← Back to Pulse Feed
PULSE DETAIL
PULSE NAME
doc document-macro.doc
WHITE Arek-BTC 2025-06-27 Modified: 2025-10-01
413
IOCs
HIGH VOLUME
https://www.virustotal.com/gui/file/02dad9ca41f47e219a369cd5b8998ae5eb32f214105c3af01fd0cda6218f33a6/details
tempmatches rulerule setgithubusernextronsnortnumbercus subjectstwa lredmondmalwarepowershelldatecriticalpathinfopingdownloadtrustedpath uacbypass patternuac bypassrothsystem32createdvadim khrykovthreatintelcyb3rengrulechild processwordexcelpowerpointpublishervisiomarkus neishomenetexternalnethttpportswatson errorstageonereleasedbartblazeoffice version
MITRE ATT&CK & Malware Families
ATT&CK TECHNIQUES
Indicators of Compromise (413)
All CVE FileHash-MD5 FileHash-SHA1 FileHash-SHA256 URL domain hostname YARA
TYPEINDICATORDESCRIPTIONCREATED
CVE CVE-2012-0756 2025-06-27
CVE CVE-2016-0947 2025-06-27
CVE CVE-2016-1087 2025-06-27
CVE CVE-2016-4126 2025-06-27
CVE CVE-2016-6804 2025-06-27
CVE CVE-2021-42292 2025-06-27
FileHash-MD5 00006109110000000000000000f01fec 2025-06-27
FileHash-MD5 00006109f10090400000000000f01fec 2025-06-27
FileHash-MD5 00006109f100a0c00000000000f01fec 2025-06-27
FileHash-MD5 00006109f100c0400000000000f01fec 2025-06-27
FileHash-MD5 0136eea3c5c1db040bbb4272dfa05234 2025-06-27
FileHash-MD5 01b4edcf03c143e4793454cc8b37a96d 2025-06-27
FileHash-MD5 03682df0978fcc64e83eb5af9aaeba21 2025-06-27
FileHash-MD5 0bc77486a266bf84fae259379c82967f 2025-06-27
FileHash-MD5 0d692e8379026b8448157bd6d7916f3e 2025-06-27
FileHash-MD5 115682e35c354a747ab19a8b37511a7e 2025-06-27
FileHash-MD5 123a732343ff9b945be4cb85c922d77e 2025-06-27
FileHash-MD5 1a31077a24a584c4984dc332f0e08910 2025-06-27
FileHash-MD5 1cc1f61f05eda1948816e2a04270a20c 2025-06-27
FileHash-MD5 1d54092ca66f47143bc7720dee6c1520 2025-06-27
FileHash-MD5 28a2c9bd18a11de089ef85a160da29e4 2025-06-27
FileHash-MD5 2921d0d2052c0124ca0823230a7cf03c 2025-06-27
FileHash-MD5 2a8f3f35080ee3e48a4e69a1726b20c9 2025-06-27
FileHash-MD5 2e6d33df58b7a854083e8402a99d91b9 2025-06-27
FileHash-MD5 304137362b940964cb6a957a63031f9b 2025-06-27
FileHash-MD5 367fdad231c52a2650d8f114432b1301 2025-06-27
FileHash-MD5 36d231b8c6e063566c980162937d2ab2 2025-06-27
FileHash-MD5 379e92cc2cb71d119a12000a9ce1a22a 2025-06-27
FileHash-MD5 39852b3e9e8b1eb48ae06d034a14262d 2025-06-27
FileHash-MD5 3e5fbf3af96fd7108226fce6522c5e40 2025-06-27
FileHash-MD5 4608b75c85eb92e4b9c78c18c52f177b 2025-06-27
FileHash-MD5 46ff8d92c641ed4469a6364c3df80f53 2025-06-27
FileHash-MD5 49a2b0ff5e149204b8a8ff1e28d32963 2025-06-27
FileHash-MD5 5ce9cdcb77837c5b314809ab59f16eb0 2025-06-27
FileHash-MD5 648465df56ea66345bb2567b0f873be7 2025-06-27
FileHash-MD5 7ab2f5895721d914cb4e0d8702f999a9 2025-06-27
FileHash-MD5 7cb1f848e4e6b14c90f1216e27080794 2025-06-27
FileHash-MD5 7e7133ce0db89f148818c6e45d79bfdc 2025-06-27
FileHash-MD5 854320e5cd315974bb230446f54f012b 2025-06-27
FileHash-MD5 86fdd2c8637365c489beb6dc30e9fbb7 2025-06-27
FileHash-MD5 8741f187b4431884f851c69ee93ccc80 2025-06-27
FileHash-MD5 87b9bed0515be16c82bdc44d88a4a0ec 2025-06-27
FileHash-MD5 8e982b78d763473478502181932c13e0 2025-06-27
FileHash-MD5 91911cc5aa25ba64abaaa692e02f2d30 2025-06-27
FileHash-MD5 986571066668055ae9481cb84fda634a 2025-06-27
FileHash-MD5 9bcf244f508b5e84d97ce5b20ed48ac1 2025-06-27
FileHash-MD5 a0e9f5d64349fb13191bc781f81f42e1 2025-06-27
FileHash-MD5 a5f07dec661bf284ea6075da5f525baa 2025-06-27
FileHash-MD5 b26b9af8bad890f4d8af1b5efab27e4f 2025-06-27
FileHash-MD5 b677083c9768d0548331fca998152a10 2025-06-27
FileHash-MD5 c80e91f77d2396f49a9b971548befec8 2025-06-27
FileHash-MD5 e1c7a107880935e48bf2271b25500a01 2025-06-27
FileHash-MD5 e2804c1692e9f684cacc9e114f49c8bb 2025-06-27
FileHash-MD5 e29400ab2b7aa47439822edb9310c437 2025-06-27
FileHash-MD5 e2b67db4a7f7f982fd0727fa993f9f03 2025-06-27
FileHash-MD5 e40100b0f7ed50a4aabea3dc36a2f6a6 2025-06-27
