Threat Round-up for the Week of Mar 20 – Mar 24

Today, Talos is publishing a glimpse into the most prevalent threats we’ve observed over the past week. As with previous round-ups, this post isn’t meant to be an in-depth analysis. Instead, this post will summarize the threats we’ve observed by highlighting key behavior characteristics, indicators of compromise, and how our customers are automatically protected from these threats.

As a reminder, the information provided for the following threats in this post is non-exhaustive and current as of date of publication. Detection and coverage for the following threats is subject to updates pending additional threat or vulnerability analysis. For the most current information, please refer to your FireSIGHT Management Center, Snort.org, or ClamAV.net.


This week’s most prevalent threats are:

  • Win.Trojan.Bladabindi-6016609-0
    This threat is a combination of backdoor and credential stealer. The executable is .Net bytecode, which is obfuscated with differing obfuscators. Once activated, the malware will open a firewall port to allow its creator to connect to the infected machine.
  • Win.Trojan.VBTrojan3-6118226-0
    This family attempts to infect connected USB drives by creating an autorun.inf file and copying itself to numerous locations on the drive with names such as “Secret.exe”, “Porn.exe”, “Sexy.exe”, or “Passwords.exe”. It will also disable Windows Update, copy itself under %USERPROFILE%, and configure itself to run at startup. It will contact the C&C server to receive further instructions.
  • Win.Downloader.Gen-6115940
    This malware performs modifications to the Internet proxy settings, communicates with malicious domains, and installs Certificate Authority root certificates. It’s capable of modifying clipboard data contents, executing external applications and recording screenshots.
  • Win.Trojan.Tinba-6136046
    Tinba or Tiny Banker is a well known malware dedicated to stealing banking details from victims. It usually uses a Domain Generation Algorithm to connect C&C server and get further instructions. It injects itself into processes such as explorer.exe, ctfmon or winver. Then it usually acts as a man-in-the-middle to collect banking information. This binary is able to hook file or directories functions, registry query functions to hide its presence.
  • Win.Trojan.Iparmor-6136596-0
    This trojan contacts a remote server and works as a backdoor giving the attacker full access on the victim machine by binding on a given port on the target computer. Additionally, it may employ anti-vm and anti-debugging techniques to hinder the analysis and may inject on other processes.
  • Win.Trojan.Dridex
    Description: Dridex is a popular banking trojan aimed at stealing banking credentials that are submitted from the infected host. It leverages a code injection technique known as AtomBombing to help evade detection when samples undergo automatic dynamic analysis. The latest version also includes several additional updates to prior components; the author(s) and relevant campaigns are still determined to make use of the family for harvesting sensitive financial information.
  • Win.Trojan.Fareit
    Fareit is a Trojan focused on harvesting sensitive information, including banking credentials. The latest variant is coded in VB.NET. Unfortunately, the decompiled p-code is heavily obfuscated. Upon runtime, it will communicate with a C&C server and download a stage 2 binary.
  • Win.Packer.RC465
    This packer is delivered in a self-extracting RAR archive containing four files ([a-z0-9]{6}.vbs, [a-z0-9]{4}.dll, p, x). The VBS script uses rundll32.exe to execute the DLL, which uses a modified version of RC4 to decrypt and load the payload executable.
  • Doc.Macro.DeleteMacro-6096859-0
    Samples associated with this threat have the ability to remove the macro GUI buttons and modify the default Word template by adding macro code to it.
  • Doc.Downloader.Donoff-6152250-0
    Donoff is a payload delivery Office document that leverages the Windows Command shell to launch a Powershell one-liner to download and execute an executable. Among the arbitrary payloads that Donoff can deliver it has been seen downloading ransomware including Crypt0L0cker.

Details

Win.Trojan.Bladabindi-6016609-0

Mutex Created
Created mutexes are random, below is a sample of the created mutexes by the given samples:

  • \BaseNamedObjects\82a189c74c3e9fd038b3ac06323ec594
  • \BaseNamedObjects\5a3497b38e5f17baf6d068415ba44fc3
  • \BaseNamedObjects\5660a10368a656b0823e959b24f70f8e
  • \BaseNamedObjects\c611ee3fd342ce91082e2af52cd56103

Domain Names

  • anonymouxhacker.zapto.org 
  • shabd.ddns.net

File Hashes
These are just some samples, hashes vary as the malware gets parametrized

  • fa616b946ba80eba844f22f946120a2fee4c5d9996ad1e7d542785d4ad9c6b61
  • fc6bea4b3f1cd01c3796a1c665a48584ba187a44420fe03016f1a884046096d8
  • 79e5dae1654922e5ed38ebf456fb787a062fb2dea88c4caca851fe9198266e73
  • 21e10f4c80e076376e4a65cc6a316badd1a23840ef2b90c411eb525759e2b0f8

Firewall Bypass
The malware executes netsh to poke a hole into the host’s firewall

  • netsh firewall add allowedprogram %TEMP%\\server.exe server.exe ENABLE

Coverage

Detection Engines

ThreatGRID

AMP

Umbrella

    Win.Trojan.VBTrojan3-6118226-0

    Registry keys created
    This family will modify the registry in order to, at least, disable the display of hidden files, and survive after reboot by starting the malware after the systems boots, and disable windows updates.

