,323	None	-
URLs from VT on 2020-04-08 for Qakbot/Qbot zip arc...	Apr 8th, 20	Never	2,181	None	-
Trickbot EXE files from ".png" URLs on W...	Apr 1st, 20	Never	1,332	None	-
2020-03-30 - malspam pushing kpot stealer	Mar 30th, 20	Never	1,614	None	-
2020-03-17 - FedEx themed malspam pushes Dridex	Mar 18th, 20	Never	1,340	None	-
Trickbot EXE files from ".png" URLs on M...	Mar 16th, 20	Never	836	None	-
Trickbot EXE files from ".png" URLs on W...	Mar 4th, 20	Never	794	None	-
Trickbot EXE files from ".png" URLs on W...	Feb 26th, 20	Never	1,562	None	-
Trickbot EXE files from ".png" URLs on W...	Feb 19th, 20	Never	1,542	None	-
Trickbot EXE files from ".png" URLs on T...	Feb 6th, 20	Never	1,941	None	-
2020-02-03 - malspam with attachment for Emotet ep...	Feb 3rd, 20	Never	2,276	None	-
2020-02-03 - Malspam pushing Qbot (Qakbot)	Feb 3rd, 20	Never	1,943	None	-
Trickbot EXE files from .png URLs on Monday 2020-0...	Feb 3rd, 20	Never	1,374	None	-
Trickbot EXE from .png URLs on Monday 2020-01-27	Jan 27th, 20	Never	1,056	None	-
2020-01-27 - Hancitor malspam example 2 of 2	Jan 27th, 20	Never	980	None	-
2020-01-27 - Hancitor malspam example 1 of 2	Jan 27th, 20	Never	723	None	-
2020-01-10: URLs for Trickbot seen from IcedID-inf...	Jan 10th, 20	Never	874	None	-
Info so far: Malware Traffic workshop for BSides T...	Jan 8th, 20	Never	906	None	-
Trickbot EXE from .png URLs on Wednesday 2020-01-08	Jan 8th, 20	Never	879	None	-
Trickbot EXE from .png URLs as of Monday 2020-01-06	Jan 6th, 20	Never	1,353	None	-
2020-01-03 - Word docs with macros (Ostap) possibl...	Jan 3rd, 20	Never	176	None	-
Trickbot EXE from .png URLs as of Thursday 2019-12-26	Dec 26th, 19	Never	1,323	None	-
Trickbot EXE from .png URLs as of Thursday 2019-12-19	Dec 19th, 19	Never	712	None	-
Trickbot EXE from .png URLs - Friday 2019-12-06	Dec 6th, 19	Never	856	None	-
Trickbot EXE from .png URLs as of Wed 2019-12-04	Dec 5th, 19	Never	655	None	-
Trickbot EXE from .png URLs - Tues 2019-12-03	Dec 3rd, 19	Never	1,081	None	-
2019-12-02 - Hancitor info	Dec 2nd, 19	Never	955	None	-
Trickbot EXE from .png URLs - Thursday 2019-11-28	Nov 28th, 19	Never	1,399	None	-
Trickbot EXE from .png URLs - Tuesday 2019-11-26	Nov 26th, 19	Never	1,029	None	-
Trickbot EXE from .png URLs - Monday 2019-11-25	Nov 25th, 19	Never	566	None	-
Trickbot EXE from .png URLs - Monday 2019-11-18	Nov 18th, 19	Never	790	None	-
Trickbot EXE from .png URLs - Friday 2019-11-15	Nov 15th, 19	Never	1,078	None	-
Trickbot EXE files seen from .png URLs on 2019-10-29	Oct 29th, 19	Never	1,534	None	-
2019-10-09 - Hancitor acitivity	Oct 9th, 19	Never	1,589	None	-
2019-10-03 - Netsupport RAT malspam campaign	Oct 4th, 19	Never	1,349	None	-
2019-09-30 - Info from malspam pushing Shade ranso...	Sep 30th, 19	Never	1,105	None	-
2019-09-30 - example of malspam pushing Shade rans...	Sep 30th, 19	Never	271	None	-
