This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ** Miscellaneous Activity During 11-12/2022 ** | |
| -------------------------------------------------- | |
| Most Active Hosts: | |
| 185.150.24.102 | |
| Domains: | |
| autodeskst.com | |
| code.vlsualstudio.com | |
| thunder-blrd.com | |
| ever-note.net | |
| tor-project.pro | |
| tor-project.xyz | |
| trorlink.com | |
| slacks.life | |
| apple.com-login.org | |
| malwraebytes.com | |
| alwarebytes-download.org | |
| nicehash-miner.com | |
| metatrader5bot.com | |
| tnadingview.com | |
| getpillonline.com | |
| msi.afterburrner.com | |
| utorrem.com | |
| utotzjlw.shop | |
| utonsbla.shop | |
| utoisjf.shop | |
| Geforce Branded: | |
| ------------------------------- | |
| MasquerAd Domains: | |
| gfrce.nioiviidlia.site | |
| gfrce.niviiildia.site | |
| gfrce.nvidie.site | |
| gfrce.nlvldlia.site | |
| gfrce.niumvidia.site | |
| gfrce.nividdia.site | |
| gfrce.nvliadia.site | |
| gfrce.nviidliaa.site | |
| gfrce.nividia.site | |
| gfrce.ninnvidiia.site | |
| gifese.niqewvideia.site | |
| gifrse.nioowqevid.site | |
| goforse.nivoiuqweda.site | |
| frce.nvilldia.site | |
| n-vidia-download.website | |
| nvidla.eksplierense.site | |
| nvdla.expleiwrqse.site | |
| Malicious Domains: | |
| atilk.com | |
| alaskafurnaces.com | |
| addictionrecoverymarketing.com/gf/download.php | |
| Blender Branded: | |
| ------------------------------- | |
| MasquerAd Domains: | |
| blendem3d.org | |
| blender-3d.gecouae.com | |
| blendernim.com | |
| blendernip.com | |
| blendero.org | |
| blenderseb.com | |
| blendertew.com | |
| blendervas.com | |
| blendres.us | |
| blenndree3d.org | |
| bllender.art | |
| Malicious Domains: | |
| b1ender.org | |
| blendeer.pro | |
| blendemh.com | |
| blender-3d-link.me | |
| blender-app.net | |
| blender-download.com | |
| blender-download.org | |
| blender-studio.com | |
| blender3d.jmjbuyscars.com | |
| blender3d.kidsjollyclub.com | |
| blendere3d.com | |
| blenderer3d.com | |
| blenderer3d.org | |
| blenderm3d.org | |
| blenderon.org | |
| blenderone.org | |
| blendervam.com | |
| blenderz.click | |
| blendreorg.protoyak.com | |
| bleneder3d.com | |
| bleneder3d.org | |
| blenedere3d.org | |
| blenedre3d.com | |
| blenedrer3d.com | |
| blenedrer3d.org | |
| blenender3d.com | |
| blenerde3d.com | |
| blennder3d.com | |
| blenndere3d.com | |
| blenndere3d.org | |
| Grammarly Branded: | |
| ------------------------------- | |
| MasquerAd Domains: | |
| pierrelanscapes.com | |
| grammarly.harpsympitar.com | |
| grammalry.org | |
| Malicious Domains: | |
| grammartly.org | |
| gnammarly.com | |
| gramm-arly.com | |
| grarnrnarly.com | |
| Malware Payloads on Discord: | |
| ------------------------------- | |
| https://cdn.discordapp.com/attachments/1048930927843229779/1049365226543386708/Anydesctop_winx64.zip | |
| https://cdn.discordapp.com/attachments/1050403453924548608/1050403574372372490/Setup.zip | |
| https://cdn.discordapp.com/attachments/1001817794473631826/1043930645937799238/Setup.zip | |
| https://cdn.discordapp.com/attachments/1001817794473631826/1047282707727655003/SoftwareInstall.zip | |
| https://cdn.discordapp.com/attachments/1001817794473631826/1047720157981720608/SoftwareSetupFile.zip | |
| https://cdn.discordapp.com/attachments/1017336719412056084/1040643782057656330/DavinciResolve.zip | |
| https://cdn.discordapp.com/attachments/1023203506246660096/1047963139964162148/setupx64.zip | |