FileHash-MD5 e8df4aebdd158ae438c8f2f6d20ad7ac 2025-06-27
FileHash-MD5 ee4121e3a9b6a8046b31dd1157f16447 2025-06-27
FileHash-MD5 f2a96f92c36218030b7cf2462e1a62dd 2025-06-27
FileHash-MD5 f95f18d8a26eb50bfc71327c1f1a451a 2025-06-27
FileHash-MD5 fc13f6cb32f33ec80b3175dc5a9a71b1 2025-06-27
FileHash-SHA1 0b3647635b8dfea9fec9c2cc50383084bb5595f6 2025-06-27
FileHash-SHA1 727079af13cd023487a87200f9ed7a9965e61445 2025-06-27
FileHash-SHA1 773ff57d1867afae0f8da1127a6e7d2c3c74762a 2025-06-27
FileHash-SHA1 a6fb63b78305938d16305c35a56b89afdb15c2ee 2025-06-27
FileHash-SHA1 c9a1663e6338f1b053fb3e5fcf84ec5a847b8ce4 2025-06-27
FileHash-SHA1 d460ae9cbb1a60d035bc0b47a0b9b1e514b6d6c2 2025-06-27
FileHash-SHA1 f4526803f5ac2748e787eaf1c5603d07c0e71d57 2025-06-27
FileHash-SHA256 02dad9ca41f47e219a369cd5b8998ae5eb32f214105c3af01fd0cda6218f33a6 2025-06-27
FileHash-SHA256 0911757eecca98408c993fe80fb4a0aae51014dfac81bb318f51d22292f91ed7 2025-06-27
FileHash-SHA256 1b968aa9812c986d5a9ac607ead96fdfd26a6547f13234e825bdc4ef01caf2a3 2025-06-27
FileHash-SHA256 71739bea66f1dee0789a7675add098123ec0e8e45eb74d707f6412b28fcbae81 2025-06-27
FileHash-SHA256 7973c1386416c251569acc3cdbfe04da848262a9a2da998f915e000bfd6b52b3 2025-06-27
FileHash-SHA256 a7258160ab789f0bc4c83aff28218307fcf5f3ea12f6e4c747b859e0c8714444 2025-06-27
FileHash-SHA256 b6e52f37fed16ad6d320823cf3ed4033610f61eb915aac2a861440ddebc4777f 2025-06-27
FileHash-SHA256 bd9de870d21c8a5336adc759ebfb740e105764810dd4b5b88bca6213c9133cd7 2025-06-27
FileHash-SHA256 d3ab94fdc32b10903ad444f6f3518f93c3d7348fb945168dd8140c74bb7d7e26 2025-06-27
FileHash-SHA256 eb7806d9dc3d2abf82a061709bcd9db8dd98fa060e66daf6820d1fa81bb5b845 2025-06-27
FileHash-SHA256 ed85105c65f81ec015215b76ecbd46bee4caaa17ad716393dfd15d5dcd57a3e4 2025-06-27
URL http://104.71.218.136:443 2025-06-27
URL http://23.195.81.40:443 2025-06-27
URL http://34.149.100.209:443 2025-06-27
URL http://34.160.144.191:443 2025-06-27
URL http://5.42.79.83/Loader.exe 2025-06-27
URL http://5.42.79.83/version.dll 2025-06-27
URL http://5.42.79.83/version.dllUUC: 2025-06-27
URL http://5.42.79.83/version.dlllu 2025-06-27
URL http://5.42.79.83/version.dllsystemreset.exeSystemSettingsAdminFlows.exeversion.dllWindows 2025-06-27
URL http://5.42.79.83:80 2025-06-27
URL http://52.109.89.119:443 2025-06-27
URL http://52.111.227.13:443 2025-06-27
URL http://52.111.236.24:443 2025-06-27
URL http://52.165.165.26:443 2025-06-27
domain oscd.community 2025-06-27
URL http://crl.securetrust.com/STCA.crl0 2025-06-27
URL http://watson.microsoft.com/StageOne/Generic/AppHangB1/WINWORD_EXE/12_0_4518_1014/45428028/a22e/0.htm?LCID=1033&OS=6.1.7601.2.00010100.1.0.48.17514&SM=LENOVO&SPN=64755N2&BV=6FET56WW%20 2025-06-27
URL http://schemas.xmlsoap.org/wsdl/ 2025-06-27
URL http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name 2025-06-27
URL http://schemas.xmlsoap.org/soap/encoding/ 2025-06-27
hostname prod.content-signature-chains.prod.webservices.mozgcp.net 2025-06-27
hostname prod.remote-settings.prod.webservices.mozgcp.net 2025-06-27
URL http://52.109.76.243:443 2025-06-27
URL http://188.234.145.154:80 2025-06-27
URL http://185.5.161.210:443 2025-06-27
URL http://95.100.107.155:443 2025-06-27
hostname binaries.templates.cdn.office.net 2025-06-27
FileHash-SHA256 030de1cee397384df45ac9fd0df77a27b6dd9f891fa24cc61a287897952fd8b6 2025-06-27
FileHash-SHA256 17a603736d6482871d9c568d6ced81deab686825d8ec1a6fb8e9732a33107ee8 2025-06-27
FileHash-SHA256 1bfea8bc61f32ee0f274627b9e05c89842158ba610d85b2489c448fca2fbaf20 2025-06-27
FileHash-SHA256 4f97fba5085cc399510190030c3fc2abf8a09a55e46c1012b88791f1230a2977 2025-06-27
FileHash-SHA256 5330ae7ba0c65b60034d448095d6e54791a7369f8354716864ccdb6b85b64067 2025-06-27
FileHash-SHA256 5ece87e6a1000e763ea0f3241b7ad96635d3b01411e1440a228a63a75d1cacd1 2025-06-27