Trickbot EXE files seen from .png URLs on 2019-09-25	Sep 25th, 19	Never	880	None	-
2019-09-13 - Malspam pushing Shade ransomware	Sep 13th, 19	Never	1,582	None	-
2019-09-03 - Malspam with password-protected Word ...	Sep 3rd, 19	Never	4,960	None	-
2019-08-28 - File info from today's Ursnif infection	Aug 28th, 19	Never	1,446	None	-
2019-08-26 - files from Ursnif infection with Tric...	Aug 26th, 19	Never	1,543	None	-
2019-08-22: Trickbot EXEs associated with IcedID (...	Aug 22nd, 19	Never	2,024	None	-
2019-08-22 - info on malspam pushing Shade ransomware	Aug 22nd, 19	Never	1,693	None	-
2019-08-22 - malspam pushing Shade (Troldesh) rans...	Aug 22nd, 19	Never	488	None	-
2019-08-21 - malspam pushing Shade (Troldesh) rans...	Aug 21st, 19	Never	1,342	None	-
2019-08-21 - malspam pushing Shade (Troldesh) - 2 ...	Aug 21st, 19	Never	211	None	-
2019-08-21 - malspam pushing Shade (Troldesh) - 1 ...	Aug 21st, 19	Never	212	None	-
2019-08-19 - Trickbot binaries, "the PNGs"	Aug 20th, 19	Never	1,337	None	-
2019-08-12 - Trickbot EXEs from URLs ending with .png	Aug 12th, 19	Never	1,031	None	-
IcedID (Bokbot)-related Trickbot binaries seen on ...	Aug 12th, 19	Never	1,125	None	-
2019-07-30 - Trickbot binaries, "the PNGs"	Jul 30th, 19	Never	849	None	-
File hashes from Hancitor infection on Monday 2019...	Jul 22nd, 19	Never	1,512	None	-
2019-06-25 and 06-26 - Malspam pushing Trickbot (g...	Jun 26th, 19	Never	2,213	None	-
2019-06-20 - malspam pushing Nanocore RAT	Jun 20th, 19	Never	1,054	None	-
2019-06-13 - Malspam with XLS attachment	Jun 13th, 19	Never	1,109	None	-
2019-05-30 - PASSWORD-PROTECTED WORD DOCS FROM MAL...	May 30th, 19	Never	1,547	None	-
2019-05-28 - EXAMPLE OF EMOTET MALSPAM (2 OF 2)	May 29th, 19	Never	1,526	None	-
2019-05-28 - EXAMPLE OF EMOTET MALSPAM (1 OF 2)	May 29th, 19	Never	1,683	None	-
2019-05-20 - malspam pushing Lokibot	May 20th, 19	Never	1,400	None	-
2019-05-02 - Emotet malspam example	May 2nd, 19	Never	1,782	None	-
2019-04-24 - Emote malspam example	Apr 24th, 19	Never	1,846	None	-
New password-protected docs in malspam since 2018-...	Apr 19th, 19	Never	929	None	-
2019-04-19 - malspam pushing Danabot	Apr 19th, 19	Never	753	None	-
2019-04-16 - Trickbot malspam - gtag: sat43	Apr 16th, 19	Never	1,172	None	-
2019-04-15 - Lokibot malspam example	Apr 15th, 19	Never	1,981	None	-
2019-04-04 - Example of Emotet malspam	Apr 4th, 19	Never	1,647	None	-
2019-04-03 - Hancitor malspam example	Apr 3rd, 19	Never	1,188	None	-
2019-04-01 - Active URLs for Emotet	Apr 1st, 19	Never	1,053	None	-
2019-03-25 - Rig EK landing page from 79.174.13.20	Mar 25th, 19	Never	1,241	None	-
2019-03-18 - malspam pushing Trickbot (gtag: ono1)	Mar 18th, 19	Never	839	None	-
2019-03-14 - Info on Trickbot malspam wave	Mar 14th, 19	Never	816	None	-
2019-03-14 - Trickbot malspam example (gtag day2)	Mar 14th, 19	Never	594	None	-
2019-03-14 - Malware from password-protected Word doc	Mar 14th, 19	Never	854	None	-