malware – ViriBack Blog https://viriback.com Malware Tracker, IOCs & more ... Mon, 26 Dec 2022 20:42:36 +0000 en-CA hourly 1 https://wordpress.org/?v=6.9.4 https://viriback.com/wp-content/uploads/2019/01/cropped-android-chrome-512x512-32x32.png malware – ViriBack Blog https://viriback.com 32 32 C2 Tracker : ++ScreenShots https://viriback.com/c2-tracker-screenshots/ Mon, 09 Dec 2019 02:17:14 +0000 https://viriback.com/?p=176 I added a new feature to the Malware C2 Tracker.

Hovering with the mouse cursor over a specific C2 panel login page will provide a screenshot of the page when added to the crawler. This feature is powered by URLScan.io

Whenever I add a new panel url to the tracker , it will also be added to URLScan for crawling. Furthermore, clicking on the panel url will open a new window to the URLScan report.

Proper tags will be added to the submission on URLScan for better clustering.

I hear good news and new features are coming to URLScan that will leverage tags and similarity between submissions.

Here is an example provided by the tracker: PredatorTheThief

Predator The Thief malware submission
]]> After 1000 malware C2 panels https://viriback.com/after-a-1000-malware-c2-panels/ Sat, 02 Nov 2019 13:54:04 +0000 https://viriback.com/?p=163 Its been 5 months since I started recording the malware C2 panels I see during my online endeavours… Today I busted the 1000 panels, here are quick stats about these panels:

So far the number distince malware families is : 43

Here is a pie chart of the Top 10 families I have seen live and recorded:

The worlwide geographical distribution of the IP addresses is similar to the first month of recording, however, Russia is far more colored this time.

These are the top 15 ips seen :

Here is a Top 13 distribution according to respective ASN:

]]>