FileHash-SHA256 72b8125d582317620eecb3f71ebe861e38cb8a4b5d8052d92bafd4c894254802 2025-06-27
FileHash-SHA256 83624891f9d37159c2237f29d1baa6870cb764983935c214a58870db1f6685fa 2025-06-27
FileHash-SHA256 a23997269966618c850cad042ea5d434049348477bf80d371b12bd4d65f016c0 2025-06-27
FileHash-SHA256 ada1817271509952c2fd614fb99a6b16af885dcf747f7e4ca624561ede7cb756 2025-06-27
FileHash-SHA256 ae12367316519ad1ae06eba138fafa49b24828c43cc9eaa1266bffd944539661 2025-06-27
FileHash-SHA256 b3d8156ef882d7a46ba164c00b353f04e0d0dcfe8181ccc1b49aa08cd40b4bd3 2025-06-27
FileHash-SHA256 c69c87763a482143fc828c8b607d8a1ff4cef2a540f889d2afa2c8fa3e7b6a66 2025-06-27
FileHash-SHA256 c69da47a175ecb8d678124b469f056a1e2e59059d6e0d023c155688ba693ba8b 2025-06-27
FileHash-SHA256 c7d81ce5dc6a35ee9de92b7d9548865c3b098a67996846c62644d809121461c0 2025-06-27
FileHash-SHA256 d41e7f9638cdb5e8eb6b830c1a0c890d1a788a463da5c792d2790b041fb22e13 2025-06-27
FileHash-SHA256 d5dd088b88cd07f72c1d25763095f8d4d63e3334c5805197827e0d03a8c4c15b 2025-06-27
FileHash-SHA256 d754fbcc6c39bd97843f3b0c6e8e8aa89a697a93ecb4480270c1f0988a77f4fe 2025-06-27
FileHash-SHA256 ebc5eb333552f3e1c74f8fee217515c08f9f69d257b5b1a8bcffee6c0ada5a5b 2025-06-27
FileHash-SHA256 fffdef241a9641fcb8f7b1362ae94b88e3ecc1689b25bb2dcaea063e754499ca 2025-06-27
hostname bqicfrchkdfspkcxrdii.gtr.ing.gke.certsbridge.com 2025-06-27
hostname igtv-media-type-config.crispdev.com 2025-06-27
hostname stg-shopee-food-api.highlands.vtijs.cloud 2025-06-27
URL https://5.42.79.83/Loader.exe 2025-06-27
FileHash-SHA256 2bd3fa299cbe8a177977a5577aeea179b328061ee6157207f49de4043d1a25fb 2025-06-27
FileHash-SHA256 74d1027d92ae26282b409bdc5cffc382f20a838bbb102b0ee75b7d3b7175afe1 2025-06-27
FileHash-SHA256 a87e502d47dcf2cd7d4b09a6ba1e3756e272a7afc53c89063bd5c4f43520a0dd 2025-06-27
FileHash-SHA256 db6a987eaeca62d9fda98a70fc93e95c047cb7601bfb3409fe228d0a5228c30e 2025-06-27
FileHash-SHA256 f259a3cd664f560ed3d7e7ca021e8b41be00fb4f1306fe6c9e050615e14ebc95 2025-06-27
FileHash-SHA256 379613e6526adb1f92a4bef36e2907f7365b979359efdac5b5e5f4c8bff37bd2 2025-06-27
URL https://oscd.community/sprints/sprint_2.html 2025-06-27
FileHash-SHA256 00b1115fea6f9f8eecc7892fb8fac1c811ba409194d990f8d6f7623154b0119d 2025-06-27
FileHash-SHA256 067860f421fb797a387625cf50ca690b1c34573fdd471571689bd5700477aec4 2025-06-27
FileHash-SHA256 06c13b6c43709bdeeefb7fb7bd7f2f57b4387946ab76d2a53b1f0e13e3845d03 2025-06-27
FileHash-SHA256 0ba46a3bda93f50a567887e2c6df97663bf290352654dbf103236d3f6ab0bfab 2025-06-27
FileHash-SHA256 116e2dda003935f4b966f0f56b92331df67cd1185850c5ca3479c43e66e13cbd 2025-06-27
FileHash-SHA256 1601bcbb8abff758b06bbddb98799f0a3fac5689e05344bb7c0b0203bbb17c68 2025-06-27
FileHash-SHA256 42c176dc8e536bc238b7d92184ab72dd09a928bbc2809313c43a3aa36265fb3d 2025-06-27
FileHash-SHA256 4a48212f24576719180200524a50b9ec569d56a5d146cb2052ba0ead391bdaee 2025-06-27
FileHash-SHA256 4b8046f8ee1efdf592718fff9e6f31c801086997acdab19f19d44af92f22cd93 2025-06-27
FileHash-SHA256 59071831155183d8b6763a6a36a6df0319e7c1d213009446e32ac9d5041a7bc0 2025-06-27
FileHash-SHA256 59feaae75bfee9454a5b1302c4a85926a24890cf55ddaabe17e2696936eeb944 2025-06-27
FileHash-SHA256 5c37a0695712c4980420b912424448762fb88d9770db04e05b1f32f034a1dae4 2025-06-27
FileHash-SHA256 609c048a6dde8808c1e50723151afad7206ac51fa356052c0a2f501548eff2dc 2025-06-27
FileHash-SHA256 69939615068b736f2710b32b0fd689243f5924beb494ed1553ae38a8fbf5ff6f 2025-06-27
FileHash-SHA256 7a236394f33398eb89592936023282a375602573a865ba5d5c1c078afd9543f5 2025-06-27
FileHash-SHA256 a6054ac13a36dceb09c8fdeaf9f759f2a38d272f1f5546e35e2c8c29c2323fca 2025-06-27
FileHash-SHA256 bc5629c19592b83e02212b3cde0e2b88d6b3b7bde4a4bce3cc545ac1fe2b0c7e 2025-06-27
FileHash-SHA256 c7e9cf64590ae79e16bc9b8ca5e368f2513c8691c0720008d00970c59f7e78b3 2025-06-27
