{ "type": "Domain", "indicator": "claycube.us", "general": { "sections": [ "general", "geo", "url_list", "passive_dns", "malware", "whois", "http_scans" ], "whois": "http://whois.domaintools.com/claycube.us", "alexa": "http://www.alexa.com/siteinfo/claycube.us", "indicator": "claycube.us", "type": "domain", "type_title": "Domain", "validation": [], "base_indicator": { "id": 4337357958, "indicator": "claycube.us", "type": "domain", "title": "", "description": "", "content": "", "access_type": "public", "access_reason": "" }, "pulse_info": { "count": 1, "pulses": [ { "id": "69f486c411d421163131fe6f", "name": "2012: Malware Analysis Report", "description": "", "modified": "2026-05-01T10:56:04.377000", "created": "2026-05-01T10:56:04.377000", "tags": [], "references": [ "2012-01-04 - SpyEye Malware Borrows Zeus Trick to Mask Fraud.pdf", "2012-01-08 - Cold$eal- 'Situation is under control'.pdf", "2012-01-06 - Cracking Cold$eal 5.4.1 FWB++.pdf", "2012-01-06 - Cracking ColdSeal 5.4.1 FWB.pdf", "2012-02-15 - Merchant of Fraud Returns- Shylock Polymorphic Financial Malware Infections on the Rise.pdf", "2012-02-01 - TDL4 - Purple Haze (Pihar) Variant - sample and analysis.pdf", "2012-01-12 - Blackhole Ramnit - samples and analysis.pdf", "2012-03-16 - OSX-Imuler updated- still a threat on Mac OS X.pdf", "2012-03-26 - LUCKYCAT REDUX Inside an APT Campaign with Multiple Targets in India and Japan.pdf", "2012-03-06 - Virus Ukash Gendarmerie Absence twexx32.dll.pdf", "2012-04-05 - Darkshell DDOS Botnet Evolves With Variants.pdf", "2012-04-16 - Detailed Analysis Of Sykipot (Smartcard Proxy Variant).pdf", "2012-04-10 - OSX-FlashbackO sample and some domains.pdf", "2012-04-05 - China Hacked South Korea Over Missile Defense, U.S. Firm Says.pdf", "2012-04-10 - OSX-Flashback.O sample + some domains.pdf", "2012-04-12 - OSX-Flashback.K sample + Mac OS malware study set (30+ older samples).pdf", "2012-04-12 - OSX-Flashback.K sample and Mac OS malware study set (over 30 older samples).pdf", "2012-04-23 - BKDR_CYSXL.A.pdf", "2012-04-18 - DarkMegi rootkit - sample (distributed via Blackhole).pdf", "2012-05-31 - Flamer- A Recipe for Bluetoothache.pdf", "2012-06-06 - Tinba - Zusy - tiny banker trojan.pdf", "2012-06-04 - Small banking Trojan poses major risk.pdf", "2012-05-28 - The Flame- Questions and Answers.pdf", "2012-06-05 - Smartcard vulnerabilities in modern banking malware.pdf", "2012-06-09 - You dirty RAT! Part 1- DarkComet.pdf", "2012-06-21 - BlackShades in Syria.pdf", "2012-06-15 - You Dirty RAT! Part 2 \u2013 BlackShades NET.pdf", "2012-07-02 - Sykipot is back.pdf", "2012-06-24 - Medre.A - AutoCAD worm samples.pdf", "2012-06-21 - RAT samples from Syrian Targeted attacks - Blackshades RAT, XTreme RAT, Dark Comet RAT used by Syrian Electronic Army.pdf", "2012-07-17 - Kaspersky Lab and Seculert Announce \u2018Madi,\u2019 a Newly Discovered Cyber-Espionage Campaign in the Middle East.pdf", "2012-07-17 - The Madi Attacks- Series of Social Engineering Campaigns.pdf", "2012-07-13 - Rovnix bootkit framework updated.pdf", "2012-07-26 - The Madi Campaign \u2013 Part II.pdf", "2012-07-22 - Xtreme RAT analysis.pdf", "2012-08-01 - \u201cRunForestRun\u201d, \u201cgootkit\u201d and random domain name generation.pdf", "2012-07-24 - New Apple Mac Trojan Called OSX-Crisis Discovered.pdf", "2012-07-17 - The Madi Campaign \u2013 Part I.pdf", "2012-08-01 - Inside the ICE IX bot, descendent of Zeus.pdf", "2012-08-10 - Gauss samples - Nation-state cyber-surveillance + Banking trojan.pdf", "2012-08-02 - Cridex Analysis using Volatility.pdf", "2012-08-17 - Shamoon or DistTrack.A samples.pdf", "2012-08-20 - Crisis for Windows Sneaks onto Virtual Machines.pdf", "2012-08-16 - Shamoon the Wiper \u2013 Copycats at Work.pdf", "2012-08-16 - The Shamoon Attacks.pdf", "2012-08-16 - Inside Upas Kit (1.0.1.1) aka Rombrast C&C - Botnet Control Panel.pdf", "2012-08-22 - The first Trojan in history to steal Linux and Mac OS X passwords.pdf", "2012-08-30 - Troj-Binanen-B.pdf", "2012-09-18 - QassamCyberFighters's Pastebin.pdf", "2012-09-01 - URLZone reloaded- new evolution.pdf", "2012-09-28 - Dissecting 'Operation Ababil' - an OSINT Analysis.pdf", "2012-10-02 - Blackhole Exploit Kit \u2013 Rise and Evolution.pdf", "2012-09-06 - The Elderwood Project.pdf", "2012-09-19 - Blog Posts on Nitol.pdf", "2012-08-13 - Syrian Electronic Army.pdf", "2012-10-09 - BKDR_SARHUST.A.pdf", "2012-10-05 - Dark Comet 2- Electric Boogaloo.pdf", "2012-10-12 - New Multiplatform Backdoor Jacksbot Discovered.pdf", "2012-10-09 - SASFIS.pdf", "2012-10-13 - WORM_EMUDBOT.JP.pdf", "2012-10-07 - Cracking New PseudoRandom (runforestrun) Infector.pdf", "2012-11-01 - Tracking the 2012 Sasfis campaign.pdf", "2012-11-16 - Malware Targeting Windows 8 Uses Google Docs.pdf", "2012-11-13 - New variant of Mac Trojan discovered, targeting Tibet.pdf", "2012-11-14 - Group Photos.zip OSX-Revir - OSX-iMuler samples March 2012-November 2012.pdf", "2012-11-16 - Remote Administration Tool for Android devices.pdf", "2012-11-05 - Citadel- a cyber-criminal\u2019s ultimate weapon-.pdf", "2012-10-30 - JACKSBOT Has Some Dirty Tricks up Its Sleeves.pdf", "2012-11-27 - Threat Description- Troj-Ployx-A.pdf", "2012-11-22 - W32.Narilam \u2013 Business Database Sabotage.pdf", "2012-12-03 - Compromised library.pdf", "2012-11-25 - Parastoo Hacks IAEA.pdf", "2012-12-03 - New Mac Malware Found on Dalai Lama Related Website.pdf", "2012-11-28 - Shylock\u2019s New Trick- Evading Malware Researchers.pdf", "2012-11-29 - Inside view of Lyposit aka (for its friends) Lucky LOCKER.pdf", "2012-12-06 - Nov 2012 - W32.Narilam Sample.pdf", "2012-12-07 - Aug 2012 Backdoor.Wirenet - OSX and Linux.pdf", "2012-12-05 - The path to infection - Eye glance at the first line of -Russian Underground- - focused on Ransomware.pdf", "2012-12-07 - Aug 2012 W32.Crisis and OSX.Crisis - JAR file Samples - APT.pdf", "2012-12-07 - Nov 2012 - Backdoor.W32.Makadocs Sample.pdf", "2012-12-12 - Analysis of VirTool-WinNT-Exforel.A rootkit.pdf", "2012-12-07 - Nov 2012 Worm Vobfus Samples.pdf", "2012-12-12 - Unpacking Dexter POS -Memory Dump Parsing- Malware.pdf", "2012-12-13 - The Dexter Malware- Getting Your Hands Dirty.pdf", "2012-11-29 - What\u2019s the