kompromitovan kraljevikonaci.com - koristi se za širenje malwarea

kompromitovan kraljevikonaci.com - koristi se za širenje malwarea - Printable Version

+- Bezbedan Balkan (https://bezbedanbalkan.net)
+-- Forum: Bezbednost privatnih resursa (https://bezbedanbalkan.net/forum-12.html)
+--- Forum: Kompromitovani resursi (https://bezbedanbalkan.net/forum-13.html)
+--- Thread: kompromitovan kraljevikonaci.com - koristi se za širenje malwarea (/thread-1435.html)

kompromitovan kraljevikonaci.com - koristi se za širenje malwarea - milos_rs - 04-25-2024

Filename: konaci2.png Size: 241.91 KB 04-25-2024, 12:40 PM

Quote:CloudEyE (initially named GuLoader) is a small VB5/6 downloader. It typically downloads RATs/Stealers, such as Agent Tesla, Arkei/Vidar, Formbook, Lokibot, Netwire and Remcos, often but not always from Google Drive. The downloaded payload is xored.

Filename: konaci1.png Size: 137.8 KB 04-25-2024, 12:40 PM

čak se ceo domen nalazi na ad-block listama:

Filename: konaci3.png Size: 40.5 KB 04-25-2024, 12:42 PM

kraljevikonaci.rs has address 195.252.110.253