FileHash-SHA256 db40e3ab0668ee632c4a0e83eaddad5b218e8e46828528342c0f26bcc86a062b 2025-06-27
FileHash-SHA256 2ec56a2ba611353abc09c497cf6c4551782078a987cc340b4fe0036b161029df 2025-06-27
FileHash-SHA256 a102b4e74542b8ed61bbe3004813cab2020cb2dd8b8ee2e729d81a82552164d3 2025-06-27
FileHash-SHA256 a981d4c4461a8b81586e6517821ba05547c9a829ba9aeabe804ba1100e8ce030 2025-06-27
FileHash-SHA256 c2cde99d6c8d09018ed3b8a9a436ded662b8788d689e4620ea4b7bfd2ae44e20 2025-06-27
FileHash-SHA256 dfb3f99f97279e501fe8dd5579374e32a74745e0ba46426db87610d909c6aa38 2025-06-27
FileHash-SHA256 f0f8e8007cfdd95847c54d430eec7f1f49af2052dfec11d2e1df7403a3ea7396 2025-06-27
FileHash-SHA256 f1925879edc0fe84b807da664986ad16885289ac26ce9cca15322f3dd6cd6634 2025-06-27
FileHash-SHA256 f645d4b393b662d596ae7d8a797733d18ff2762cc4b2af01e87029f8e5453fc9 2025-06-27
domain certsbridge.com 2025-06-27
domain vtijs.cloud 2025-06-27
domain crispdev.com 2025-06-27
hostname airflow.engineering.vtijs.cloud 2025-06-27
hostname api.dcorp.vtijs.cloud 2025-06-27
hostname erp.highlands.vtijs.cloud 2025-06-27
hostname grafana.engineering.vtijs.cloud 2025-06-27
hostname id.dcorp.vtijs.cloud 2025-06-27
hostname kitchen-api.highlands.vtijs.cloud 2025-06-27
hostname kitchen-ui.highlands.vtijs.cloud 2025-06-27
hostname momo-api.highlands.vtijs.cloud 2025-06-27
hostname report.dcorp.vtijs.cloud 2025-06-27
hostname shopee-food-api.highlands.vtijs.cloud 2025-06-27
hostname stg-erp.highlands.vtijs.cloud 2025-06-27
hostname stg-grab-api.highlands.vtijs.cloud 2025-06-27
hostname stg-momo-api.highlands.vtijs.cloud 2025-06-27
hostname stg-promo-ui.highlands.vtijs.cloud 2025-06-27
hostname stg-refund-ui.highlands.vtijs.cloud 2025-06-27
hostname stg-two-api.highlands.vtijs.cloud 2025-06-27
hostname stg-vani-api.highlands.vtijs.cloud 2025-06-27
hostname two-api.highlands.vtijs.cloud 2025-06-27
hostname vani-api.highlands.vtijs.cloud 2025-06-27
hostname zalo-api.highlands.vtijs.cloud 2025-06-27
URL http://cdn.highlands.vtijs.cloud/ 2025-06-27
URL http://stg-shopee-food-api.highlands.vtijs.cloud 2025-06-27
URL https://stg-shopee-food-api.highlands.vtijs.cloud 2025-06-27
hostname bg0325-messages.crispdev.com 2025-06-27
hostname g10-auth.crispdev.com 2025-06-27
hostname g14-auth.crispdev.com 2025-06-27
hostname g15-auth.crispdev.com 2025-06-27
hostname jm-250312-config.crispdev.com 2025-06-27
hostname jm-250313.crispdev.com 2025-06-27
hostname ms-mar-1-task.crispdev.com 2025-06-27
hostname nightly-auth.crispdev.com 2025-06-27
hostname nightly-config.crispdev.com 2025-06-27
hostname peter-jan25-2-config.crispdev.com 2025-06-27
hostname provisioning-test-1-auth.crispdev.com 2025-06-27
hostname provisioning-test-1-config.crispdev.com 2025-06-27
hostname provisioning-test-1-messages.crispdev.com 2025-06-27
hostname provisioning-test-1.crispdev.com 2025-06-27
hostname provisioning-test-2-auth.crispdev.com 2025-06-27
hostname provisioning-test-2-messages.crispdev.com 2025-06-27
hostname provisioning-test-3-config.crispdev.com 2025-06-27
hostname tm130325-messages.crispdev.com 2025-06-27
URL http://g10-auth.crispdev.com/ 2025-06-27
URL http://g15-auth.crispdev.com/ 2025-06-27
URL http://marv-090424-auth.crispdev.com/ 2025-06-27
URL http://marv-210224-auth.crispdev.com/ 2025-06-27
URL http://mt-april-bgrole2-auth.crispdev.com/ 2025-06-27
URL http://provisioning-test-1-auth.crispdev.com/ 2025-06-27
URL http://provisioning-test-1.crispdev.com/ 2025-06-27
URL http://sd11-auth.crispdev.com/ 2025-06-27
URL https://g10-auth.crispdev.com/ 2025-06-27
URL https://g15-auth.crispdev.com/ 2025-06-27
URL https://marv-210224-auth.crispdev.com/ 2025-06-27
URL https://mt-april-bgrole2-auth.crispdev.com/ 2025-06-27
URL https://mt-stab-1.crispdev.com/ 2025-06-27
URL https://mt-stab-1.crispdev.com/ui/ 2025-06-27