    • USER\$UUID\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN
    • USER\$UUID\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\ADVANCED
    • HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU

    Domains

    • Ns1.musicmixb.co
    • Ns1.musicmixc.com
    • Ns1.musiczipz.com
    • Ns1.musicmixa.org
    • ns1.musicmixa.net

    File Hashes

    • B86289e538509cf601471b8f63d21e47223740ce64341c1c8ea9511cfd396326
    • 8cd348be4596e65fcd9a756a184179dce348533b37bd089a4aaaacbe5c08617c
    • 8fc063601cb80b0e64e611766eaeb8fb2ba16cdbed99d297d31089298941bc1e
    • 517ec51154ee27bcf69963f8ca6958bc4a16f1ca646d02c6c3a8572edc6b0536

    Coverage

    AMP

    ThreatGRID

    Umbrella


    Win.Downloader.Gen-6115940

    Domain Names

    • node4.checkforfiles.com

    File Hashes

    • 9e8ba41bb1ef5e23dd56b0f5003d7a7851463791974ffb1f7c64727997554e06
    • 68a4d57ea1c3f0fd3bb9feadebfa748be22ad3bfeb4b1e88650d59d39b0e3af7
    • f66b9bfc9d22e078f44477d396dd25a36aca553e29fb79c45da90b8681de82e8
    • 233a535156360292cf65a0e7ca6e0c6f85970c9c9a13e338cf0b8987d41dbb8a
    • 793985b655fe2b6206029639301c93de4cb057cf20126fff9f4bb8c99cb006a5
    • 9308e8b84e4252acf6d37c8f0df0080eab416d8ca6767a226b0282c71b0a169d

    Coverage

    ThreatGRID


    Umbrella


    AMP

    Win.Trojan.Tinba-6136046

    Registry Keys

    • HKCU\Software\Microsoft\Windows\CurrentVersion\Run containing path to binary present into %APPDATA%\[A-Z0-9]{8}\bin.exe

    Domain Names

    • spaines.pw/li>

    File Hashes

    • 33ace28769703d2a3bdb7da221fe547c36a6063d3e31b6f82ea13dd6295d550e

    Coverage


    ThreatGRID


    Umbrella



    AMP


    Win.Trojan.Iparmor-6136596-0

    IP Addresses:

    • 192.255.255.255

    File Hashes

    • 940b834041a3ac196d360bd035678e3b53ef43e675a53c350739be269df01c8c
    • f8aac01562af0f848707ae9951cead70f617ea4896256d852d7234ecacac7c3d
    • 66dec1af131ae87dd70c859ec3e055016cdbb35af3fddc4ceab6a9b4c55ef55f
    • b3ec5536991492e7d1d3a56930b8bc0353c8b63d9fd2eda6dc8418c387e1e001
    • 0232b7704803b52c5c32cf021606c051c5218e0f0f3ea3dedd025284eb5d4169
    • 52a39437e38b4e5e0467417cd67036e1881e2dca74f9bbe05c0e24ace648ee0b
    • 64fea547eb8fc0db2cec33914b9ec161a6f99711cce27f7256cd9362454a4780
    • 80c1940ac1ebbc4ff1d97887d78d098ee506877c6060fbaf17dd16b315fdc47c
    • 37ee2ad6b60e719cc100ece82101eb09f570e6a4c31ed517f2659df154f22349
    • 7c654d62ca9804856306d23ae298d813615a65a0e8221d09d44da642834fa75f
    • 89379d5c0db492689c2a0fb8975ab479f936cb2d1165619552fe25e88219cbda
    • 9130bfed5a6043f7a157f44f532b01954d28b44d862728b92e20c1692809e4cd
    • e457cc7c55b8d43c7b3deeb35a4ba44bd0ac20e64e8d4b9934ca0303ef087ef2
    • b5048bdeccf35db28930bab065d9736c6e350a55c03e57a1b2b11bc725641c23
    • ee326cf8132cc5f8ca27e078dfb43730f6c346e685216bd54e8babb7c39bde74
    • 6a4ae044adf4cfc22ecdc52b4074016306409d0cb298b2ac7962be746fa49103
    • 42c6074b88483a524a19150501ad1f51a3eb1c552efabb68acf6220012932fec
    • 5529e1f0e4eb412924a750351352bf62dc96064fa5a6de8466711fbeb701a726

    Coverage



    ThreatGrid


    AMP

    Win.Trojan.Dridex

    File Hashes

    • 6ee8f4eabd118de4a86825dfd3d5389c607cbecec00bee45d2d2cded7d591b14
    • 8bfeacd98b5a469c5039889f76ef55874a3358578f439ecc17d6498ccdb094b6
    • ffbd79ba40502a1373b8991909739a60a95e745829d2e15c4d312176bbfb5b3e
    Coverage
    AMP



    ThreatGRID

    Win.Trojan.Fareit

    Registry Keys

    • USER\S-1-5-21-1202660629-583907252-1801674531-500\Software\WinRAR
    • USER\S-1-5-21-1202660629-583907252-1801674531-500\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders
    • USER\S-1-5-21-1202660629-583907252-1801674531-500\SOFTWARE\Microsoft\Protected Storage System Provider\S-1-5-21-1202660629-583907252-1801674531-500

    Strings

    • SCAN_HSBC
    • UltraFx
    • x00E00x00n00x00t00x00r00x00y00x00P00x00o00x00i00x00n00x00t00x00

    IP Addresses

    • 198.54.115.45
    • 213.184.116.31

    Domain Names

    • highsky.com.my

    File Hashes

    • 1325a57ca81006ebabe898c44daefeec1d080df3a8c65cfaa372cf57cda31d22
    • 2a8bb1c087c459bbe7f2fce04f14fe00025033178c8251df921b4032783340b8
    • 884945f99f7416d56ee6c6ba880c9446a134b04928b3133dc19abac0785b94e0
    • B97c94b7f3232a401bd2349a32ce3379b39d6b17d8761ed15abb49852ef08eb3
    • c3264614463d21aab1cffba9f8231faef3da07ea2254f3ec411da1a3ae66d52b

