Malware-Traffic-Analysis.net



近期历史最近 100 条记录

2024-04-19	2024-04-18: Word macro --> SSLoad --> Cobalt Strike	
2024-04-18	2024-04-17: TA578 pushes SSLoad malware	
2024-04-16	2024-04-15: Contact Forms campaign leads to SSLoad malware	
2024-04-11	2024-04-09: Data dump from Latrodectus malware infection	
2024-04-11	2024-04-05: Data dump from Astaroth (Guildma) malware infection	
2024-04-05	2024-04-04: Koi Loader/Stealer activity	
2024-03-27	2024-03-26: Google ad leads to Matanbuchus infection with Danabot	
2023-08-11	2023-08-09 - .msix file --> IcedID (Bokbot) --> BackConnect and Keyhole VNC	
2023-08-05	2023-08-03 - Google ad --> TurboTax site --> DanaBot	
2023-08-02	2023-08-01 - Bandook infection	
2023-07-26	2023-07-25 - IcedID (Bokbot) from wave of malspam on 2023-07-24	
2023-07-15	2023-07-13 - IcedID (Bokbot) from malspam	
2023-07-15	2023-07-12 - Gozi/ISFB infection with Cobalt Strike	
2023-07-12	2023-07-11 - Files for an ISC diary (Loader activity for Formbook)	
2023-07-12	30 days of Formbook: Full List	
2023-07-08	2023-07-04 thru 2023-07-07 - AgentTesla to my honeypot email accounts	
2023-07-08	2023-07-04 - 30 days of Formbook: Day309, Tuesday 2023-07-04 - Formbook "MF6W"	
2023-07-04	2023-07-03 - 30 days of Formbook: Day 29, Monday 2023-07-03 - GuLoader Formbook "AU22"	
2023-07-04	2023-07-02 - 30 days of Formbook: Day 28, Sunday 2023-07-02 - "SY18"	
2023-07-04	2023-07-01 - 30 days of Formbook: Day 27, Saturday 2023-07-01 - "NES8"	
2023-07-01	2023-06-30 - 30 days of Formbook: Day 26, Friday 2023-06-30 - "S28Y"	
2023-06-30	2023-06-29 - 30 days of Formbook: Day 25, Thursday 2023-06-29 - "CS94"	
2023-06-30	2023-06-28 - IcedID (Bokbot) activity	
2023-06-29	2023-06-26 - Files for an ISC diary (Loader-style infection for Remcos RAT)	
2023-06-29	2023-06-28 - 30 days of Formbook: Day 24, Wednesday 2023-06-28 - "RX63"	
2023-06-28	2023-06-27 - 30 days of Formbook: Day 23, Tuesday 2023-06-27 - "FGH2"	
2023-06-27	2023-06-26 - 30 days of Formbook: Day 22, Monday 2023-06-26 - "G0E8"	
2023-06-27	2023-06-25 - 30 days of Formbook: Day 21, Sunday 2023-06-25 - "CX01"	
2023-06-27	2023-06-24 - 30 days of Formbook: Day 20, Saturday 2023-06-24 - version 3.8 "AK"	
2023-06-27	2023-06-23 - 30 days of Formbook: Day 19, Friday 2023-06-23 - "P1A4"	
2023-06-23	2023-06-22 - 30 days of Formbook: Day 18, Thursday 2023-06-22 - "K2L0"	
2023-06-23	Files for an ISC diary (obama271 Qakbot)	
2023-06-23	2023-06-21 - 30 days of Formbook: Day 17, Wednesday 2023-06-21 - ModiLoader for XLoader "NVP4"	
2023-06-21	2023-06-20 - 30 days of Formbook: Day 16, Tuesday 2023-06-20 - "F1W6"	
2023-06-20	2023-06-19 - 30 days of Formbook: Day 15, Monday 2023-06-19 - "CE18"	
2023-06-20	2023-06-18 - 30 days of Formbook: Day 14, Sunday 2023-06-18 - "JY05"	
2023-06-20	2023-06-17 - 30 days of Formbook: Day 13, Saturday 2023-06-17 - "MR04"	
2023-06-17	2023-06-16 - 30 days of Formbook: Day 12, Friday 2023-06-16 - "TFGP" (ISC diary)	
2023-06-16	2023-06-15 - 30 days of Formbook: Day 11, Thursday 2023-06-15 - "GA94"	
2023-06-15	2023-06-14 - 30 days of Formbook: Day 10, Wednesday 2023-06-14 - "J0C7"	
2023-06-14	2023-06-13 - 30 days of Formbook: Day 9, Tuesday 2023-06-13 - XLoader "MD8S"	
2023-06-13	2023-06-10 - 30 days of Formbook: Day 6, Saturday 2023-06-10 - "SN84"	
2023-06-13	2023-06-11 - 30 days of Formbook: Day 7, Sunday 2023-06-11 - GuLoader Formbook "XCHU"	
2023-06-13	2023-06-12 - 30 days of Formbook: Day 8, Monday 2023-06-12 - "EE2Q"	
2023-06-10	2023-06-09 - 30 days of Formbook: Day 5, Friday 2023-06-09 - GuLoader Formbook "V16R"	
2023-06-09	2023-06-08 - 30 days of Formbook: Day 4, Thursday 2023-06-08 - "T30K"	
2023-06-08	2023-06-07 - 30 days of Formbook: Day 3, Wednesday 2023-06-07 - "AE30"	
2023-06-07	2023-06-06 - 30 days of Formbook: Day 2, Tuesday 2023-06-06 - "CG62"	
2023-06-06	2023-06-05 - 30 days of Formbook: Day 1, Monday 2023-06-05 - "HE2A"	
2023-05-30	2023-05-29 - Pcap and malware for ISC Diary (ModiLoader/Remcos RAT)	
2023-05-27	2023-05-24 - Bye bye Pikabot... We're back to Qak! (obama264 Qakbot infection)	
2023-05-24	2023-05-23 - Pikabot infection with Cobalt Strike	
2023-05-24	2023-05-22 - Pikabot infection with Cobalt Strike	
2023-05-19	2023-05-17 - Knock knock... Guess who? It's Pikabot!	