Fuss with WORM_VOBFUS-.pdf", "2012-12-15 - Disclosure of another 0day malware - Initial Dropper and Downloader (Part 1).pdf", "2012-12-19 - Win32-Spy.Ranbyus modifying Java code in RBS Ukraine systems.pdf", "2012-12-17 - Sample for Sanny - Win32.Daws in CVE-2012-0158 -ACEAN Regional Security Forum- targeting Russian companies.pdf", "2012-12-18 - Malicious Apache module used for content injection- Linux-Chapro.A.pdf", "2012-12-20 - Trojan.Stabuniq Found on Financial Institution Servers.pdf", "2012-12-15 - Disclosure of another 0day malware - Analysis of 2nd Dropper and 3rd Dropper (Part 2).pdf", "2012-12-23 - Dec 2012 Dexter - POS Infostealer samples and information.pdf", "2012-12-24 - Dec 2012 Linux.Chapro - trojan Apache iframer.pdf", "2012-12-27 - Nitol botnet.pdf", "2012-12-21 - Infostealer Dexter Targets Checkout Systems.pdf", "2012-12-24 - Dec. 2012 Trojan.Stabuniq samples - financial infostealer trojan.pdf", "2012-12-29 - Attack and IE 0day Informations Used Against Council on Foreign Relations.pdf", "2012-12-26 - ZeroAccess - Sirefef Rootkit - 5 fresh samples.pdf", "Crypto -Dark Comet.pdf", "Cyberattack against Israeli and Palestinian targets.pdf", "Dark Comet.pdf", "IEXPL0RE RAT.pdf", "OSX SabPub.pdf", "Flamer C & C Server.pdf", "Ixeshe.pdf", "Shamoon.pdf", "Pest Control.pdf", "The elderwood project.pdf", "The Mirage Campaign.pdf", "The Sin Digoo Affair.pdf", "Trojan Taidoor.pdf", "Wicked Rose & NCPH Hacking Group.pdf", "Fin Fisher's Spy Kit.pdf", "LuckyCat Redux.pdf", "The Madi Infostealers.pdf", "The VOHO Campaign.pdf", "The taidoor campaign.pdf", "The HeartBeat APT Campaign.pdf", "Tibet Lurk.pdf" ], "public": 1, "adversary": "", "targeted_countries": [], "malware_families": [], "attack_ids": [], "industries": [], "TLP": "white", "cloned_from": null, "export_count": 2, "upvotes_count": 0, "downvotes_count": 0, "votes_count": 0, "locked": false, "pulse_source": "web", "validator_count": 0, "comment_count": 0, "follower_count": 0, "vote": 0, "author": { "username": "kikinumpav", "id": "385742", "avatar_url": "https://otx.alienvault.com/assets/images/default-avatar.png", "is_subscribed": false, "is_following": false }, "indicator_type_counts": { "email": 22, "IPv4": 422, "URL": 347, "domain": 373, "hostname": 452, "FileHash-MD5": 927, "FileHash-SHA1": 84, "FileHash-SHA256": 248, "CVE": 42, "IPv6": 1 }, "indicator_count": 2918, "is_author": false, "is_subscribing": null, "subscriber_count": 11, "modified_text": "29 days ago ", "is_modified": false, "groups": [], "in_group": false, "threat_hunter_scannable": true, "threat_hunter_has_agents": 1, "related_indicator_type": "domain", "related_indicator_is_active": 1 } ], "references": [ "2012-04-23 - BKDR_CYSXL.A.pdf", "Crypto -Dark Comet.pdf", "Pest Control.pdf", "2012-06-09 - You dirty RAT! Part 1- DarkComet.pdf", "2012-06-05 - Smartcard vulnerabilities in modern banking malware.pdf", "2012-12-12 - Unpacking Dexter POS -Memory Dump Parsing- Malware.pdf", "The Mirage Campaign.pdf", "2012-09-19 - Blog Posts on Nitol.pdf", "2012-09-06 - The Elderwood Project.pdf", "2012-11-01 - Tracking the 2012 