    Coverage

    AMP


    ThreatGRID



    Umbrella


    Win.Packer.RC465

    Registry Keys

    • HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUNONCE\[a-zA-Z0-9]{10}

    File Hashes

    • 3b7e4f67009cbd2824598c508e0b2ce483eecd6f511eec5e127338234d824999
    • 2db439d172cff55644ed5f730edd4487c033014d0cce764b7b4a74ef57f021cb
    • 15000f651f3c3b1afa8acfeccbd3e443113d4955167f244c764a60110af73065
    • 0be76a74af6f5c76655532f121e17cfa65857fa73c3c7002211dbecdcd57a474
    • 09b916bbde9a3b494d8b41f0e78c0a544ad181e419e9582900360eea74dcc3e4
    • 0be82bf0345160ac3562efde4d68f27da8f8a22975acb8ba0fc46f257d7c1a70
    • 07d12ab5c581e4635d453a714cec29f70540c2816ca17da5404ff739f6396f5f
    • 9492549e42ea3793ec33efd239ae62fdc5a5252e14bccdacbbfb870e07a1304a
    • 8e0973d2f3583dff7f91fea8e548e1a1ecbccfb8c374430887ee6225a72f51dd
    • 82b8eea0234c7a37b3e98ab8ca86766d112140af776bc1bf4c9dd181eacfb1bb
    • 00a73eccf408c5ac449ab68542a7b8a002b457499ed04fe8a272779374cd766d
    • d6100ee469961517bda582d2d0dfea54125ac1c58c062b2db4997e1ca7a58969
    • 0cf5145f310abf6605ffdc0e67bb9470752e7e69bbf21193facbc2ac476c5a19
    • 76926cfda312f9b8b6217fa8a68e1f9e91725485bee9e74c1c34e79276d9359d
    • d313b38800678d72a43e0f0ffad1039abb20fdb74f0425507d69ac682cfed2b8
    • e92811dbea6587f79638e3cac6a14bf5e132373dde0a13e8a96f9e7712566498
    • 1499865e52d9caab7ed102df1f206d506ee9312848ba661768912e47a4ad2a3b
    • 9d0edca1b7675b955bf0287f675407551c6f65f138f68e7591bc50019dd2f28f
    • d738fb22e2461e65c06df92e079f9a07d1a2371fcb35659841d80ac81315add6
    • ef3a8223b0b5d0ca5f9eca6ab3946636e36e0560ecbad7e40969b8dc1f61c9cd


    Coverage



    ThreatGRID



    AMP

    Doc.Macro.DeleteMacro-6096859-0

    File Hashes

    • 715b734378570b5431efaf3f63113a6217dfffcf32e61c9dced5c4ff48b125ec
    • 0924ca31555ab910829ae1fab32c51f964975d218357dff6cb58943eebddc256
    • b54d842ee379bdc7d83c34e50ca15cb6941a8148690bdebe6f9183d9d5f490fb
    • f2976b070aa82902f288a319888c1509b3ad1a1a2e5f752c0c36e247cab48d56
    • cb4c19e6f3aa6e73c27c7af21803f5fb4f1466b0aa4ef7654a126e37d2d31763
    • 0ad1c262532a15c08a0e69d9b57990866bf81fff74dafa893376b8d376b70507
    • 18ffc85172c2b23791a0f2e062018657a8e75fa72de2352534064f610fb9bd17
    • 2b80414ea7a070d3e049e780710de1f43122fd17dd34d08bced61354a2472875
    • 1e00457df49dd5c8375a6edfbc8ba747fccc3a14de03affaf5030d59ebe6b53e
    • 5462edbd7a2d1ad3067e881cbf03a3947e38b207b69a743ae6c7df3d72251576
    • 8930677fe355fa5058fe88bfae106f4af8d0c388620684ea0a34ffc73d0cdcbe
    • 77cd2421d2281a4c82997889c37838fd99c0b38fbd3579e93c251fe493e7f5e1
    • 8cb8c1595a3ae720cb4e2daf3675625a33922d2fba1ed60a0384b511aa8cfb50
    • 9d80a61ce7747b5446f46be6a38cc3eb29c044f08806865868ce4d0ceaa1143f
    • 990b34230ef752aa4fe49577186bf4a8c42fbebe0a9d8d9472ab1074da030c97
    • ac7745f9e97c51b1c7c2829b0fed04151cc8272a15bb36c2310c4116d100bca8
    • e0820bb963b156ea660d7492f631acaab58ee88522959f0b05c55f3165c809de
    • bb0c3b4196a1fa85c1ad5301cad55e4e77a44e8b8b76202db1a24d09ad493a80
    • e63ced08a18e499ca1a4b6eda93dcf095531edca59e599c489edebd13a27027e
    • f9e6c14502a3c6589f6992b3f0e04f5a03d612af6ae318821f4fd3565254f04d
    • f13e5f5534a059a9af20da5396b25a4bbd9d27bc208b8924544a55ee3b09d0b4