2023-05-19	2023-05-10 - obama262 Qakbot (Qbot) infection with Cobalt Strike and Dark Cat VNC	
2023-05-19	2023-05-10 - IcedID (Bokbot) infection with Cobalt Strike and Keyhole VNC	
2023-05-05	2023-05-02 - Quick post: obama259 Qakbot (Qbot) infection with Dark Cat VNC	
2023-04-22	2023-04-19 - Quick post: Qakbot (Qbot) activity, distribution tags BB24 and obama254	
2023-04-15	2023-04-14 - Quick post: IcedID (Bokbot) activity	
2023-04-15	2023-04-13 - Metastealer infection	
2023-04-13	2023-04-12 - Quick Post: Qakbot (Qbot), distribution tag obama251	
2023-04-04	2023-04-03 - IoC update: Qakbot (Qbot) TCP port 65400 traffic changes IP address	
2023-04-01	2023-03-31 - Qakbot (Qbot), obama247 distribution tag	
2023-03-28	2023-03-24 - IcedID (Bokbot) with BackConnect traffic and Cobalt Strike	
2023-03-24	2023-03-22 - Emotet Epoch 4 activity	
2023-03-21	2023-03-17 - Emotet Epoch 5 activity	
2023-03-21	2023-03-16 - Epoch 5 activity: Emotet now also using OneNote files	
2023-03-10	2023-03-08 - IcedID (Bokbot) infection with BackConnect and VNC traffic	
2023-03-10	2023-03-06 - Gozi (ISFB/Ursnif) activity targeting Italy	
2023-03-08	2023-03-07 - Emotet infection with spambot traffic	
2023-03-03	2023-03-02 - Rig EK --> malware loader --> Redline Stealer	
2023-03-03	2023-02-27 - Files for ISC Diary: BB17 Qakbot	
2023-02-24	2023-02-23 - Files for ISC Diary: URL files and WebDAV used for IcedID (Bokbot)	
2023-02-14	2023-02-13 - IcedID (Bokbot) from fake Microsoft Teams page	
2023-02-09	2023-02-07 - OneNote file pushes unidentified malware	
2023-02-04	2023-02-03 - DEV-0569: Google ad --> FakeBat Loader --> Redline Stealer and Gozi/ISFB	
2023-02-01	2023-01-31 - BB12 Qakbot (Qbot) with Cobalt Strike and VNC traffic	
2023-01-24	2023-01-23 - Google ad --> Fake AnyDesk page --> possible TA505 activity	
2023-01-19	2023-01-16 - IcedID (Bokbot) with Backconnect and VNC and Cobalt Strike	
2023-01-19	2023-01-18 - Google ad --> Fake Libre Office page --> IcedID (Bokbot) --> Cobalt Strike	
2023-01-18	2023-01-16 - Google ad --> Fake 7-Zip page --> Malicious .msi file	
2023-01-18	2023-01-12 - IcedID (Bokbot) infection with Cobalt Strike	
2023-01-13	2023-01-05 - Infection from AgentTesla variant, possibly OriginLogger	
2023-01-06	2023-01-03 and 01-04 - Astaroth (Guildma) malware infections	
2023-01-06	2023-01-02 - Bringing in the new year	
2023-01-04	2023-01-03 - Google ad --> fake Notepad++ page --> Rhadamanthys Stealer	
2022-12-29	2022-12-28 - Link from USPS-themed malspam pushes NetSupport RAT	
2022-12-23	2022-12-21 - Files for an ISC diary (malicious Google ads)	
2022-12-23	2022-12-20 - IcedID (Bokbot) infection with Cobalt Strike	
2022-12-15	2022-12-14 - Pcap and malware for an ISC diary (IcedID)	
2022-12-10	2022-12-09 - HTML smuggling leads to Qakbot (Qbot), distribution/botnet tag: azd	
2022-12-08	2022-12-07 - Bumblebee infection with Cobalt Strike	
2022-12-02	2022-12-01 - Files for an ISC diary (obama224 Qakbot)	
2022-11-29	2022-11-28 - BB08 Qakbot (Qbot) infection with Cobalt Strike and VNC traffic	
2022-11-29	2022-11-21 and 11-22 - AgentTesla and Remcos RAT from malspam	
2022-11-22	2022-11-11 - IcedID (Bokbot) infection with VNC traffic	
2022-11-19	2022-11-14 - obama221 Qakbot (Qbot) infection with Cobalt Strike and VNC traffic	
2022-11-19	2022-11-03 - Emoet infection with IcedID (Bokbot)	
2022-11-19	2022-11-17 - Bumblebee infection	
2022-11-19	2022-11-07 - Emotet (epoch 4) infection with IcedID (Bokbot) and Bumblebee malware	