{ "type": "URL", "indicator": "https://360.escobar.gob.ar/", "general": { "sections": [ "general", "url_list", "http_scans", "screenshot" ], "indicator": "https://360.escobar.gob.ar/", "type": "url", "type_title": "URL", "validation": [], "base_indicator": { "id": 4335424731, "indicator": "https://360.escobar.gob.ar/", "type": "URL", "title": "", "description": "", "content": "", "access_type": "public", "access_reason": "" }, "pulse_info": { "count": 1, "pulses": [ { "id": "69f29e8e4f1ca3d227cf5ef0", "name": "Updatre - Co Gov Infrastructure", "description": "", "modified": "2026-05-29T22:09:08.199000", "created": "2026-04-30T00:13:02.351000", "tags": [ "cve", "cve_2014_6332", "udp include", "microsoft", "eset", "colorado", "judicial", "dynamicloader", "ff d5", "ee fc", "yara rule", "f0 ff", "eb e1", "ff bb", "ff ff", "ed b8", "medium", "upatre", "write", "moe", "adversaries", "malware", "active", "compression", "upx compression", "nullsoft", "webexploits", "nullsoft_nsis", "nullsoftInst", "ubound", "execute", "xor", "vbscript", "entry", "pe file", "mitre attack", "network info", "binary", "aslr", "ole file", "program", "t1055 process", "processes extra", "overview zenbox", "code", "defense evasion", "url https", "url http", "indicator role", "title added", "active related" ], "references": [ "CVE-2014_6332", "Yara Detections: cve_2014_6332 , Nullsoft_NSIS , UPX", "Alerts: binary_yara static_pe_anomaly static_pe_pdbpath", "em002_64.dll bb1733b7cb012f8b7d6cd0347283a549ffeab7beb4b3d0168e0d8c9cecdef8eb CVE" ], "public": 1, "adversary": "", "targeted_countries": [ "United States of America" ], "malware_families": [ { "id": "CVE-2014_6332", "display_name": "CVE-2014_6332", "target": null }, { "id": "Updatre", "display_name": "Updatre", "target": null } ], "attack_ids": [ { "id": "T1045", "name": "Software Packing", "display_name": "T1045 - Software Packing" }, { "id": "T1587.001", "name": "Malware", "display_name": "T1587.001 - Malware" }, { "id": "T1608.001", "name": "Upload Malware", "display_name": "T1608.001 - Upload Malware" }, { "id": "T1055", "name": "Process Injection", "display_name": "T1055 - Process Injection" }, { "id": "T1082", "name": "System Information Discovery", "display_name": "T1082 - System Information Discovery" }, { "id": "T1218", "name": "Signed Binary Proxy Execution", "display_name": "T1218 - Signed Binary Proxy Execution" }, { "id": "T1497", "name": "Virtualization/Sandbox Evasion", "display_name": "T1497 - Virtualization/Sandbox Evasion" }, { "id": "T1574", "name": "Hijack Execution Flow", "display_name": "T1574 - Hijack Execution Flow" }, { "id": "T1068", "name": "Exploitation for Privilege Escalation", "display_name": "T1068 - Exploitation for Privilege Escalation" } ], "industries": [ "Government", "Legal" ], "TLP": "white", "cloned_from": null, "export_count": 0, "upvotes_count": 0, "downvotes_count": 0, "votes_count": 0, "locked": false, "pulse_source": "web", "validator_count": 0, "comment_count": 0, "follower_count": 0, "vote": 0, "author": { "username": "Q.Vashti", "id": "337942", "avatar_url": "https://otx.alienvault.com/assets/images/default-avatar.png", "is_subscribed": false, "is_following": false }, "indicator_type_counts": { "FileHash-MD5": 39, "FileHash-SHA1": 37, "FileHash-SHA256": 216, "hostname": 77, "domain": 60, "URL": 135 }, "indicator_count": 564, "is_author": false, "is_subscribing": null, "subscriber_count": 143, "modified_text": "3 days ago ", "is_modified": true, "groups": [], "in_group": false, "threat_hunter_scannable": true, "threat_hunter_has_agents": 1, "related_indicator_type": "URL", "related_indicator_is_active": 1 } ], "references": [ "CVE-2014_6332", "Yara Detections: cve_2014_6332 , Nullsoft_NSIS , UPX", "Alerts: binary_yara static_pe_anomaly static_pe_pdbpath", "em002_64.dll bb1733b7cb012f8b7d6cd0347283a549ffeab7beb4b3d0168e0d8c9cecdef8eb CVE" ], "related": { "alienvault": { "adversary": [], "malware_families": [], "industries": [], "unique_indicators": 