URL https://provisioning-test-1-auth.crispdev.com/ 2025-06-27
URL https://provisioning-test-1-task.crispdev.com/ 2025-06-27
URL https://provisioning-test-1.crispdev.com/ 2025-06-27
URL https://provisioning-test-3-config.crispdev.com/ 2025-06-27
URL https://sd11-auth.crispdev.com/ 2025-06-27
URL https://sn-embedapi-0423-auth.crispdev.com/ 2025-06-27
hostname bxksspxxoc.ctn.le.multisan.pr.ap.gtr.certsbridge.com 2025-06-27
hostname cf6d042e-bc80-4.prow.gkemanagedcerts.certsbridge.com 2025-06-27
hostname cfdttuntwt.ctn.gts.multisan.pr.ap.gtr.certsbridge.com 2025-06-27
hostname dcbgvuptvj.ctn.le.multisan.pr.ap.gtr.certsbridge.com 2025-06-27
hostname dqrclaaakh.ctn.gts.multisan.pr-mec2.ap.gtr.certsbridge.com 2025-06-27
hostname gtr.certsbridge.com 2025-06-27
hostname lxewftohsbcsjrpfemeg.guitar.gkemanagedcerts.certsbridge.com 2025-06-27
hostname mdp.certsbridge.com 2025-06-27
hostname njcbvkuecreoddlrgnos.guitar.gkemanagedcerts.certsbridge.com 2025-06-27
hostname pr.ap.gtr.certsbridge.com 2025-06-27
hostname qoituenlha.ctn.mpdv.fallback.pr.v2.zoo.gtr.certsbridge.com 2025-06-27
hostname st.ap.gtr-dev.certsbridge.com 2025-06-27
hostname vwwyyinjiybsbwpeiroc.guitar.gkemanagedcerts.certsbridge.com 2025-06-27
hostname xnnmtmugltjjnnkpblji.gtr.gw.gke.certsbridge.com 2025-06-27
URL http://acmeproxy-md.certsbridge.com/ 2025-06-27
URL http://cfdttuntwt.ctn.gts.multisan.pr.ap.gtr.certsbridge.com/ 2025-06-27
URL http://cfokxjsjtgxsovwsomjl.guitar.gkemanagedcerts.certsbridge.com/ 2025-06-27
URL http://iwmyueybnymykyxndktd.guitar.gkemanagedcerts.certsbridge.com/ 2025-06-27
URL http://sub1.ccm-breakit.certsbridge.com/ 2025-06-27
URL http://tdkanffeggskpvbyxobp.guitar.gkemanagedcerts.certsbridge.com/ 2025-06-27
URL http://ttbbbnynoh.ctn.le.multisan.pr.ap.gtr.certsbridge.com/ 2025-06-27
URL http://ufn.le.multisan.st.ap.gtr-dev.certsbridge.com/ 2025-06-27
URL http://ureubjffkydeulelitmd.gtr.ing.gke.certsbridge.com 2025-06-27
URL https://acpxufxujo.ctn.gts.multisan.pr.ap.gtr.certsbridge.com/ 2025-06-27
URL https://ap.gtr.certsbridge.com/ 2025-06-27
URL https://guitar.gkemanagedcerts.certsbridge.com/ 2025-06-27
URL https://ssfctgxcsqaxcusucspg.gtr.ing.gke.certsbridge.com/ 2025-06-27
URL https://sub1.ccm-breakit.certsbridge.com/ 2025-06-27
URL https://tdkanffeggskpvbyxobp.guitar.gkemanagedcerts.certsbridge.com/ 2025-06-27
URL https://tgsjcboxcldckloufjtb.guitar.gkemanagedcerts.certsbridge.com/ 2025-06-27
URL https://ufn.gts.multisan.st.ap.gtr-dev.certsbridge.com/ 2025-06-27
URL https://ufn.le.multisan.ap.ap.gtr-dev.certsbridge.com/ 2025-06-27
URL https://ureubjffkydeulelitmd.gtr.ing.gke.certsbridge.com 2025-06-27
hostname acalvajqkmnjcxabsatu.multidomain-prober.mdp.certsbridge.com 2025-06-27
hostname adomryxegt.multidomain-prober.mdp.certsbridge.com 2025-06-27
hostname cxmdctmeha.multidomain-prober.mdp.certsbridge.com 2025-06-27
hostname dhjocilibc.multidomain-prober.mdp.certsbridge.com 2025-06-27
hostname ehfgspehye.multidomain-prober.mdp.certsbridge.com 2025-06-27
hostname fsgvrqljbb.multidomain-prober.mdp.certsbridge.com 2025-06-27
hostname iutddxvjqr.multidomain-prober.mdp.certsbridge.com 2025-06-27
hostname jonnotgjik.multidomain-prober.mdp.certsbridge.com 2025-06-27
hostname liiybvdrrx.multidomain-prober.mdp.certsbridge.com 2025-06-27
hostname mhuncnyifd.multidomain-prober.mdp.certsbridge.com 2025-06-27
hostname pauwmitgdf.multidomain-prober.mdp.certsbridge.com 2025-06-27
hostname psuycjxmfb.multidomain-prober.mdp.certsbridge.com 2025-06-27
hostname qkndpdyyuy.multidomain-prober.mdp.certsbridge.com 2025-06-27
hostname vgsflvnaru.multidomain-prober.mdp.certsbridge.com 2025-06-27
hostname wmgukgsmmd.multidomain-prober.mdp.certsbridge.com 2025-06-27
hostname xhmrmfodtl.multidomain-prober.mdp.certsbridge.com 2025-06-27