    Coverage


    AMP



    ThreatGRID


    Doc.Downloader.Donoff-6152250-0

    IP Addresses

    • 185.39.5.8
    • 93.188.162.213

    Domain Names

    • cleanmas.pl

    Dropped Files

    • %TEMP%\%APPDATA%\{1 – 65536}.exe

    File Hashes

    • 0429695ccb078655bafa00e0e5240746c2795181119cf583ad76e080e7669fed
    • 0f50e798e1852f7689248562897634c68ac2cff6eb8ea1a1cb4721744ae17490
    • 0fec6ecfe3d7732879614b81bb6559418287c71664c3dc15b15ac01e100502ed
    • 10e0d0dec43b2240d25a98126e2a443cc08f8ee1f61a190e63f5b247377759a2
    • 1baf5882252a263bf7b76ba1f9749b72a73342fd5ed666f922477716116d72fd
    • 1ea7a8d9b91f1ad8d7edbf50335d2b3b2ca797c7f2f25b8edd592d5664e45d14
    • 20c2e0c86cf1321344eae8306f8a3127dc57c591d236f1d6a5bdc85cee29c487
    • 23dca7aae684357a579e05cec2f344d0f27ba0f85fbdd815340ba47fc1c357a7
    • 2a08bdae19ddd23842d104a4292ea21086b4f7b290ab509c286ed97518949053
    • 2e7a8df20f01f2ffc44db9678cf48a54caff101adb97d901cd83ef2dde6c3900
    • 30884dd41b81d3f4233fa33e1c4e3112b12c2944717c04cf0cec449ad97be372
    • 3c5082e6bfc9a858663af3f4c4bcb241a5a0ef00dd2b74285e9294d6ef34e8fd
    • 3eef07a4b923541677f08e2aed79eb926fcfdb1d7576182d6fa1ba034ce21844
    • 3f340705c7003ae3c096ea6ef6ca930d5548e89a1caba61ec58da3a780def9a7
    • 41dd0c8e2deef5899e7f536bd18aad271b52f4f223d043f23da6f1a46bd6ac8d
    • 58420b9eb1610e7083e37cc5284a3d674ea244478890acf56b14f77485a75eaf
    • 5f021acea76cc14c0c4ba1236f0315d6b1e0a5b7fd15935c2d958b06e282f312
    • 5f631482906a44af362725d6058a61c958166a61385625e7a6739ae32448e1da
    • 6294e018d170b6dc2e08e829f859d72ab08b012d33d2d0c57a3516916b0aadfb
    • 63483e6d695eb3c1ff1a5c909fe40f7ada090521a2d932c085876fd9a40845c7
    • 6bf5b11317c7c5f95980d636cbba4e84ce439dcebe5ed63f7f2ba8115f8ddf18
    • 6ccc8ee2a88cf7de4b593d8da9d993db983f5864840223745a465cf882415b43
    • 7b4d5d0b3a083633511b5bd7ce02b77a140735530a15c4880092bbf413e612f7
    • 7bed01c5c6cb254137060686e0f03166e3c43a1b1879f90b119ab9551b23e873
    • 7ea7d09a2556f0dcaf1d4f398d96200225bb8aab335156710747a0aba42fd526
    • 813b21d41554d4de3bd599e70756caf7b8fd4244a632b199e029488094ab0859
    • 81d8c8579af753328d49d075a8ea52ace87c0212927c3c0f7d0afd3ccb836f0a
    • 8898c372b6050fb50733b3e8ce4e0bc25a61ea46805a7934c493716ec2224008
    • 8c7a1c62d7be39d9ab00df861ee2365989167ae5dfa2f5cf6f3c8a0688a59857
    • 8d1bcd00b26a138cc48ce8d7266fba55423f7f168f6a5cb986a9adf29b1a255b
    • 9a02aeab657c0cdf50cb75572b7ef4a800871b907a601bca547cc8be2817d78d
    • 9c0eac9a0d1b72680d1f4faab32132020aa5f85aa7437da732e3a885ea2ccfb9
    • 9d1995379a15a4aa5c8ac19bb0fab65ad6f796457e6b2c2616bb719826844b56
    • a0eee1651d635a61ae3b9a8cfe5712f5798852a2f94e65853aeeaafe68c04a80
    • afb77afe690d7b045dd9a9682570e7354ec043e3cbc505785865fed3804da826
    • b0f8e04fef0358a141167d4b4b6c1d90bae762a581ddb139c4bacbfe811bb7d4
    • b2a375228e4c1a221fe624b3fda44b9e6c29b0dcc4124c7f3e69dfdde7940ba0
    • b300d17bddbff91a0428730f4d3ed6b0478e034bbc6e5436e12ed87050b4be10
    • c205cd4239b190173662f40c1a01cdc49b31916084b9002d6e4ba89bbc19e7bf
    • c615ace7a3d93f35af6fcf1bb42a2125f5777aadc561fb02f2464921da3cf0ab
    • cb1f6e58f05a70fe9bb6d5ae4f91b674640ec3215f495042462a176510250ba3
    • d2499dc69ee62e7882c7693d7bd7a7d2b876bfcb0ff5a3ebe1758a7da70cd23a
    • dbfb3e2ea8d2a48ff5a226c682079ab7967b2edaf8847915b6c8a5bc789bf19d
    • dee876492be769d4c5c75dc2749edb83fc18b485a6d6081cb0a842c414280097
    • df687fbe30801675c252f4aa921254e6ef9708c6a154b93c639e0b600dc77b27
    • df6ef50d0787a95e48f9f9c2eedfb8ee09a076f944f43644ccaf17df253ef6f0
    • e7279c563d9382759fdf96c14c62969dd4aa49300f50c3d9cd9b48ec0a394727
    • e8fde628aa22e21c75b924591342801ea0fdc99ad2ee53a9bc93e87ffe36b920
    • ec47da332ca5c049068d259f339b5b901ca85a51323a1858ae9677e2cefdf1c5
    • eefe74e9065697925423c8d0d01919cfb8778091cf63dc959f142c9d9b79f66c
    • f1cfc89e3434721b75b5d1c3c853b71da06a963c9bfa418a3de44b31aa74c094
    • f758fbd2a1dcfbd0727fba3abf6b6e8ce142ce299c9c8b1aae6c28aa72d96807
    • 1ea7a8d9b91f1ad8d7edbf50335d2b3b2ca797c7f2f25b8edd592d5664e45d14
    • 0429695ccb078655bafa00e0e5240746c2795181119cf583ad76e080e7669fed
    • 0f50e798e1852f7689248562897634c68ac2cff6eb8ea1a1cb4721744ae17490
    • 0fec6ecfe3d7732879614b81bb6559418287c71664c3dc15b15ac01e100502ed
    • 10e0d0dec43b2240d25a98126e2a443cc08f8ee1f61a190e63f5b247377759a2
    • 1baf5882252a263bf7b76ba1f9749b72a73342fd5ed666f922477716116d72fd
    • 20c2e0c86cf1321344eae8306f8a3127dc57c591d236f1d6a5bdc85cee29c487
    • 23dca7aae684357a579e05cec2f344d0f27ba0f85fbdd815340ba47fc1c357a7
    • 2a08bdae19ddd23842d104a4292ea21086b4f7b290ab509c286ed97518949053
    • 2e7a8df20f01f2ffc44db9678cf48a54caff101adb97d901cd83ef2dde6c3900
    • 30884dd41b81d3f4233fa33e1c4e3112b12c2944717c04cf0cec449ad97be372
    • 3c5082e6bfc9a858663af3f4c4bcb241a5a0ef00dd2b74285e9294d6ef34e8fd
    • 3eef07a4b923541677f08e2aed79eb926fcfdb1d7576182d6fa1ba034ce21844
    • 3f340705c7003ae3c096ea6ef6ca930d5548e89a1caba61ec58da3a780def9a7
    • 41dd0c8e2deef5899e7f536bd18aad271b52f4f223d043f23da6f1a46bd6ac8d
    • 58420b9eb1610e7083e37cc5284a3d674ea244478890acf56b14f77485a75eaf
    • 5f021acea76cc14c0c4ba1236f0315d6b1e0a5b7fd15935c2d958b06e282f312
    • 5f631482906a44af362725d6058a61c958166a61385625e7a6739ae32448e1da
    • 6294e018d170b6dc2e08e829f859d72ab08b012d33d2d0c57a3516916b0aadfb
    • 63483e6d695eb3c1ff1a5c909fe40f7ada090521a2d932c085876fd9a40845c7
    • 6bf5b11317c7c5f95980d636cbba4e84ce439dcebe5ed63f7f2ba8115f8ddf18
    • 6ccc8ee2a88cf7de4b593d8da9d993db983f5864840223745a465cf882415b43
    • 7b4d5d0b3a083633511b5bd7ce02b77a140735530a15c4880092bbf413e612f7
    • 7bed01c5c6cb254137060686e0f03166e3c43a1b1879f90b119ab9551b23e873
    • 7ea7d09a2556f0dcaf1d4f398d96200225bb8aab335156710747a0aba42fd526
    • 813b21d41554d4de3bd599e70756caf7b8fd4244a632b199e029488094ab0859
    • 81d8c8579af753328d49d075a8ea52ace87c0212927c3c0f7d0afd3ccb836f0a
    • 8898c372b6050fb50733b3e8ce4e0bc25a61ea46805a7934c493716ec2224008
    • 8c7a1c62d7be39d9ab00df861ee2365989167ae5dfa2f5cf6f3c8a0688a59857
    • 8d1bcd00b26a138cc48ce8d7266fba55423f7f168f6a5cb986a9adf29b1a255b
    • 9a02aeab657c0cdf50cb75572b7ef4a800871b907a601bca547cc8be2817d78d
    • 9c0eac9a0d1b72680d1f4faab32132020aa5f85aa7437da732e3a885ea2ccfb9
    • 9d1995379a15a4aa5c8ac19bb0fab65ad6f796457e6b2c2616bb719826844b56
    • a0eee1651d635a61ae3b9a8cfe5712f5798852a2f94e65853aeeaafe68c04a80
    • afb77afe690d7b045dd9a9682570e7354ec043e3cbc505785865fed3804da826
    • b0f8e04fef0358a141167d4b4b6c1d90bae762a581ddb139c4bacbfe811bb7d4
    • b2a375228e4c1a221fe624b3fda44b9e6c29b0dcc4124c7f3e69dfdde7940ba0
    • b300d17bddbff91a0428730f4d3ed6b0478e034bbc6e5436e12ed87050b4be10
    • c205cd4239b190173662f40c1a01cdc49b31916084b9002d6e4ba89bbc19e7bf
    • c615ace7a3d93f35af6fcf1bb42a2125f5777aadc561fb02f2464921da3cf0ab
    • cb1f6e58f05a70fe9bb6d5ae4f91b674640ec3215f495042462a176510250ba3
    • d2499dc69ee62e7882c7693d7bd7a7d2b876bfcb0ff5a3ebe1758a7da70cd23a
    • dbfb3e2ea8d2a48ff5a226c682079ab7967b2edaf8847915b6c8a5bc789bf19d
    • dee876492be769d4c5c75dc2749edb83fc18b485a6d6081cb0a842c414280097
    • df687fbe30801675c252f4aa921254e6ef9708c6a154b93c639e0b600dc77b27
    • df6ef50d0787a95e48f9f9c2eedfb8ee09a076f944f43644ccaf17df253ef6f0
    • e7279c563d9382759fdf96c14c62969dd4aa49300f50c3d9cd9b48ec0a394727
    • e8fde628aa22e21c75b924591342801ea0fdc99ad2ee53a9bc93e87ffe36b920
    • ec47da332ca5c049068d259f339b5b901ca85a51323a1858ae9677e2cefdf1c5
    • eefe74e9065697925423c8d0d01919cfb8778091cf63dc959f142c9d9b79f66c
    • f1cfc89e3434721b75b5d1c3c853b71da06a963c9bfa418a3de44b31aa74c094
    • f758fbd2a1dcfbd0727fba3abf6b6e8ce142ce299c9c8b1aae6c28aa72d96807
    • 20c2e0c86cf1321344eae8306f8a3127dc57c591d236f1d6a5bdc85cee29c487
