| 1 |
2025-04-27 19:45
|
 saved_resource.html 964bfb0df30c1b2c912b3ca888401c60
AntiDebug AntiVM MSOffice File Code Injection RWX flags setting unpack itself Windows utilities Tofsee Windows |
1
https://www.googletagmanager.com/static/service_worker/54l0/sw_iframe.html?origin=https%3A%2F%2Fwww.criminalip.io
|
2
www.googletagmanager.com(142.250.206.232)
142.250.197.136
|
1
SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)
|
|
2.6 |
|
|
guest
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 2 |
2025-04-27 19:45
|
 ns.html 913cfcad96f29ecbdc2be3829f57df1c
AntiDebug AntiVM MSOffice File Code Injection RWX flags setting unpack itself Windows utilities Tofsee Windows |
1
http://cacerts.digicert.com/DigiCertGlobalRootG2.crt
|
2
cacerts.digicert.com(23.36.55.181)
23.219.19.250
|
1
SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)
|
|
2.6 |
|
|
guest
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 3 |
2025-04-27 03:43
|
 saved_resource.html 225a7db3e8f67ad247d27c5f966868ce
AntiDebug AntiVM MSOffice File Code Injection RWX flags setting unpack itself Windows utilities Tofsee Windows |
1
http://cacerts.digicert.com/DigiCertGlobalRootG2.crt
|
2
cacerts.digicert.com(23.36.55.181)
23.219.19.250
|
1
SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)
|
|
2.6 |
|
|
guest
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 4 |
2025-04-27 03:41
|
 saved_resource(1).html 225a7db3e8f67ad247d27c5f966868ce
AntiDebug AntiVM MSOffice File Code Injection RWX flags setting unpack itself Windows utilities Tofsee Windows |
1
http://cacerts.digicert.com/DigiCertGlobalRootG2.crt
|
2
cacerts.digicert.com(118.214.79.16)
23.219.19.250
|
1
SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)
|
|
2.6 |
|
|
guest
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 5 |
2025-04-27 03:36
|
 ns.html 6908be5f9af7451b1eac323a8d4ea094crashed |
|
|
|
|
0.2 |
|
|
guest
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 6 |
2025-04-27 03:35
|
 saved_resource.html 225a7db3e8f67ad247d27c5f966868ce
AntiDebug AntiVM MSOffice File Code Injection RWX flags setting unpack itself Windows utilities Tofsee Windows |
1
http://cacerts.digicert.com/DigiCertGlobalRootG2.crt
|
2
cacerts.digicert.com(118.214.79.16)
23.219.19.250
|
1
SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)
|
|
2.6 |
|
|
guest
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 7 |
2025-04-27 03:35
|
 saved_resource(1).html 225a7db3e8f67ad247d27c5f966868ce
AntiDebug AntiVM MSOffice File Code Injection RWX flags setting unpack itself Windows utilities Tofsee Windows |
|
|
1
SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)
|
|
2.2 |
|
|
guest
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 8 |
2025-04-27 03:31
|
 ns.html 6908be5f9af7451b1eac323a8d4ea094unpack itself crashed |
|
|
|
|
0.6 |
|
|
guest
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 9 |
2025-04-26 23:36
|
 saved_resource.html 225a7db3e8f67ad247d27c5f966868ce
AntiDebug AntiVM MSOffice File Code Injection RWX flags setting unpack itself Windows utilities Tofsee Windows |
|
|
1
SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)
|
|
2.2 |
|
|
Axel_jg
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 10 |
2025-04-26 05:18
|
 crt.sh _ 17871143715.html 74c35e2e383c67895720c74c8865176e
AntiDebug AntiVM PNG Format JPEG Format MSOffice File Malware Code Injection Malicious Traffic RWX flags setting unpack itself Windows utilities Tofsee Windows |
1
https://pkimet.al/lintcert
|
2
pkimet.al(104.21.53.154)
172.67.214.157
|
1
SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)
|
|
3.4 |
|
|
Axel_jg
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 11 |
2025-04-26 04:43
|
 VirusTotal - File - b424ad4b1f... 67567c791a65c4e6bfc0c243f2f58a58
CAPTCHA |
|
|
|
|
|
|
|
Axel_jg
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 12 |
2025-04-26 04:43
|
 VirusTotal - File - b424ad4b1f... 67567c791a65c4e6bfc0c243f2f58a58
CAPTCHA |
|
|
|
|
|
|
|
Axel_jg
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 13 |
2025-04-25 14:36
|
 Krośnieńska Podgląd wpisu po z... 1d72f3ec88125b35ade4a4e6cb1ff34b
AntiDebug AntiVM PNG Format MSOffice File JPEG Format Code Injection Creates executable files RWX flags setting unpack itself Windows utilities Tofsee Windows |
2
http://cacerts.digicert.com/DigiCertGlobalRootG2.crt
https://s.go-mpulse.net/boomerang/XZ4AH-ABKPW-SQPBC-CYWES-BCG6V
|
4
cacerts.digicert.com(23.36.55.181)
s.go-mpulse.net(23.49.224.182)
23.40.44.135
23.219.19.250
|
1
SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)
|
|
3.0 |
|
|
guest
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 14 |
2025-04-25 14:36
|
 Cała Historia wpisu _ Ceidg.go... 7afd76e5e6176885f83ff30c6bc655a6
AntiDebug AntiVM CAPTCHA MSOffice File PNG Format JPEG Format Code Injection Creates executable files RWX flags setting unpack itself Windows utilities Tofsee Windows |
2
http://cacerts.digicert.com/DigiCertGlobalRootG2.crt
https://s.go-mpulse.net/boomerang/XZ4AH-ABKPW-SQPBC-CYWES-BCG6V
|
4
cacerts.digicert.com(23.36.55.181)
s.go-mpulse.net(23.52.32.111)
23.36.55.181
104.75.0.91
|
1
SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)
|
|
3.0 |
|
|
guest
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 15 |
2025-04-25 14:35
|
 adorno Historia wpisu _ Ceidg.... e8ec7e7bc5ca5cccd39010824691836a
AntiDebug AntiVM CAPTCHA PNG Format JPEG Format MSOffice File Code Injection Creates executable files RWX flags setting unpack itself Windows utilities Tofsee Windows |
1
https://s.go-mpulse.net/boomerang/XZ4AH-ABKPW-SQPBC-CYWES-BCG6V
|
2
s.go-mpulse.net(23.49.224.182)
23.40.44.135
|
1
SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)
|
|
3.0 |
|
|
guest
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|