hostname acphasrjjn.ctn.le.multisan.pr.ap.gtr.certsbridge.com 2025-06-27
hostname acpxufxujo.ctn.gts.multisan.pr.ap.gtr.certsbridge.com 2025-06-27
hostname aqhptlmdtd.ctn.gts.multisan.pr.ap.gtr.certsbridge.com 2025-06-27
hostname attomrsecs.ctn.le.multisan.pr.ap.gtr.certsbridge.com 2025-06-27
hostname edybshrieu.ctn.le.multisan.pr.ap.gtr.certsbridge.com 2025-06-27
hostname fispytkins.ctn.gts.multisan.pr.ap.gtr.certsbridge.com 2025-06-27
hostname gts.multisan.pr.ap.gtr.certsbridge.com 2025-06-27
hostname huspsxphwr.ctn.gts.wild.pr.ap.gtr.certsbridge.com 2025-06-27
hostname multisan.pr.ap.gtr.certsbridge.com 2025-06-27
hostname ncrhalnrtc.ctn.le.multisan.pr.ap.gtr.certsbridge.com 2025-06-27
hostname ncrxxovfjm.ctn.le.multisan.pr.ap.gtr.certsbridge.com 2025-06-27
hostname oapctelvyc.ctn.tv2.multisan.pr.ap.gtr.certsbridge.com 2025-06-27
hostname olxwqlptkx.ctn.le.multisan.pr.ap.gtr.certsbridge.com 2025-06-27
hostname qvsnuspssu.ctn.tv2.multisan.pr.ap.gtr.certsbridge.com 2025-06-27
hostname uspsnctfbn.ctn.gts.multisan.pr.ap.gtr.certsbridge.com 2025-06-27
hostname whmrcfaegl.ctn.gts.multisan.pr.ap.gtr.certsbridge.com 2025-06-27
hostname armrsbfonx.ctn.gts.multisan.st.ap.gtr-dev.certsbridge.com 2025-06-27
hostname brbqklewpn.ctn.gts.multisan.st.ap.gtr-dev.certsbridge.com 2025-06-27
hostname ctn.le.multisan.st.ap.gtr-dev.certsbridge.com 2025-06-27
hostname dfmwgqdysp.ctn.tv2.multisan.st.ap.gtr-dev.certsbridge.com 2025-06-27
hostname hfpxdqxmoc.ctn.gts.multisan.st.ap.gtr-dev.certsbridge.com 2025-06-27
hostname hhmrclykdh.ctn.gts.multisan.st.ap.gtr-dev.certsbridge.com 2025-06-27
hostname huwnglfuej.ctn.gts.multisan.st.ap.gtr-dev.certsbridge.com 2025-06-27
hostname ixdrhaoter.ctn.gts.multisan.st.ap.gtr-dev.certsbridge.com 2025-06-27
hostname jdfkqeswjo.ctn.gts.multisan.st.ap.gtr-dev.certsbridge.com 2025-06-27
hostname lqfjdvjqhj.ctn.gts.multisan.st.ap.gtr-dev.certsbridge.com 2025-06-27
hostname mujbicpxqp.ctn.gts.multisan.st.ap.gtr-dev.certsbridge.com 2025-06-27
hostname pcciflctff.ctn.gts.multisan.st.ap.gtr-dev.certsbridge.com 2025-06-27
hostname utvxlitrxu.ctn.gts.multisan.st.ap.gtr-dev.certsbridge.com 2025-06-27
hostname uypcciqlrx.ctn.gts.multisan.st.ap.gtr-dev.certsbridge.com 2025-06-27
hostname vdshtqfvav.ctn.gts.multisan.st.ap.gtr-dev.certsbridge.com 2025-06-27
hostname vxlbjlsjcr.ctn.gts.multisan.st.ap.gtr-dev.certsbridge.com 2025-06-27
hostname wnyvymuufl.ctn.gts.multisan.st.ap.gtr-dev.certsbridge.com 2025-06-27
hostname yfmnljxbcl.ctn.gts.multisan.st.ap.gtr-dev.certsbridge.com 2025-06-27
hostname yvcdsjrgvh.ctn.gts.multisan.st.ap.gtr-dev.certsbridge.com 2025-06-27
URL https://www.wietzebeukema.nl/blog/hijacking-dlls-in-windows 2025-06-27
hostname www.wietzebeukema.nl 2025-06-27
FileHash-SHA1 02bcbfc2bfb8b4da601bb30de0344ae453aa1afe 2025-06-27
hostname gndeeujjgl.ctn.gts.multisan.pr.ap.gtr.certsbridge.com 2025-06-27
hostname jcksclkhns.ctn.gts.multisan.pr.ap.gtr.certsbridge.com 2025-06-27
hostname megnyokhkf.ctn.gts.multisan.pr.ap.gtr.certsbridge.com 2025-06-27
hostname nuyxybccua.ctn.gts.multisan.pr.ap.gtr.certsbridge.com 2025-06-27
hostname qkboepcwty.ctn.gts.multisan.pr.ap.gtr.certsbridge.com 2025-06-27
hostname qqncsaqtpj.ctn.gts.multisan.pr.ap.gtr.certsbridge.com 2025-06-27
hostname qwunuxqxww.ctn.gts.multisan.pr.ap.gtr.certsbridge.com 2025-06-27
hostname qytcuspsvh.ctn.gts.multisan.pr.ap.gtr.certsbridge.com 2025-06-27
hostname umxbnyulvk.ctn.gts.multisan.pr.ap.gtr.certsbridge.com 2025-06-27
hostname uydqpccjnt.ctn.gts.multisan.pr.ap.gtr.certsbridge.com 2025-06-27
hostname xrhbwbwggh.ctn.gts.multisan.pr.ap.gtr.certsbridge.com 2025-06-27
hostname xujxnarjff.ctn.gts.multisan.pr.ap.gtr.certsbridge.com 2025-06-27
hostname yqmtqvfple.ctn.gts.multisan.pr.ap.gtr.certsbridge.com 2025-06-27
