찾아줄게요
AI 파일은 무엇입니까?
-
안녕하세요. 제 컴퓨터에서 AI라는 파일을 찾았는데 이것이 무엇인지 잘 모르겠습니다. 알려주시면 감사하겠습니다.
-
AI 파일은 어도비 일러스트/포토샵 AI 이미지 디자인(밑그림부터) 파일 입니다. Adobe에서 배포한 파일인 것으로 보입니다. 2008-11-04 05:18:17에 처음으로 보고되었으며 2008-11-04 05:18:17에 마지막으로 보고되었습니다.
-
적절한 프로그램을 다운로드하여 AI 파일을 열 수 있습니다.
-
'Adobe Illustrator'나 'Adobe Photoshop'에서 사용되는 밑그림 데이터 파일이다.
-
시그니처 정보가 없습니다.
-
연관 링크 #1: 첨부된 링크가 없습니다.
-
연관 링크 #2: 첨부된 링크가 없습니다.
-
-
[2021-07-07 02:55:32] @_Y000_ Publicidad que te manda a descargar un archivo .apk malicioso! https://sorry.waitfordownlaod.com/ZWMwMDBhMDYzNTAwMjA1MjAwMDAyMDVjMDAyMDVjMDAyMDVjMjhkNTRjYjZmYg= = /?name= Downloader&sclid= 60e4b434479281000109c99c&extra= 8284 Virustotal: https://www.virustotal.com/gui/file/a9d5a0741cc5634c6c4a3d76c39560591b97141c27bcc15a6e798aacf9597cbe/detection https://twitter.com/_Y000_/status/1412500481688182788/photo/1
-
[2021-07-07 01:12:04] @MBThreatIntel New #Dridex #malspam: Email -> Contains Excel file -> Drops XSL file -> Creates a scheduled Task -> Calls Mshta.exe to execute XSL file by calling WMIC.exe -> Executes #Dridex payload using Rundll32.exe Maldocs: ea3cc91ae1d7da1d5509530560f69f30 0e0c3c9cea7e59a5aee7a7ab2dd03eb2 https://twitter.com/MBThreatIntel/status/1412474444174479371/photo/1
-
[2021-07-07 00:55:04] @malware_traffic 2021-07-06 (Tuesday) - #BazarLoader (#BazaLoader) from "Stolen Image Evidence" zip archive led to #CobaltStrike - Encoded binary for Cobalt Strike at: hxxp://46.17.98.191/OuqC8rXGwlN5saz48clBNekGjhs8Kjmf - List of IOCs available at: https://github.com/brad-duncan/IOCs/blob/main/2021-07-06-BazarLoader-with-Cobalt-Strike-IOCs.txt https://twitter.com/malware_traffic/status/1412470165179092992/photo/1
-
[2021-07-06 23:24:11] @angealbertini in comparison. my 190-in-1 polymock has 0 detections. https://www.virustotal.com/gui/file/10a3ec33f7fbfb3dccf6c005aed9c616ced2fadd648a636d1551738ff7a4cd98/details https://twitter.com/angealbertini/status/1412447292041437190/photo/1
-
[2021-07-06 23:07:37] @cpardue09 #ln -s :malware_traffic: 2021-07-06 (Tuesday) - #Hancitor (#Chanitor/#MAN1/#Moskalvzapoe/#TA511) active again today with #FickerStealer and #CobaltStrike as follow-up malware. Example of downloaded Word doc: - https://bazaar.abuse.ch/sample/b55284924181f69bf59527ac2b7a5397c35652c799c037a3e94d492d412f8c9c/ Example of dropped… https://twitter.com/malware_traffic/status/1412440042157576196/photo/1
-
[2021-07-06 22:55:22] @malware_traffic 2021-07-06 (Tuesday) - #Hancitor (#Chanitor/#MAN1/#Moskalvzapoe/#TA511) active again today with #FickerStealer and #CobaltStrike as follow-up malware. Example of downloaded Word doc: - https://bazaar.abuse.ch/sample/b55284924181f69bf59527ac2b7a5397c35652c799c037a3e94d492d412f8c9c/ Example of dropped DLL: - https://bazaar.abuse.ch/sample/e1e0bfa5cabf7dc46f251327c46c1e371e67262ebb103ab242189e64bf6aa1d4/ https://twitter.com/malware_traffic/status/1412440042157576196/photo/1
-
[2021-07-06 22:01:01] @bogdanangh Another #FluBot sample. What is interesting about this one is that the payload name doesn't respect the "assets/{dir}/{8 char string}.{ext}" naming convention. It uses "assets/{dir}/{10 char string}.{ext}". @alberto__segura @ThreatFabric @malwrhunterteam https://www.virustotal.com/gui/file/eddfe1cba210143962db5a6c526a8d880731743043dbe842b8a18d25863e1935/details
-