0 }, "other": { "adversary": [], "malware_families": [ "Updatre", "Cve-2014_6332" ], "industries": [ "Legal", "Government" ], "unique_indicators": 569 } } }, "false_positive": [], "alexa": "http://www.alexa.com/siteinfo/escobar.gob.ar", "whois": "http://whois.domaintools.com/escobar.gob.ar", "domain": "escobar.gob.ar", "hostname": "360.escobar.gob.ar" }, "geo": {}, "geo_ipapicom": {}, "pulse_count": 1, "pulses": [ { "id": "69f29e8e4f1ca3d227cf5ef0", "name": "Updatre - Co Gov Infrastructure", "description": "", "modified": "2026-05-29T22:09:08.199000", "created": "2026-04-30T00:13:02.351000", "tags": [ "cve", "cve_2014_6332", "udp include", "microsoft", "eset", "colorado", "judicial", "dynamicloader", "ff d5", "ee fc", "yara rule", "f0 ff", "eb e1", "ff bb", "ff ff", "ed b8", "medium", "upatre", "write", "moe", "adversaries", "malware", "active", "compression", "upx compression", "nullsoft", "webexploits", "nullsoft_nsis", "nullsoftInst", "ubound", "execute", "xor", "vbscript", "entry", "pe file", "mitre attack", "network info", "binary", "aslr", "ole file", "program", "t1055 process", "processes extra", "overview zenbox", "code", "defense evasion", "url https", "url http", "indicator role", "title added", "active related" ], "references": [ "CVE-2014_6332", "Yara Detections: cve_2014_6332 , Nullsoft_NSIS , UPX", "Alerts: binary_yara static_pe_anomaly static_pe_pdbpath", "em002_64.dll bb1733b7cb012f8b7d6cd0347283a549ffeab7beb4b3d0168e0d8c9cecdef8eb CVE" ], "public": 1, "adversary": "", "targeted_countries": [ "United States of America" ], "malware_families": [ { "id": "CVE-2014_6332", "display_name": "CVE-2014_6332", "target": null }, { "id": "Updatre", "display_name": "Updatre", "target": null } ], "attack_ids": [ { "id": "T1045", "name": "Software Packing", "display_name": "T1045 - Software Packing" }, { "id": "T1587.001", "name": "Malware", "display_name": "T1587.001 - Malware" }, { "id": "T1608.001", "name": "Upload Malware", "display_name": "T1608.001 - Upload Malware" }, { "id": "T1055", "name": "Process Injection", "display_name": "T1055 - Process Injection" }, { "id": "T1082", "name": "System Information Discovery", "display_name": "T1082 - System Information Discovery" }, { "id": "T1218", "name": "Signed Binary Proxy Execution", "display_name": "T1218 - Signed Binary Proxy Execution" }, { "id": "T1497", "name": "Virtualization/Sandbox Evasion", "display_name": "T1497 - Virtualization/Sandbox Evasion" }, { "id": "T1574", "name": "Hijack Execution Flow", "display_name": "T1574 - Hijack Execution Flow" }, { "id": "T1068", "name": "Exploitation for Privilege Escalation", "display_name": "T1068 - Exploitation for Privilege Escalation" } ], "industries": [ "Government", "Legal" ], "TLP": "white", "cloned_from": null, "export_count": 0, "upvotes_count": 0, "downvotes_count": 0, "votes_count": 0, "locked": false, "pulse_source": "web", "validator_count": 0, "comment_count": 0, "follower_count": 0, "vote": 0, "author": { "username": "Q.Vashti", "id": "337942", "avatar_url": "https://otx.alienvault.com/assets/images/default-avatar.png", "is_subscribed": false, "is_following": false }, "indicator_type_counts": { "FileHash-MD5": 39, "FileHash-SHA1": 37, "FileHash-SHA256": 216, "hostname": 77, "domain": 60, "URL": 135 }, "indicator_count": 564, "is_author": false, "is_subscribing": null, "subscriber_count": 143, "modified_text": "3 days ago ", "is_modified": true, "groups": [], "in_group": false, "threat_hunter_scannable": true, "threat_hunter_has_agents": 1, "related_indicator_type": "URL", "related_indicator_is_active": 1 } ], "error": null, "vt": { "error": "VirusTotal rate limit reached. Try again shortly.", "indicator": "https://360.escobar.gob.ar/", "type": "URL" }, "abuseipdb": null, "urlhaus": { "indicator": "https://360.escobar.gob.ar/", "type": "URL", "found": false, "verdict": "clean", "error": null }, "from_cache": true, "_cached_at": 1780373006.6876357 }