hostname gjqpliynqw.ctn.xn--e1aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa83db6c.long-first-domain-punycode.pr.v2.zoo.gtr.certsbridge.com 2025-06-27
hostname iowptawfjd.ctn.https.renewal.pr.v2.gclb.gtr.certsbridge.com 2025-06-27
hostname jkmjomnqfs.ctn.caa.pr.v2.zoo.gtr.certsbridge.com 2025-06-27
hostname kutpxhascy.ctn.mpdv.fallback.pr.v2.zoo.gtr.certsbridge.com 2025-06-27
hostname nvivtbsgvm.ctn.basic.pr.v2.zoo.gtr.certsbridge.com 2025-06-27
hostname rfaxltgfnw.ctn.xn--e1aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa83db6c.long-first-domain-punycode.pr.v2.zoo.gtr.certsbridge.com 2025-06-27
hostname ayhylecdud.ctn.le.multisan.st.ap.gtr-dev.certsbridge.com 2025-06-27
hostname eoohyqpwhc.ctn.le.multisan.st.ap.gtr-dev.certsbridge.com 2025-06-27
hostname ggfdwqbulh.ctn.le.multisan.st.ap.gtr-dev.certsbridge.com 2025-06-27
hostname igoylbubll.ctn.le.multisan.st.ap.gtr-dev.certsbridge.com 2025-06-27
hostname jrxqhbqbcv.ctn.le.multisan.st.ap.gtr-dev.certsbridge.com 2025-06-27
hostname kyxouijjkh.ctn.le.multisan.st.ap.gtr-dev.certsbridge.com 2025-06-27
hostname licrxcetpe.ctn.le.multisan.st.ap.gtr-dev.certsbridge.com 2025-06-27
hostname mgywtsbbbi.ctn.le.multisan.st.ap.gtr-dev.certsbridge.com 2025-06-27
hostname mlbfnbspuh.ctn.le.multisan.st.ap.gtr-dev.certsbridge.com 2025-06-27
hostname mwbywouvor.ctn.le.multisan.st.ap.gtr-dev.certsbridge.com 2025-06-27
hostname pcsdiqynmk.ctn.le.multisan.st.ap.gtr-dev.certsbridge.com 2025-06-27
hostname pgisvbrxoc.ctn.le.multisan.st.ap.gtr-dev.certsbridge.com 2025-06-27
hostname qbnheewsnl.ctn.le.multisan.st.ap.gtr-dev.certsbridge.com 2025-06-27
hostname qpqdiuojyq.ctn.le.multisan.st.ap.gtr-dev.certsbridge.com 2025-06-27
hostname tgbklvtbif.ctn.le.multisan.st.ap.gtr-dev.certsbridge.com 2025-06-27
hostname wgfjfbdmdp.ctn.le.multisan.st.ap.gtr-dev.certsbridge.com 2025-06-27
hostname yhihsooceg.ctn.le.multisan.st.ap.gtr-dev.certsbridge.com 2025-06-27
hostname ymcqvljcfw.ctn.le.multisan.st.ap.gtr-dev.certsbridge.com 2025-06-27
hostname yxsliqdopo.ctn.le.multisan.st.ap.gtr-dev.certsbridge.com 2025-06-27
FileHash-MD5 8fde56773e24d431e882636c9a4cece9 MD5 of 465aabe132ccb949e75b8ab9c5bda36d80cf2fd503d52b8bad54e295f28bbc21 2025-06-27
FileHash-SHA1 300af51b88ad5d5b27ce4f5f54e4d6e6a3a2c06d 2025-06-27
FileHash-SHA1 75508d543fa6a392f78e23d44c713d349f2f9ace SHA1 of 465aabe132ccb949e75b8ab9c5bda36d80cf2fd503d52b8bad54e295f28bbc21 2025-06-27
FileHash-SHA1 c76a39796972ecde44cb1da6df47f1b6562c9770 2025-06-27
FileHash-SHA256 465aabe132ccb949e75b8ab9c5bda36d80cf2fd503d52b8bad54e295f28bbc21 2025-06-27
URL https://www.vmray.com/analyses/2d2fa29185ad/report/overview.html 2025-06-27
hostname www.vmray.com 2025-06-27
FileHash-SHA256 083cc13668fa54d88ac0efae5195fc400844649c2745a357a8c694650d567306 2025-06-27
FileHash-SHA256 422995c61ec66c35c6be6754d47b3c779af4bef0b12f0610f7f1f515e9514f26 2025-06-27
FileHash-SHA256 acd7feb6f1ac40974eca80e1c9bdc25a9cf8fe2051a00965c666a20caf8df0f3 2025-06-27
URL https://www.wietzebeukema.nl/assets/2024-09-03-execl-with-argv0.png 2025-06-27
URL https://www.wietzebeukema.nl/assets/2024-09-03-spoofed-command.jpg 2025-06-27
URL https://www.wietzebeukema.nl/assets/2025-03-24-argfuscator-net.h264.mp4 2025-06-27
URL https://www.wietzebeukema.nl/blog/hijacking 2025-06-27
URL https://www.wietzebeukema.nl/blog/powershell-obfuscation-using-securestring 2025-06-27
URL https://www.wietzebeukema.nl/blog/windows 2025-06-27
URL https://www.wietzebeukema.nl/blog/windows-command-line-obfuscation 2025-06-27
FileHash-SHA256 01edc85cf529fc7031d789fb3f6c4da8b25bde705dd40f087ebff3f8189f4e52 2025-06-27
FileHash-SHA256 11c3902a683c8dc3b8ab6b610285ce456ea4274b3cef06500e6c712367e61fc0 2025-06-27
FileHash-SHA256 1f4312c7ed7aa37abb9c61e8d75f2bd3fd4360c68deff8ab7d292e5eb18e7942 2025-06-27
FileHash-SHA256 1fb2e6cfa49c4faa547bb1e9f4cac29ad798ea01d0b22992c7d8b4150a805a62 2025-06-27