    • 0429695ccb078655bafa00e0e5240746c2795181119cf583ad76e080e7669fed
    • 0f50e798e1852f7689248562897634c68ac2cff6eb8ea1a1cb4721744ae17490
    • 0fec6ecfe3d7732879614b81bb6559418287c71664c3dc15b15ac01e100502ed
    • 10e0d0dec43b2240d25a98126e2a443cc08f8ee1f61a190e63f5b247377759a2
    • 1baf5882252a263bf7b76ba1f9749b72a73342fd5ed666f922477716116d72fd
    • 1ea7a8d9b91f1ad8d7edbf50335d2b3b2ca797c7f2f25b8edd592d5664e45d14
    • 23dca7aae684357a579e05cec2f344d0f27ba0f85fbdd815340ba47fc1c357a7
    • 2a08bdae19ddd23842d104a4292ea21086b4f7b290ab509c286ed97518949053
    • 2e7a8df20f01f2ffc44db9678cf48a54caff101adb97d901cd83ef2dde6c3900
    • 30884dd41b81d3f4233fa33e1c4e3112b12c2944717c04cf0cec449ad97be372
    • 3c5082e6bfc9a858663af3f4c4bcb241a5a0ef00dd2b74285e9294d6ef34e8fd
    • 3eef07a4b923541677f08e2aed79eb926fcfdb1d7576182d6fa1ba034ce21844
    • 3f340705c7003ae3c096ea6ef6ca930d5548e89a1caba61ec58da3a780def9a7
    • 41dd0c8e2deef5899e7f536bd18aad271b52f4f223d043f23da6f1a46bd6ac8d
    • 58420b9eb1610e7083e37cc5284a3d674ea244478890acf56b14f77485a75eaf
    • 5f021acea76cc14c0c4ba1236f0315d6b1e0a5b7fd15935c2d958b06e282f312
    • 5f631482906a44af362725d6058a61c958166a61385625e7a6739ae32448e1da
    • 6294e018d170b6dc2e08e829f859d72ab08b012d33d2d0c57a3516916b0aadfb
    • 63483e6d695eb3c1ff1a5c909fe40f7ada090521a2d932c085876fd9a40845c7
    • 6bf5b11317c7c5f95980d636cbba4e84ce439dcebe5ed63f7f2ba8115f8ddf18
    • 6ccc8ee2a88cf7de4b593d8da9d993db983f5864840223745a465cf882415b43
    • 7b4d5d0b3a083633511b5bd7ce02b77a140735530a15c4880092bbf413e612f7
    • 7bed01c5c6cb254137060686e0f03166e3c43a1b1879f90b119ab9551b23e873
    • 7ea7d09a2556f0dcaf1d4f398d96200225bb8aab335156710747a0aba42fd526
    • 813b21d41554d4de3bd599e70756caf7b8fd4244a632b199e029488094ab0859
    • 81d8c8579af753328d49d075a8ea52ace87c0212927c3c0f7d0afd3ccb836f0a
    • 8898c372b6050fb50733b3e8ce4e0bc25a61ea46805a7934c493716ec2224008
    • 8c7a1c62d7be39d9ab00df861ee2365989167ae5dfa2f5cf6f3c8a0688a59857
    • 8d1bcd00b26a138cc48ce8d7266fba55423f7f168f6a5cb986a9adf29b1a255b
    • 9a02aeab657c0cdf50cb75572b7ef4a800871b907a601bca547cc8be2817d78d
    • 9c0eac9a0d1b72680d1f4faab32132020aa5f85aa7437da732e3a885ea2ccfb9
    • 9d1995379a15a4aa5c8ac19bb0fab65ad6f796457e6b2c2616bb719826844b56
    • a0eee1651d635a61ae3b9a8cfe5712f5798852a2f94e65853aeeaafe68c04a80
    • afb77afe690d7b045dd9a9682570e7354ec043e3cbc505785865fed3804da826
    • b0f8e04fef0358a141167d4b4b6c1d90bae762a581ddb139c4bacbfe811bb7d4
    • b2a375228e4c1a221fe624b3fda44b9e6c29b0dcc4124c7f3e69dfdde7940ba0
    • b300d17bddbff91a0428730f4d3ed6b0478e034bbc6e5436e12ed87050b4be10
    • c205cd4239b190173662f40c1a01cdc49b31916084b9002d6e4ba89bbc19e7bf
    • c615ace7a3d93f35af6fcf1bb42a2125f5777aadc561fb02f2464921da3cf0ab
    • cb1f6e58f05a70fe9bb6d5ae4f91b674640ec3215f495042462a176510250ba3
    • d2499dc69ee62e7882c7693d7bd7a7d2b876bfcb0ff5a3ebe1758a7da70cd23a
    • dbfb3e2ea8d2a48ff5a226c682079ab7967b2edaf8847915b6c8a5bc789bf19d
    • dee876492be769d4c5c75dc2749edb83fc18b485a6d6081cb0a842c414280097
    • df687fbe30801675c252f4aa921254e6ef9708c6a154b93c639e0b600dc77b27
    • df6ef50d0787a95e48f9f9c2eedfb8ee09a076f944f43644ccaf17df253ef6f0
    • e7279c563d9382759fdf96c14c62969dd4aa49300f50c3d9cd9b48ec0a394727
    • e8fde628aa22e21c75b924591342801ea0fdc99ad2ee53a9bc93e87ffe36b920
    • ec47da332ca5c049068d259f339b5b901ca85a51323a1858ae9677e2cefdf1c5
    • eefe74e9065697925423c8d0d01919cfb8778091cf63dc959f142c9d9b79f66c
    • f1cfc89e3434721b75b5d1c3c853b71da06a963c9bfa418a3de44b31aa74c094
    • f758fbd2a1dcfbd0727fba3abf6b6e8ce142ce299c9c8b1aae6c28aa72d96807
    • a0eee1651d635a61ae3b9a8cfe5712f5798852a2f94e65853aeeaafe68c04a80
    • 0429695ccb078655bafa00e0e5240746c2795181119cf583ad76e080e7669fed
    • 0f50e798e1852f7689248562897634c68ac2cff6eb8ea1a1cb4721744ae17490
    • 0fec6ecfe3d7732879614b81bb6559418287c71664c3dc15b15ac01e100502ed