Sasfis campaign.pdf", "2012-07-17 - Kaspersky Lab and Seculert Announce \u2018Madi,\u2019 a Newly Discovered Cyber-Espionage Campaign in the Middle East.pdf", "2012-01-12 - Blackhole Ramnit - samples and analysis.pdf", "2012-11-25 - Parastoo Hacks IAEA.pdf", "2012-04-05 - China Hacked South Korea Over Missile Defense, U.S. Firm Says.pdf", "2012-12-27 - Nitol botnet.pdf", "2012-08-17 - Shamoon or DistTrack.A samples.pdf", "2012-12-29 - Attack and IE 0day Informations Used Against Council on Foreign Relations.pdf", "2012-11-29 - Inside view of Lyposit aka (for its friends) Lucky LOCKER.pdf", "2012-12-23 - Dec 2012 Dexter - POS Infostealer samples and information.pdf", "2012-12-03 - Compromised library.pdf", "2012-04-10 - OSX-FlashbackO sample and some domains.pdf", "2012-01-06 - Cracking Cold$eal 5.4.1 FWB++.pdf", "2012-02-01 - TDL4 - Purple Haze (Pihar) Variant - sample and analysis.pdf", "2012-08-01 - \u201cRunForestRun\u201d, \u201cgootkit\u201d and random domain name generation.pdf", "2012-01-08 - Cold$eal- 'Situation is under control'.pdf", "2012-06-04 - Small banking Trojan poses major risk.pdf", "2012-07-02 - Sykipot is back.pdf", "Dark Comet.pdf", "2012-12-07 - Aug 2012 W32.Crisis and OSX.Crisis - JAR file Samples - APT.pdf", "Flamer C & C Server.pdf", "The Madi Infostealers.pdf", "2012-08-30 - Troj-Binanen-B.pdf", "2012-08-20 - Crisis for Windows Sneaks onto Virtual Machines.pdf", "2012-03-06 - Virus Ukash Gendarmerie Absence twexx32.dll.pdf", "2012-08-10 - Gauss samples - Nation-state cyber-surveillance + Banking trojan.pdf", "2012-06-06 - Tinba - Zusy - tiny banker trojan.pdf", "2012-12-13 - The Dexter Malware- Getting Your Hands Dirty.pdf", "Fin Fisher's Spy Kit.pdf", "2012-07-24 - New Apple Mac Trojan Called OSX-Crisis Discovered.pdf", "2012-08-16 - Shamoon the Wiper \u2013 Copycats at Work.pdf", "The Sin Digoo Affair.pdf", "2012-10-05 - Dark Comet 2- Electric Boogaloo.pdf", "2012-11-13 - New variant of Mac Trojan discovered, targeting Tibet.pdf", "The HeartBeat APT Campaign.pdf", "2012-02-15 - Merchant of Fraud Returns- Shylock Polymorphic Financial Malware Infections on the Rise.pdf", "2012-11-28 - Shylock\u2019s New Trick- Evading Malware Researchers.pdf", "2012-10-09 - BKDR_SARHUST.A.pdf", "2012-12-06 - Nov 2012 - W32.Narilam Sample.pdf", "2012-03-16 - OSX-Imuler updated- still a threat on Mac OS X.pdf", "2012-05-28 - The Flame- Questions and Answers.pdf", "2012-12-05 - The path to infection - Eye glance at the first line of -Russian Underground- - focused on Ransomware.pdf", "2012-12-17 - Sample for Sanny - Win32.Daws in CVE-2012-0158 -ACEAN Regional Security Forum- targeting Russian companies.pdf", "2012-10-30 - JACKSBOT Has Some Dirty Tricks up Its Sleeves.pdf", "2012-11-16 - Malware Targeting Windows 8 Uses Google Docs.pdf", "2012-12-15 - Disclosure of another 0day malware - Analysis of 2nd Dropper and 3rd Dropper (Part 2).pdf", "2012-12-21 - Infostealer Dexter Targets Checkout Systems.pdf", "2012-07-26 - The Madi Campaign \u2013 Part II.pdf", "Ixeshe.pdf", "2012-05-31 - Flamer- A Recipe for Bluetoothache.pdf", "Wicked Rose & NCPH Hacking Group.pdf", "2012-10-13 - WORM_EMUDBOT.JP.pdf", "2012-09-28 - Dissecting 'Operation Ababil' - an OSINT Analysis.pdf", "OSX SabPub.pdf", "2012-06-24 - Medre.A - AutoCAD worm samples.pdf", "2012-09-01 - URLZone reloaded- new evolution.pdf", "2012-09-18 - QassamCyberFighters's Pastebin.pdf", "2012-11-29 - What\u2019s the Fuss with WORM_VOBFUS-.pdf", "2012-11-14 - Group Photos.zip OSX-Revir - OSX-iMuler samples March 2012-November 2012.pdf", "2012-12-03 - New Mac Malware Found on Dalai Lama Related Website.pdf", "2012-12-07 - Nov 2012 - Backdoor.W32.Makadocs Sample.pdf", "2012-12-26 - ZeroAccess - Sirefef Rootkit - 5 fresh samples.pdf", "The VOHO Campaign.pdf", "2012-04-05 - Darkshell DDOS Botnet Evolves With Variants.pdf", "2012-08-02 - Cridex Analysis using Volatility.pdf", "2012-11-16 - Remote Administration Tool for Android devices.pdf", "Shamoon.pdf", "2012-12-07 - Nov 2012 Worm Vobfus Samples.pdf", "2012-07-17 - The Madi Campaign \u2013 Part I.pdf", "2012-12-15 - Disclosure of another 0day malware - Initial Dropper and Downloader (Part 1).pdf", "Cyberattack against Israeli and Palestinian targets.pdf", "2012-06-21 - RAT samples from Syrian Targeted attacks - Blackshades RAT, XTreme RAT, Dark Comet RAT used by Syrian Electronic Army.pdf", "2012-04-12 - OSX-Flashback.K sample and Mac OS malware study set (over 30 older samples).pdf", "Trojan Taidoor.pdf", "2012-08-13 - Syrian Electronic Army.pdf", "2012-06-15 - You Dirty RAT! Part 2 \u2013 BlackShades NET.pdf", "2012-07-17 - The Madi Attacks- Series of Social Engineering Campaigns.pdf", "2012-07-13 - Rovnix bootkit framework updated.pdf", "2012-01-06 - Cracking ColdSeal 5.4.1 FWB.pdf", "2012-01-04 - SpyEye Malware Borrows Zeus Trick to Mask Fraud.pdf", "The taidoor campaign.pdf", "IEXPL0RE RAT.pdf", "2012-10-09 - SASFIS.pdf", "2012-08-16 - Inside Upas Kit (1.0.1.1) aka Rombrast C&C - Botnet Control Panel.pdf", "The elderwood project.pdf", "2012-04-10 - OSX-Flashback.O sample + some domains.pdf", "2012-12-24 - Dec. 2012 Trojan.Stabuniq samples - financial infostealer trojan.pdf", "2012-06-21 - BlackShades in Syria.pdf", "Tibet Lurk.pdf", "LuckyCat Redux.pdf", "2012-11-05 - Citadel- a cyber-criminal\u2019s ultimate weapon-.pdf", "2012-10-02 - Blackhole Exploit Kit \u2013 Rise and Evolution.pdf", "2012-12-19 - Win32-Spy.Ranbyus modifying Java code in RBS Ukraine systems.pdf", "2012-04-16 - Detailed Analysis Of Sykipot (Smartcard Proxy Variant).pdf", "2012-12-12 - Analysis of VirTool-WinNT-Exforel.A rootkit.pdf", "2012-08-22 - The first Trojan in history to steal Linux and Mac OS X passwords.pdf", "2012-04-12 - OSX-Flashback.K sample + Mac OS malware study set (30+ older samples).pdf", "2012-08-16 - The Shamoon Attacks.pdf", "2012-11-27 - Threat Description- Troj-Ployx-A.pdf", "2012-12-07 - Aug 2012 Backdoor.Wirenet - OSX and Linux.pdf", "2012-12-20 - Trojan.Stabuniq Found on Financial Institution Servers.pdf", "2012-04-18 - DarkMegi rootkit - sample (distributed via Blackhole).pdf", "2012-12-24 - Dec 2012 Linux.Chapro - trojan Apache iframer.pdf", "2012-08-01 - Inside the ICE IX bot, descendent of