{ "type": "Domain", "indicator": "viccpop.com", "general": { "sections": [ "general", "geo", "url_list", "passive_dns", "malware", "whois", "http_scans" ], "whois": "http://whois.domaintools.com/viccpop.com", "alexa": "http://www.alexa.com/siteinfo/viccpop.com", "indicator": "viccpop.com", "type": "domain", "type_title": "Domain", "validation": [], "base_indicator": { "id": 3634769203, "indicator": "viccpop.com", "type": "domain", "title": "", "description": "", "content": "", "access_type": "public", "access_reason": "" }, "pulse_info": { "count": 1, "pulses": [ { "id": "63f16ce668c75c5ec1148e7b", "name": "http://vinyldevicepop.com", "description": "The Falcon Sandbox malware analysis service is available to download, view and download all the data on the Falcon website, including the full report on how to identify and identify the malware and tactics behind the attack.", "modified": "2023-03-21T00:02:57.765000", "created": "2023-02-19T00:27:18.058000", "tags": [ "sandbox", "malware", "analysis", "online", "submit", "vxstream", "sample", "download", "trojan", "apt", "runtime data", "ansi", "localappdata", "unicode", "hash seen", "size", "runtime process", "sha256", "sha1", "temp", "entropy", "suspicious", "hybrid", "close", "click", "ransomware", "february", "general", "strings" ], "references": [ "https://hybrid-analysis.com/sample/a575cf06662eb0972d9d0e5286382ca909ac3d4db893153ac13242e626304b1f/63f0cc25c94909360712d453" ], "public": 1, "adversary": "", "targeted_countries": [], "malware_families": [], "attack_ids": [ { "id": "T1071", "name": "Application Layer Protocol", "display_name": "T1071 - Application Layer Protocol" }, { "id": "T1105", "name": "Ingress Tool Transfer", "display_name": "T1105 - Ingress Tool Transfer" }, { "id": "T1486", "name": "Data Encrypted for Impact", "display_name": "T1486 - Data Encrypted for Impact" } ], "industries": [], "TLP": "white", "cloned_from": null, "export_count": 12, "upvotes_count": 0, "downvotes_count": 0, "votes_count": 0, "locked": false, "pulse_source": "web", "validator_count": 0, "comment_count": 0, "follower_count": 0, "vote": 0, "author": { "username": "callmeDoris", "id": "205385", "avatar_url": "https://otx.alienvault.com/assets/images/default-avatar.png", "is_subscribed": false, "is_following": false }, "indicator_type_counts": { "URL": 98, "hostname": 38, "domain": 10, "FileHash-SHA256": 62, "FileHash-MD5": 50, "FileHash-SHA1": 49 }, "indicator_count": 307, "is_author": false, "is_subscribing": null, "subscriber_count": 90, "modified_text": "1169 days ago ", "is_modified": true, "groups": [], "in_group": false, "threat_hunter_scannable": true, "threat_hunter_has_agents": 1, "related_indicator_type": "domain", "related_indicator_is_active": 1 } ], "references": [ "https://hybrid-analysis.com/sample/a575cf06662eb0972d9d0e5286382ca909ac3d4db893153ac13242e626304b1f/63f0cc25c94909360712d453" ], "related": { "alienvault": { "adversary": [], "malware_families": [], "industries": [] }, "other": { "adversary": [], "malware_families": [], "industries": [] } } }, "false_positive": [] }, "geo": {}, "geo_ipapicom": {}, "pulse_count": 1, "pulses": [ { "id": "63f16ce668c75c5ec1148e7b", "name": "http://vinyldevicepop.com", "description": "The Falcon Sandbox malware analysis service is available to download, view and download all the data on the Falcon website, including the full report on how to identify and identify the malware and tactics behind the attack.", "modified": "2023-03-21T00:02:57.765000", "created": "2023-02-19T00:27:18.058000", "tags": [ "sandbox", "malware", "analysis", "online", "submit", "vxstream", "sample", "download", "trojan", "apt", "runtime data", "ansi", "localappdata", "unicode", "hash seen", "size", "runtime process", "sha256", "sha1", "temp", "entropy", "suspicious", "hybrid", "close", "click", "ransomware", "february", "general", "strings" ], "references": [ "https://hybrid-analysis.com/sample/a575cf06662eb0972d9d0e5286382ca909ac3d4db893153ac13242e626304b1f/63f0cc25c94909360712d453" ], "public": 1, "adversary": "", "targeted_countries": [], "malware_families": [], "attack_ids": [ { "id": "T1071", "name": "Application Layer Protocol", "display_name": "T1071 - Application Layer Protocol" }, { "id": "T1105", "name": "Ingress Tool Transfer", "display_name": "T1105 - Ingress Tool Transfer" }, { "id": "T1486", "name": "Data Encrypted for Impact", "display_name": "T1486 - Data Encrypted for Impact" } ], "industries": [], "TLP": "white", "cloned_from": null, "export_count": 12, "upvotes_count": 0, "downvotes_count": 0, "votes_count": 0, "locked": false, "pulse_source": "web", "validator_count": 0, "comment_count": 0, "follower_count": 0, "vote": 0, "author": { "username": "callmeDoris", "id": "205385", "avatar_url": "https://otx.alienvault.com/assets/images/default-avatar.png", "is_subscribed": false, "is_following": false }, "indicator_type_counts": { "URL": 98, "hostname": 38, "domain": 10, "FileHash-SHA256": 62, "FileHash-MD5": 50, "FileHash-SHA1": 49 }, "indicator_count": 307, "is_author": false, "is_subscribing": null, "subscriber_count": 90, "modified_text": "1169 days ago ", "is_modified": true, "groups": [], "in_group": false, "threat_hunter_scannable": true, "threat_hunter_has_agents": 1, "related_indicator_type": "domain", "related_indicator_is_active": 1 } ], "error": null, "vt": { "error": "VirusTotal rate limit reached. Try again shortly.", "indicator": "viccpop.com", "type": "Domain" }, "abuseipdb": null, "urlhaus": { "indicator": "viccpop.com", "found": false, "verdict": "clean", "urls": [], "error": null }, "from_cache": true, "_cached_at": 1780425154.3957138 }