[2021-07-06 20:29:51] @_alex_il_ It is not the first time the #REvil gang is using this vulnerable defender executable in its infection flow. Attaching a similar dropper to the #Kaseya attack from May. Interesting fact - the actual ransomware payload signature is still valid. https://www.virustotal.com/gui/file/81d0c71f8b282076cd93fb6bb5bfd3932422d033109e2c92572fc49e4abc2471/details https://twitter.com/_alex_il_/status/1412403420217159694/photo/1
-
[2021-07-06 19:32:53] @Annihil4tionGod In case it takes a while till my post goes public again. here the links to the data sets: Download Zip Part 1 from Google Drive: https://drive.google.com/file/d/1J-l5jkqyQfMgrLUBOk5miNefaNDaGoC3/view?usp= sharing http://VirusTotal.com Scan: https://www.virustotal.com/gui/file/ed414f9c0e2f85546e70816ac00d318bcff226d60a93e567ccb61b4cfdb2b217/detection 1/5
-
[2021-07-06 19:13:40] @yvesago #phishing via attached html form POST to s://mark.al-majarra.com/py/roll.php?email= ping @malwrhunterteam @Spam404 @PhishStats https://twitter.com/yvesago/status/1412384251207733249/photo/1
-
[2021-07-06 19:13:19] @ActorExpose Indonesian Military Domain Defacement :L hxxps://lantamal9-koarmada3.tnial.mil.id/zbi.html @douglasmun @CSAFCert https://twitter.com/ActorExpose/status/1412384163005599747/photo/1
-
[2021-07-06 18:01:37] @ActorExpose @emailrepio exfil: [email protected] @emailrepio https://shoppy.gg/product/miU49Qq?fbclid= IwAR2aPIaMKldDpnJimmFTJ3snZBVgUcnKGyTidAcsrohfb5-LGCYbInZsqns https://twitter.com/ActorExpose/status/1412366116853256193/photo/1
-
[2021-07-06 17:59:52] @ActorExpose "Zombi Bot v14" affiliated with Dr Hex (?) exfil: [email protected]. [email protected] @emailrepio https://sellix.io/product/607c7a6a95277 https://twitter.com/ActorExpose/status/1412365675860008961/photo/1
-
[2021-07-06 17:51:33] @ActorExpose @JCyberSec_ @rootprivilege @PhishKitTracker @BushidoToken Affiliated with Dr Hex https://domainbigdata.com/hotmail.com/mj/S3qN8ZJYvkVsqm12FuQjwQ https://twitter.com/ActorExpose/status/1412363584277987334/photo/1
-
[2021-07-06 16:31:05] @ActorExpose Ugly Phish LMAO hxxps://xcrng.com/universal/mail/v16/9pAa79B12eQ-XxE6fyY8204-AA6dS5790C/id= 807cc23A3D4Q13/?e= [email protected] NuKe @Spam404 https://twitter.com/ActorExpose/status/1412343333884764160/photo/1
-
[2021-07-06 15:22:06] @Certego_Intel #Covid19 #CertStream #Suspicious Domain: coronavirus.internationaleshoppingcenter.com VirusTotal: https://www.virustotal.com/gui/domain/coronavirus.internationaleshoppingcenter.com #CyberSecurity #ThreatIntel (bot generated)
-
[2021-07-06 15:22:06] @Certego_Intel #Covid19 #Spam #Suspicious Domain: perfieve.digital VirusTotal: https://www.virustotal.com/gui/domain/perfieve.digital #CyberSecurity #ThreatIntel (bot generated)
-
[2021-07-06 15:04:13] @58_158_177_102 #cutwail start to spread #maldoc #ursnif ? Subject : Sollecito di pagamento MD5 : 40253c4885c52237755e64dc8ca6e423 payload/C2: checking.. sample : https://www.virustotal.com/gui/file/00946462797de8e5636676060439d06adb4878ab1472db5c16972b2074a0400f/detection https://app.any.run/tasks/c9e4af38-78b5-40db-846b-c767401d77f9 https://tria.ge/210706-nlemx52pc6
-
[2021-07-06 13:58:56] @0xrb #CobaltStrike #C2 IP/Domain 42.193.186.7 103.86.44.196 121.196.106.136 43.228.126.114 121.199.0.233 18.183.54.253 149.28.248.129 43.226.74.228 101.37.14.144 p5z2c7j9.hostrycdn.com nollipap.tk
-
[2021-07-06 05:22:54] @pollo290987 #raccoon Main-Setup.exe 98157da0c7419fc47d7868df32467700 C2: /tttttt.me/newmanwaterwall /35.246.76.29/
-