    • 10e0d0dec43b2240d25a98126e2a443cc08f8ee1f61a190e63f5b247377759a2
    • 1baf5882252a263bf7b76ba1f9749b72a73342fd5ed666f922477716116d72fd
    • 1ea7a8d9b91f1ad8d7edbf50335d2b3b2ca797c7f2f25b8edd592d5664e45d14
    • 20c2e0c86cf1321344eae8306f8a3127dc57c591d236f1d6a5bdc85cee29c487
    • 23dca7aae684357a579e05cec2f344d0f27ba0f85fbdd815340ba47fc1c357a7
    • 2a08bdae19ddd23842d104a4292ea21086b4f7b290ab509c286ed97518949053
    • 2e7a8df20f01f2ffc44db9678cf48a54caff101adb97d901cd83ef2dde6c3900
    • 30884dd41b81d3f4233fa33e1c4e3112b12c2944717c04cf0cec449ad97be372
    • 3c5082e6bfc9a858663af3f4c4bcb241a5a0ef00dd2b74285e9294d6ef34e8fd
    • 3eef07a4b923541677f08e2aed79eb926fcfdb1d7576182d6fa1ba034ce21844
    • 3f340705c7003ae3c096ea6ef6ca930d5548e89a1caba61ec58da3a780def9a7
    • 41dd0c8e2deef5899e7f536bd18aad271b52f4f223d043f23da6f1a46bd6ac8d
    • 58420b9eb1610e7083e37cc5284a3d674ea244478890acf56b14f77485a75eaf
    • 5f021acea76cc14c0c4ba1236f0315d6b1e0a5b7fd15935c2d958b06e282f312
    • 5f631482906a44af362725d6058a61c958166a61385625e7a6739ae32448e1da
    • 6294e018d170b6dc2e08e829f859d72ab08b012d33d2d0c57a3516916b0aadfb
    • 63483e6d695eb3c1ff1a5c909fe40f7ada090521a2d932c085876fd9a40845c7
    • 6bf5b11317c7c5f95980d636cbba4e84ce439dcebe5ed63f7f2ba8115f8ddf18
    • 6ccc8ee2a88cf7de4b593d8da9d993db983f5864840223745a465cf882415b43
    • 7b4d5d0b3a083633511b5bd7ce02b77a140735530a15c4880092bbf413e612f7
    • 7bed01c5c6cb254137060686e0f03166e3c43a1b1879f90b119ab9551b23e873
    • 7ea7d09a2556f0dcaf1d4f398d96200225bb8aab335156710747a0aba42fd526
    • 813b21d41554d4de3bd599e70756caf7b8fd4244a632b199e029488094ab0859
    • 81d8c8579af753328d49d075a8ea52ace87c0212927c3c0f7d0afd3ccb836f0a
    • 8898c372b6050fb50733b3e8ce4e0bc25a61ea46805a7934c493716ec2224008
    • 8c7a1c62d7be39d9ab00df861ee2365989167ae5dfa2f5cf6f3c8a0688a59857
    • 8d1bcd00b26a138cc48ce8d7266fba55423f7f168f6a5cb986a9adf29b1a255b
    • 9a02aeab657c0cdf50cb75572b7ef4a800871b907a601bca547cc8be2817d78d
    • 9c0eac9a0d1b72680d1f4faab32132020aa5f85aa7437da732e3a885ea2ccfb9
    • 9d1995379a15a4aa5c8ac19bb0fab65ad6f796457e6b2c2616bb719826844b56
    • afb77afe690d7b045dd9a9682570e7354ec043e3cbc505785865fed3804da826
    • b0f8e04fef0358a141167d4b4b6c1d90bae762a581ddb139c4bacbfe811bb7d4
    • b2a375228e4c1a221fe624b3fda44b9e6c29b0dcc4124c7f3e69dfdde7940ba0
    • b300d17bddbff91a0428730f4d3ed6b0478e034bbc6e5436e12ed87050b4be10
    • c205cd4239b190173662f40c1a01cdc49b31916084b9002d6e4ba89bbc19e7bf
    • c615ace7a3d93f35af6fcf1bb42a2125f5777aadc561fb02f2464921da3cf0ab
    • cb1f6e58f05a70fe9bb6d5ae4f91b674640ec3215f495042462a176510250ba3
    • d2499dc69ee62e7882c7693d7bd7a7d2b876bfcb0ff5a3ebe1758a7da70cd23a
    • dbfb3e2ea8d2a48ff5a226c682079ab7967b2edaf8847915b6c8a5bc789bf19d
    • dee876492be769d4c5c75dc2749edb83fc18b485a6d6081cb0a842c414280097
    • df687fbe30801675c252f4aa921254e6ef9708c6a154b93c639e0b600dc77b27
    • df6ef50d0787a95e48f9f9c2eedfb8ee09a076f944f43644ccaf17df253ef6f0
    • e7279c563d9382759fdf96c14c62969dd4aa49300f50c3d9cd9b48ec0a394727
    • e8fde628aa22e21c75b924591342801ea0fdc99ad2ee53a9bc93e87ffe36b920
    • ec47da332ca5c049068d259f339b5b901ca85a51323a1858ae9677e2cefdf1c5
    • eefe74e9065697925423c8d0d01919cfb8778091cf63dc959f142c9d9b79f66c
    • f1cfc89e3434721b75b5d1c3c853b71da06a963c9bfa418a3de44b31aa74c094
    • f758fbd2a1dcfbd0727fba3abf6b6e8ce142ce299c9c8b1aae6c28aa72d96807
    • dbfb3e2ea8d2a48ff5a226c682079ab7967b2edaf8847915b6c8a5bc789bf19d
    • 0429695ccb078655bafa00e0e5240746c2795181119cf583ad76e080e7669fed
    • 0f50e798e1852f7689248562897634c68ac2cff6eb8ea1a1cb4721744ae17490
    • 0fec6ecfe3d7732879614b81bb6559418287c71664c3dc15b15ac01e100502ed
    • 10e0d0dec43b2240d25a98126e2a443cc08f8ee1f61a190e63f5b247377759a2
    • 1baf5882252a263bf7b76ba1f9749b72a73342fd5ed666f922477716116d72fd