| https://cdn.discordapp.com/attachments/1023946433453375560/1042551427794473021/Mullvad.zip | |
| https://cdn.discordapp.com/attachments/1036597774722007101/1040361606938361856/Audacity.zip | |
| https://cdn.discordapp.com/attachments/1045112299033206857/1046691953439416402/Logitech_Setup.zip | |
| https://cdn.discordapp.com/attachments/1045112299033206857/1049819615875825774/Setup.zip | |
| https://cdn.discordapp.com/attachments/1045112299033206857/1050498324068847656/SetupSoftware.zip | |
| https://cdn.discordapp.com/attachments/1045435412446978130/1046016913211404418/Recuva_setup.zip | |
| https://cdn.discordapp.com/attachments/1045435412446978130/1047113681999253574/Recuva_setup.zip | |
| https://cdn.discordapp.com/attachments/1046429988326477837/1046512694888505385/SoftwareSetupFile.zip | |
| https://cdn.discordapp.com/attachments/1047145161274175561/1048065400195252307/TelegramDesktop.zip | |
| https://cdn.discordapp.com/attachments/1047926555432714312/1047927966677614683/SoftwareSetupFile.zip | |
| https://cdn.discordapp.com/attachments/1047926555432714312/1047930330578964510/SoftwareSetupFile.zip | |
| https://cdn.discordapp.com/attachments/1047926555432714312/1049631207157153822/SoftwareSetup.zip | |
| https://cdn.discordapp.com/attachments/1047926555432714312/1050423230571237426/SoftwareSetup.zip | |
| https://cdn.discordapp.com/attachments/1048349315208327230/1048958975405736016/Software_Setup_File.zip | |
| https://cdn.discordapp.com/attachments/1051608198123106406/1052241352257187861/SoftSetup.zip | |
| https://cdn.discordapp.com/attachments/813502613366505504/1044539598770032730/Setup.zip | |
| Malware Payloads on GitHub: | |
| ------------------------------- | |
| https://github.com/MyNameisVermux/softwarefree | |
| https://github.com/Dor4il135 | |
| https://github.com/tema010408/blender-3.3.1-windows-x64 | |
| Malware Payloads on Other Services (examples): | |
| ------------------------------- | |
| https://dc445.4sync.com/download/OLHybl-Y/Blender3D.exe | |
| https://www.dropbox.com/s/dl/1agwkpykqb88mh3/Grammarly.zip | |
| https://www.dropbox.com/s/efn2k8o1ab42t3d/uTorrent_client.zip?dl=1 | |
| https://onedrive.live.com/download?resid=B1281624EBDDC489!151&authkey=!AJVp_oY4Xf2P1ck | |
| https://plik.root.gg/file/MQxeAsl7yev4KKYk/9r4CV0z6Q6Ub0XwA/MSIAfterburnerSetup465.zip | |
| https://fileloadserver.ru/JjzfpjcN | |
| https://alaskafurnaces.com/R2Vmb3JjZUV4cGVyaWVuY2U=/MTY3MDk5MTE3Nw==/ | |
| https://atilk.com/MTY3MDk5NTUyMQ==/ | |
| Related Malware Virus-Total Reports: | |
| ------------------------------- | |
| https://www.virustotal.com/gui/file/2f77614f7f9953275be5fe9d0aa9958588e747e113ed4c4dc62b9a2500daa197/details | |
| https://www.virustotal.com/gui/file/94f59ead1363e4177f6496b1f0e94eec348ce83f2452d093c4b36e42400f1a9d/details | |
| https://www.virustotal.com/gui/file/3baf692a1589355af206f4e3886a09fe8997f0b62c78c1403556285eaba40e94/details | |
| https://www.virustotal.com/gui/file-analysis/MzgwY2QyZWRjNjQ2MWVlNGMzZmUwMGJjZjdjNGZiMWI6MTY3MDUxMDk2OA== | |
| https://www.virustotal.com/gui/file/a34eae42892af65277165e6120c3fd24862a018f24b982d88762c46158785374/behavior | |
| https://www.virustotal.com/gui/file/06556a278570098462fc52592e27e3ae1a6dfd279d4b737b8534f932a89beca9/details | |
| https://www.virustotal.com/gui/file/ffc0209d2e3f6454ba99f81a085a2ea62269c2c9bfb864e58cb8b0c469ae1377/ | |
| https://www.virustotal.com/gui/file/37c93873f34ffd989ab354eb535bb56b3fb997835c1ec6be7c2219217d8cefbe?nocache=1 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment