Pulse Detail — Threat Intelligence

● 0 online

ANALYZING THREAT INTELLIGENCE

PULSE NAME

2007: Malware Analysis Report

WHITE kikinumpav 2026-05-01 Modified: 2026-05-31

59

IOCs

HIGH VOLUME

↓ CSV ↓ JSON

Indicators of Compromise (59)

All domain hostname URL email FileHash-SHA256

TYPE	INDICATOR	DESCRIPTION	CREATED
domain	cameradealsusa.com	—	2026-05-01
domain	casecarfax.com	—	2026-05-01
domain	michelleorea.com	—	2026-05-01
domain	vam-ars.com	—	2026-05-01
domain	wmwbc.com	—	2026-05-01
hostname	us.ebayobjects.com	—	2026-05-01
URL	http://secure.com/weblog/archives/kasslin_AVAR2006_KernelMalware_paper.pdf.	—	2026-05-01
domain	acme.org	—	2026-05-01
domain	secure.com	—	2026-05-01
hostname	smtp.acme.org	—	2026-05-01
domain	msiesettings.com	—	2026-05-01
domain	spamit.com	—	2026-05-01
email	kchiang@sandia.gov	—	2026-05-01
email	llloyd@sandia.gov	—	2026-05-01
FileHash-SHA256	2c28c88e6eabef423a8b0eea0c060741443baad47398faaa0b95a8d3bbbac272	—	2026-05-01
FileHash-SHA256	f23389019c08d5c5a862be7055f6a736d287f4e544be8cc03c78576996b51178	—	2026-05-01
domain	ebayobjects.com	—	2026-05-01
URL	http://us.ebayobjects.com/1ai/ebay.us.homepage.cchp/cchp	—	2026-05-01
hostname	admin.acme.org	—	2026-05-01
hostname	alpha.acme.org	—	2026-05-01
hostname	buildserver.acme.org	—	2026-05-01
hostname	git.acme.org	—	2026-05-01
hostname	rel.acme.org	—	2026-05-01
hostname	www.proxy.acme.org	—	2026-05-01
URL	http://acme.org/management	—	2026-05-01
URL	http://acme.org/path/	—	2026-05-01
URL	http://acme.org/path/bar	—	2026-05-01
URL	http://people.knowledge.acme.org/	—	2026-05-01
URL	https://acme.org/ai	—	2026-05-01
URL	https://acme.org/fhir	—	2026-05-01
URL	https://acme.org/jenkins.yaml	—	2026-05-01
URL	https://acme.org/path/bar	—	2026-05-01
URL	https://backstage.acme.org/	—	2026-05-01
URL	https://backstage.internal.acme.org/	—	2026-05-01
URL	https://git.acme.org/rest/api/1.0/projects/MYPROJECT/repos/my-app/pull-requests/12	—	2026-05-01
URL	https://git.acme.org/users/UserOne	—	2026-05-01
URL	https://git.acme.org/users/UserTwo	—	2026-05-01
URL	https://other-service.acme.org/.well-known/jwks.json	—	2026-05-01
URL	https://rel.acme.org/	—	2026-05-01
URL	https://rt.acme.org/	—	2026-05-01
URL	https://www.acme.org/login	—	2026-05-01
hostname	auth.secure.com	—	2026-05-01
hostname	demo-sos.secure.com	—	2026-05-01
hostname	mybank.secure.com	—	2026-05-01
hostname	ns1.secure.com	—	2026-05-01
hostname	ns2.secure.com	—	2026-05-01
hostname	paypal.com.login.verify.secure.com	—	2026-05-01
hostname	staging-gcp-auth.secure.com	—	2026-05-01
hostname	transfer-vermeg.secure.com	—	2026-05-01
hostname	www.bankofamerica.verify-update.secure.com	—	2026-05-01
URL	http://paypal.com.login.verify.secure.com/login	—	2026-05-01
URL	http://secure.com/weblog/archives/00002822.html	—	2026-05-01
URL	http://www.secure.com/	—	2026-05-01
URL	https://staging-gcp-auth.secure.com/admin/master/console/	—	2026-05-01
URL	https://www.secure.com/	—	2026-05-01
URL	https://www.secure.com/login	—	2026-05-01
URL	https://www.secure.com/news/malicious-npm-package-hugging-face-malware	—	2026-05-01
URL	https://mybank.secure.com/update-password	—	2026-05-01
domain	bannerdev.xyz	—	2026-05-01

References (6)

↗ 2007-10-31 - Trojan.Bayrob Strikes Again!.pdf ↗ 2007-11-01 - Spam from the kernel.pdf ↗ 2007-12-04 - Inside the Ron Paul Spam Botnet.pdf ↗ 2007-01-09 - A Rustock-ing Stuffer.pdf ↗ 2007-12-16 - Pushdo - Analysis of a Modern Malware Distribution System.pdf ↗ 2007-04-03 - A Case Study of the Rustock Rootkit and Spam Bot.pdf