    • 1ea7a8d9b91f1ad8d7edbf50335d2b3b2ca797c7f2f25b8edd592d5664e45d14
    • 20c2e0c86cf1321344eae8306f8a3127dc57c591d236f1d6a5bdc85cee29c487
    • 23dca7aae684357a579e05cec2f344d0f27ba0f85fbdd815340ba47fc1c357a7
    • 2a08bdae19ddd23842d104a4292ea21086b4f7b290ab509c286ed97518949053
    • 2e7a8df20f01f2ffc44db9678cf48a54caff101adb97d901cd83ef2dde6c3900
    • 30884dd41b81d3f4233fa33e1c4e3112b12c2944717c04cf0cec449ad97be372
    • 3c5082e6bfc9a858663af3f4c4bcb241a5a0ef00dd2b74285e9294d6ef34e8fd
    • 3eef07a4b923541677f08e2aed79eb926fcfdb1d7576182d6fa1ba034ce21844
    • 3f340705c7003ae3c096ea6ef6ca930d5548e89a1caba61ec58da3a780def9a7
    • 41dd0c8e2deef5899e7f536bd18aad271b52f4f223d043f23da6f1a46bd6ac8d
    • 58420b9eb1610e7083e37cc5284a3d674ea244478890acf56b14f77485a75eaf
    • 5f021acea76cc14c0c4ba1236f0315d6b1e0a5b7fd15935c2d958b06e282f312
    • 5f631482906a44af362725d6058a61c958166a61385625e7a6739ae32448e1da
    • 6294e018d170b6dc2e08e829f859d72ab08b012d33d2d0c57a3516916b0aadfb
    • 63483e6d695eb3c1ff1a5c909fe40f7ada090521a2d932c085876fd9a40845c7
    • 6bf5b11317c7c5f95980d636cbba4e84ce439dcebe5ed63f7f2ba8115f8ddf18
    • 6ccc8ee2a88cf7de4b593d8da9d993db983f5864840223745a465cf882415b43
    • 7b4d5d0b3a083633511b5bd7ce02b77a140735530a15c4880092bbf413e612f7
    • 7bed01c5c6cb254137060686e0f03166e3c43a1b1879f90b119ab9551b23e873
    • 7ea7d09a2556f0dcaf1d4f398d96200225bb8aab335156710747a0aba42fd526
    • 813b21d41554d4de3bd599e70756caf7b8fd4244a632b199e029488094ab0859
    • 81d8c8579af753328d49d075a8ea52ace87c0212927c3c0f7d0afd3ccb836f0a
    • 8898c372b6050fb50733b3e8ce4e0bc25a61ea46805a7934c493716ec2224008
    • 8c7a1c62d7be39d9ab00df861ee2365989167ae5dfa2f5cf6f3c8a0688a59857
    • 8d1bcd00b26a138cc48ce8d7266fba55423f7f168f6a5cb986a9adf29b1a255b
    • 9a02aeab657c0cdf50cb75572b7ef4a800871b907a601bca547cc8be2817d78d
    • 9c0eac9a0d1b72680d1f4faab32132020aa5f85aa7437da732e3a885ea2ccfb9
    • 9d1995379a15a4aa5c8ac19bb0fab65ad6f796457e6b2c2616bb719826844b56
    • a0eee1651d635a61ae3b9a8cfe5712f5798852a2f94e65853aeeaafe68c04a80
    • afb77afe690d7b045dd9a9682570e7354ec043e3cbc505785865fed3804da826
    • b0f8e04fef0358a141167d4b4b6c1d90bae762a581ddb139c4bacbfe811bb7d4
    • b2a375228e4c1a221fe624b3fda44b9e6c29b0dcc4124c7f3e69dfdde7940ba0
    • b300d17bddbff91a0428730f4d3ed6b0478e034bbc6e5436e12ed87050b4be10
    • c205cd4239b190173662f40c1a01cdc49b31916084b9002d6e4ba89bbc19e7bf
    • c615ace7a3d93f35af6fcf1bb42a2125f5777aadc561fb02f2464921da3cf0ab
    • cb1f6e58f05a70fe9bb6d5ae4f91b674640ec3215f495042462a176510250ba3
    • d2499dc69ee62e7882c7693d7bd7a7d2b876bfcb0ff5a3ebe1758a7da70cd23a
    • dee876492be769d4c5c75dc2749edb83fc18b485a6d6081cb0a842c414280097
    • df687fbe30801675c252f4aa921254e6ef9708c6a154b93c639e0b600dc77b27
    • df6ef50d0787a95e48f9f9c2eedfb8ee09a076f944f43644ccaf17df253ef6f0
    • e7279c563d9382759fdf96c14c62969dd4aa49300f50c3d9cd9b48ec0a394727
    • e8fde628aa22e21c75b924591342801ea0fdc99ad2ee53a9bc93e87ffe36b920
    • ec47da332ca5c049068d259f339b5b901ca85a51323a1858ae9677e2cefdf1c5
    • eefe74e9065697925423c8d0d01919cfb8778091cf63dc959f142c9d9b79f66c
    • f1cfc89e3434721b75b5d1c3c853b71da06a963c9bfa418a3de44b31aa74c094
    • f758fbd2a1dcfbd0727fba3abf6b6e8ce142ce299c9c8b1aae6c28aa72d96807
    Coverage
    AMP


    Umbrella

    ThreatGRID

    Malware


    from Threat Round-up for the Week of Mar 20 – Mar 24

    Advertisements

    Leave a Reply

    Fill in your details below or click an icon to log in:

    WordPress.com Logo

    You are commenting using your WordPress.com account. Log Out / Change )

    Twitter picture

    You are commenting using your Twitter account. Log Out / Change )

    Facebook photo

    You are commenting using your Facebook account. Log Out / Change )

    Google+ photo

    You are commenting using your Google+ account. Log Out / Change )

    Connecting to %s