Zeus.pdf", "2012-10-07 - Cracking New PseudoRandom (runforestrun) Infector.pdf", "2012-12-18 - Malicious Apache module used for content injection- Linux-Chapro.A.pdf", "2012-07-22 - Xtreme RAT analysis.pdf", "2012-03-26 - LUCKYCAT REDUX Inside an APT Campaign with Multiple Targets in India and Japan.pdf", "2012-10-12 - New Multiplatform Backdoor Jacksbot Discovered.pdf", "2012-11-22 - W32.Narilam \u2013 Business Database Sabotage.pdf" ], "related": { "alienvault": { "adversary": [], "malware_families": [], "industries": [] }, "other": { "adversary": [], "malware_families": [], "industries": [] } } }, "false_positive": [] }, "geo": {}, "geo_ipapicom": {}, "pulse_count": 1, "pulses": [ { "id": "69f486c411d421163131fe6f", "name": "2012: Malware Analysis Report", "description": "", "modified": "2026-05-01T10:56:04.377000", "created": "2026-05-01T10:56:04.377000", "tags": [], "references": [ "2012-01-04 - SpyEye Malware Borrows Zeus Trick to Mask Fraud.pdf", "2012-01-08 - Cold$eal- 'Situation is under control'.pdf", "2012-01-06 - Cracking Cold$eal 5.4.1 FWB++.pdf", "2012-01-06 - Cracking ColdSeal 5.4.1 FWB.pdf", "2012-02-15 - Merchant of Fraud Returns- Shylock Polymorphic Financial Malware Infections on the Rise.pdf", "2012-02-01 - TDL4 - Purple Haze (Pihar) Variant - sample and analysis.pdf", "2012-01-12 - Blackhole Ramnit - samples and analysis.pdf", "2012-03-16 - OSX-Imuler updated- still a threat on Mac OS X.pdf", "2012-03-26 - LUCKYCAT REDUX Inside an APT Campaign with Multiple Targets in India and Japan.pdf", "2012-03-06 - Virus Ukash Gendarmerie Absence twexx32.dll.pdf", "2012-04-05 - Darkshell DDOS Botnet Evolves With Variants.pdf", "2012-04-16 - Detailed Analysis Of Sykipot (Smartcard Proxy Variant).pdf", "2012-04-10 - OSX-FlashbackO sample and some domains.pdf", "2012-04-05 - China Hacked South Korea Over Missile Defense, U.S. Firm Says.pdf", "2012-04-10 - OSX-Flashback.O sample + some domains.pdf", "2012-04-12 - OSX-Flashback.K sample + Mac OS malware study set (30+ older samples).pdf", "2012-04-12 - OSX-Flashback.K sample and Mac OS malware study set (over 30 older samples).pdf", "2012-04-23 - BKDR_CYSXL.A.pdf", "2012-04-18 - DarkMegi rootkit - sample (distributed via Blackhole).pdf", "2012-05-31 - Flamer- A Recipe for Bluetoothache.pdf", "2012-06-06 - Tinba - Zusy - tiny banker trojan.pdf", "2012-06-04 - Small banking Trojan poses major risk.pdf", "2012-05-28 - The Flame- Questions and Answers.pdf", "2012-06-05 - Smartcard vulnerabilities in modern banking malware.pdf", "2012-06-09 - You dirty RAT! Part 1- DarkComet.pdf", "2012-06-21 - BlackShades in Syria.pdf", "2012-06-15 - You Dirty RAT! Part 2 \u2013 BlackShades NET.pdf", "2012-07-02 - Sykipot is back.pdf", "2012-06-24 - Medre.A - AutoCAD worm samples.pdf", "2012-06-21 - RAT samples from Syrian Targeted attacks - Blackshades RAT, XTreme RAT, Dark Comet RAT used by Syrian Electronic Army.pdf", "2012-07-17 - Kaspersky Lab and Seculert Announce \u2018Madi,\u2019 a Newly Discovered Cyber-Espionage Campaign in the Middle East.pdf", "2012-07-17 - The Madi Attacks- Series of Social Engineering