FileHash-SHA256 36e9e6ffa9fe013f2bdc3e802b1994538e0313c2545b38a8817df354cf4e9ef9 2025-06-27
FileHash-SHA256 498e5b77a9a4205d877dd6e9b7e835c37f12f399c4bc61e7b9718e2d5c3e627b 2025-06-27
FileHash-SHA256 49bdd488e8fa0884c99789a96beeb992ee77f419011b28e40555a368a65b4138 2025-06-27
FileHash-SHA256 4a2a04aa077860f04fe1c3e89384597cd968150c3906abda75276a30ba5d2153 2025-06-27
FileHash-SHA256 705a3bcb5f522ba3611660c704f6e58b645b8c59c9010028746ea16ca4c9381e 2025-06-27
FileHash-SHA256 8bc4d3ec803eedbb4fb01fadbbf59d12a34316eff302b619213033d5fc18a95b 2025-06-27
FileHash-SHA256 98bd08c43d0b866d98077e14ac7bb1ea87f8d3e45c6cf246b13d446899cba82f 2025-06-27
FileHash-SHA256 99fae9d8b640c02343bbc51baf7bb3026e54245e220b804033f50a3f669f1fc9 2025-06-27
FileHash-SHA256 9e4fd053b1324fbac8ba6a7d8e4fb80223e4e9ad04260418115a244f4be5a805 2025-06-27
FileHash-SHA256 c28be35e10bec847641a16fd4c5278f349d165930986df1305a0e674bbffd379 2025-06-27
FileHash-SHA256 d1725dfdb705774ec7b47a08854dfcdbe5b6ce8d963328389f755f92d66874a5 2025-06-27
FileHash-SHA256 d195dcd7b86502bec3547a8c64e6d019927ea509cf720c679c397f1ee86b8704 2025-06-27
FileHash-SHA256 d6bf51a00c3fe25169546f137dd505749a5c375b2a70c2bbd5189e5c4a12df0e 2025-06-27
FileHash-SHA256 da6a615ae5b44ef49f8bde9bebf55c64f9e00935310143bd4a98448d0c9f995b 2025-06-27
FileHash-SHA256 ea4a1b5c39581c6e3d9452cd6ebb3bfdfdf3d642ab957fcd7ca76cbf74794a08 2025-06-27
FileHash-SHA256 f9a199c8858525c6b80d3ef71bf98617b1aea48c78954f848e8b57bee3a3c9e4 2025-06-27
URL https://www.vmray.com/a-pafish-primer/ 2025-06-27
URL https://www.vmray.com/analyses/1410147075fb/report/report.pdf 2025-06-27
URL https://www.vmray.com/analyses/76afc4a7ef10/report/overview.html 2025-06-27
URL https://www.vmray.com/analyses/8344424b2ab6/logs/flog.txt 2025-06-27
URL https://www.vmray.com/analyses/_mb/2b29df675101/report/report.pdf 2025-06-27
URL https://www.vmray.com/analyses/_mb/2b29df675101/report/report.pdf&ved=2ahUKEwis3-G2s8OLAxVN-gIHHVeEIQwQFnoECAoQAQ&usg=AOvVaw1q6A3M7uMHlqTOK_NbW-7M 2025-06-27
URL https://www.vmray.com/analyses/_mb/655285a40d6a/report/overview.html 2025-06-27
URL https://www.vmray.com/analyses/_mb/708e198608b5/report/overview.html 2025-06-27
URL https://www.vmray.com/analyses/_mb/cda6a3a92d74/report/report.pdf 2025-06-27
URL https://www.vmray.com/analyses/_tf/861c3cfce778/logs/glog.xml 2025-06-27
URL https://www.vmray.com/analyses/_vt/00de1d35a661/report/overview.html 2025-06-27
URL https://www.vmray.com/analyses/_vt/27d90611f005/report/overview.html 2025-06-27
URL https://www.vmray.com/analyses/_vt/5344afc52608/report/ioc.html 2025-06-27
URL https://www.vmray.com/analyses/_vt/80742a25d155/report/overview.html 2025-06-27
URL https://www.vmray.com/analyses/a206935d5ee5/report/data.js 2025-06-27
URL https://www.vmray.com/analyses/emotet 2025-06-27
URL https://www.vmray.com/resources/why-your-edr-let-pikabot-jump-through/ 2025-06-27
URL https://www.vmray.com/sandbox-evasion-techniques/ 2025-06-27
URL https://www.vmray.com/wastedlocker-ransomware-threat-bulletin/ 2025-06-27
URL https://www.vmray.com/wp-content/uploads/2024/03/Solution_Brief_Anti_Sandbox_Evasion_Why_Defeating_Anti_Sandbox_Evasio-1.pdf 2025-06-27
FileHash-SHA256 0cc8378c4bca64dae2268f62576408b652014280adaeddfa9e02d3a91f26f1b9 2025-06-27
YARA 572c40962f7f4a9b5ab4b85ac412351d212db81e Identifies Office documents created by a cracked Office version, SPecialiST RePack. 2025-06-27
CVE CVE-2024-40898 SSRF in Apache HTTP Server on Windows with mod_rewrite in server/vhost context, allows to potentially leak NTML hashes to a malicious server via SSRF and malicious requests. Users are recommended to upgrade to version 2.4.62 which fixes this issue. 2025-09-01
References (1)
↗ 02dad9ca41f47e219a369cd5b8998ae5eb32f214105c3af01fd0cda6218f33a6.doc document-macro.doc