Skip to content

ViriBack Blog

Malware, IOCs & more …

  • Home
  • C2 Tracker
Recent LiteHTTP activities and IOCs
Recent LiteHTTP activities and IOCs

Recent LiteHTTP activities and IOCs

This post serves as a dump of IOCs seen in the last 90 days related to LiteHTTP malware. The interest into LiteHTTP came from a bump in sighting in the month of may 2018. One particular instance of a control…

ViribackJune 29, 2018 Malware No Comments
Recent LiteHTTP activities and IOCsRead more
6 months of QuantLoader
6 months of QuantLoader

6 months of QuantLoader

Last december 2017, I started to actively hunt for Malware c2 web panels via virustotal submissions and open source data. I encountered 37 families of malware that had an HTTP web panels. Some are very common, like lokibot, pony, some…

ViribackJune 10, 2018June 10, 2018 Malware No Comments
6 months of QuantLoaderRead more

Categories

  • Malware
  • News

Archives

  • December 2019
  • November 2019
  • July 2019
  • June 2019
  • June 2018
  • May 2018

Tags

base64 c2 Citadel encoding graphs hex ISRStealer june 2019 LiteHTTP login Lokibot malware panels Pony python Quantloader regex stats tracker
ViriBackDee@ViriBack·
18 Mar

Anybody recognizing these params order in the picture ?

Callouts :

95.181.178.]156/index.php
95.181.178.]156/gate.php

From https://app.any.run/tasks/473692f1-73e5-4996-a1b3-2a497938cc58

#malware #stealer

Twitter 1240249046280912896
Load More...

Useful Links

  • Azorult Tracker
  • Benkow
  • CC Tracker
  • Viriback C2 Tracker
  • Malware News
  • What Is This C2
Copyright © 2020 ViriBack Blog. Theme by Colorlib Powered by WordPress