Campaigns.pdf", "2012-07-13 - Rovnix bootkit framework updated.pdf", "2012-07-26 - The Madi Campaign \u2013 Part II.pdf", "2012-07-22 - Xtreme RAT analysis.pdf", "2012-08-01 - \u201cRunForestRun\u201d, \u201cgootkit\u201d and random domain name generation.pdf", "2012-07-24 - New Apple Mac Trojan Called OSX-Crisis Discovered.pdf", "2012-07-17 - The Madi Campaign \u2013 Part I.pdf", "2012-08-01 - Inside the ICE IX bot, descendent of Zeus.pdf", "2012-08-10 - Gauss samples - Nation-state cyber-surveillance + Banking trojan.pdf", "2012-08-02 - Cridex Analysis using Volatility.pdf", "2012-08-17 - Shamoon or DistTrack.A samples.pdf", "2012-08-20 - Crisis for Windows Sneaks onto Virtual Machines.pdf", "2012-08-16 - Shamoon the Wiper \u2013 Copycats at Work.pdf", "2012-08-16 - The Shamoon Attacks.pdf", "2012-08-16 - Inside Upas Kit (1.0.1.1) aka Rombrast C&C - Botnet Control Panel.pdf", "2012-08-22 - The first Trojan in history to steal Linux and Mac OS X passwords.pdf", "2012-08-30 - Troj-Binanen-B.pdf", "2012-09-18 - QassamCyberFighters's Pastebin.pdf", "2012-09-01 - URLZone reloaded- new evolution.pdf", "2012-09-28 - Dissecting 'Operation Ababil' - an OSINT Analysis.pdf", "2012-10-02 - Blackhole Exploit Kit \u2013 Rise and Evolution.pdf", "2012-09-06 - The Elderwood Project.pdf", "2012-09-19 - Blog Posts on Nitol.pdf", "2012-08-13 - Syrian Electronic Army.pdf", "2012-10-09 - BKDR_SARHUST.A.pdf", "2012-10-05 - Dark Comet 2- Electric Boogaloo.pdf", "2012-10-12 - New Multiplatform Backdoor Jacksbot Discovered.pdf", "2012-10-09 - SASFIS.pdf", "2012-10-13 - WORM_EMUDBOT.JP.pdf", "2012-10-07 - Cracking New PseudoRandom (runforestrun) Infector.pdf", "2012-11-01 - Tracking the 2012 Sasfis campaign.pdf", "2012-11-16 - Malware Targeting Windows 8 Uses Google Docs.pdf", "2012-11-13 - New variant of Mac Trojan discovered, targeting Tibet.pdf", "2012-11-14 - Group Photos.zip OSX-Revir - OSX-iMuler samples March 2012-November 2012.pdf", "2012-11-16 - Remote Administration Tool for Android devices.pdf", "2012-11-05 - Citadel- a cyber-criminal\u2019s ultimate weapon-.pdf", "2012-10-30 - JACKSBOT Has Some Dirty Tricks up Its Sleeves.pdf", "2012-11-27 - Threat Description- Troj-Ployx-A.pdf", "2012-11-22 - W32.Narilam \u2013 Business Database Sabotage.pdf", "2012-12-03 - Compromised library.pdf", "2012-11-25 - Parastoo Hacks IAEA.pdf", "2012-12-03 - New Mac Malware Found on Dalai Lama Related Website.pdf", "2012-11-28 - Shylock\u2019s New Trick- Evading Malware Researchers.pdf", "2012-11-29 - Inside view of Lyposit aka (for its friends) Lucky LOCKER.pdf", "2012-12-06 - Nov 2012 - W32.Narilam Sample.pdf", "2012-12-07 - Aug 2012 Backdoor.Wirenet - OSX and Linux.pdf", "2012-12-05 - The path to infection - Eye glance at the first line of -Russian Underground- - focused on Ransomware.pdf", "2012-12-07 - Aug 2012 W32.Crisis and OSX.Crisis - JAR file Samples - APT.pdf", "2012-12-07 - Nov 2012 - Backdoor.W32.Makadocs Sample.pdf", "2012-12-12 - Analysis of VirTool-WinNT-Exforel.A rootkit.pdf", "2012-12-07 - Nov 2012 Worm Vobfus Samples.pdf", "2012-12-12 - Unpacking Dexter POS -Memory Dump Parsing- Malware.pdf", "2012-12-13 - The Dexter Malware- Getting Your Hands Dirty.pdf", "2012-11-29 - What\u2019s the Fuss with WORM_VOBFUS-.pdf", "2012-12-15 - Disclosure of another 0day malware - Initial Dropper and Downloader (Part 1).pdf", "2012-12-19 - Win32-Spy.Ranbyus modifying Java code in RBS Ukraine systems.pdf", "2012-12-17 - Sample for Sanny - Win32.Daws in CVE-2012-0158 -ACEAN Regional Security Forum- targeting Russian companies.pdf", "2012-12-18 - Malicious Apache module used for content injection- Linux-Chapro.A.pdf", "2012-12-20 - Trojan.Stabuniq Found on Financial Institution Servers.pdf", "2012-12-15 - Disclosure of another 0day malware - Analysis of 2nd Dropper and 3rd Dropper (Part 2).pdf", "2012-12-23 - Dec 2012 Dexter - POS Infostealer samples and information.pdf", "2012-12-24 - Dec 2012 Linux.Chapro - trojan Apache iframer.pdf", "2012-12-27 - Nitol botnet.pdf", "2012-12-21 - Infostealer Dexter Targets Checkout Systems.pdf", "2012-12-24 - Dec. 2012 Trojan.Stabuniq samples - financial infostealer trojan.pdf", "2012-12-29 - Attack and IE 0day Informations Used Against Council on Foreign Relations.pdf", "2012-12-26 - ZeroAccess - Sirefef Rootkit - 5 fresh samples.pdf", "Crypto -Dark Comet.pdf", "Cyberattack against Israeli and Palestinian targets.pdf", "Dark Comet.pdf", "IEXPL0RE RAT.pdf", "OSX SabPub.pdf", "Flamer C & C Server.pdf", "Ixeshe.pdf", "Shamoon.pdf", "Pest Control.pdf", "The elderwood project.pdf", "The Mirage Campaign.pdf", "The Sin Digoo Affair.pdf", "Trojan Taidoor.pdf", "Wicked Rose & NCPH Hacking Group.pdf", "Fin Fisher's Spy Kit.pdf", "LuckyCat Redux.pdf", "The Madi Infostealers.pdf", "The VOHO Campaign.pdf", "The taidoor campaign.pdf", "The HeartBeat APT Campaign.pdf", "Tibet Lurk.pdf" ], "public": 1, "adversary": "", "targeted_countries": [], "malware_families": [], "attack_ids": [], "industries": [], "TLP": "white", "cloned_from": null, "export_count": 2, "upvotes_count": 0, "downvotes_count": 0, "votes_count": 0, "locked": false, "pulse_source": "web", "validator_count": 0, "comment_count": 0, "follower_count": 0, "vote": 0, "author": { "username": "kikinumpav", "id": "385742", "avatar_url": "https://otx.alienvault.com/assets/images/default-avatar.png", "is_subscribed": false, "is_following": false }, "indicator_type_counts": { "email": 22, "IPv4": 422, "URL": 347, "domain": 373, "hostname": 452, "FileHash-MD5": 927, "FileHash-SHA1": 84, "FileHash-SHA256": 248, "CVE": 42, "IPv6": 1 }, "indicator_count": 2918, "is_author": false, "is_subscribing": null, "subscriber_count": 11, "modified_text": "29 days ago ", "is_modified": false, "groups": [], "in_group": false, "threat_hunter_scannable": true, "threat_hunter_has_agents": 1, "related_indicator_type": "domain", "related_indicator_is_active": 1 } ], "error": null, "vt": { "error": "VirusTotal rate limit reached. Try again shortly.", "indicator": "claycube.us", "type": "Domain" }, "abuseipdb": null, "urlhaus": { "indicator": "claycube.us", "found": false, "verdict": "clean", "urls": [], "error": null }, "from_cache": true, "_cached_at": 1780221828.3901725 }