[2021-07-06 03:31:24] @ov3rflow1 @cibernicola_es Tenemos IoCs para #REvil/sodinokibi debido a #kaseya por todas partes :P https://otx.alienvault.com/pulse/60e2aa809c98c33d55061d92/related https://github.com/cado-security/DFIR_Resources_REvil_Kaseya/tree/main/IOCs https://www.cadosecurity.com/post/resources-for-dfir-professionals-responding-to-the-revil-ransomware-kaseya-supply-chain-attack https://malpedia.caad.fkie.fraunhofer.de/details/win.revil
-
[2021-07-06 03:14:57] @vxunderground We've got our hands on the latest Conti (Ryuk) ransomware sample. You can download it here: vxug.fakedoma.in/tmp/ * Link modified to conform with Twitters ban on our domains * 120.000 new samples going live 7.06.2021 * Additional info on Conti sample: https://www.virustotal.com/gui/file/4bfd58d4e4a6fe5e91b408bc190a24d352124902085f9c2da948ad7d79b72618/detection
-
[2021-07-06 03:07:06] @cpardue09 #ln -s :malware_traffic: 2021-07-05 (Monday) - #RigEK sends #Redline infostealer malware. Sample of the Redline EXE available at: - https://bazaar.abuse.ch/sample/04ebbf20cfd58785ad616b81244c6901e8ed57c9c2c1c10c4bf454c035f69aa2/ - https://tria.ge/210705-9sdgvvfjwa - https://capesandbox.com/analysis/169772/ - https://app.any.run/tasks/2bbf3517-2d0b-438d-b23a-776d43f24c78 - … https://twitter.com/malware_traffic/status/1412128664721014785/photo/1
-
[2021-07-06 02:18:04] @malware_traffic 2021-07-05 (Monday) - #RigEK sends #Redline infostealer malware. Sample of the Redline EXE available at: - https://bazaar.abuse.ch/sample/04ebbf20cfd58785ad616b81244c6901e8ed57c9c2c1c10c4bf454c035f69aa2/ - https://tria.ge/210705-9sdgvvfjwa - https://capesandbox.com/analysis/169772/ - https://app.any.run/tasks/2bbf3517-2d0b-438d-b23a-776d43f24c78 - https://hybrid-analysis.com/sample/04ebbf20cfd58785ad616b81244c6901e8ed57c9c2c1c10c4bf454c035f69aa2 https://twitter.com/malware_traffic/status/1412128664721014785/photo/1
-
[2021-07-05 23:29:50] @micham This #phishing page seems to target the "NİĞDE ÖMER HALİSDEMİR ÜNİVERSİTESİ" ???????? @NOHUniversitesi CC @TRCert Stay safe! https://www.phishtank.com/phish_detail.php?phish_id= 7214547 VT: 0/88 ???? https://www.virustotal.com/gui/url/b98f7d412c7db532fce3484f58a24758e68f24e8aa2739415fd9cfddd0a6a530/detection https://twitter.com/micham/status/1412086328544489478/photo/1
-
[2021-07-05 22:55:52] @InQuest @AndrewOliveau Let us know if you want an API key for InQuest Labs.. Shoot an email with the request to [email protected] ????????
-
[2021-07-05 20:13:07] @JAMESWT_MHT "Pagamento Parziale" spam email spread #FormBook Rar https://bazaar.abuse.ch/sample/00425eabe686540501470b13eddfab0ad4e548a174b5e92d8d2a81b36ec205ad/ Com https://bazaar.abuse.ch/sample/0cedf0486e20023ffdfd3cb3942efb70e55ba208f0864dfccb08f125b962e851/ C2 www.montrosecbdsupplements.com/cb53/ H/T @b4rtik https://twitter.com/JAMESWT_MHT/status/1412036820632838145/photo/1
-
[2021-07-05 19:38:53] @BushidoToken @GossiTheDog Potential sample of a new Netfilter rootkit variant - not signed by Microsoft but by "Shanghai Fangye Network Technology Co. Ltd." (Date signed - 23-06-2021) (Could be new or a Yara FP?) https://www.virustotal.com/gui/file/0bd024e5797ac0bd5c2a4ebb446485eab164a07bc2fcaeea3fbb4bf8e22b04dc/details
-
[2021-07-05 19:16:28] @JAMESWT_MHT #sLoad #italy BigWave 05_07_2021 from #PEC spam email POSTA CERTIFICATA_XXXX.zip Some Samples https://bazaar.abuse.ch/browse/tag/documento-fiscale/ Some Urls 146.70.35.206 "C:\WINDOWS\system32\bitsadmin.exe" /transfer https://urlhaus.abuse.ch/browse/tag/documento-fiscale/ Urls/C2 Relations https://www.virustotal.com/gui/ip-address/146.70.35.206/relations https://www.virustotal.com/gui/ip-address/185.80.53.202/relations https://twitter.com/JAMESWT_MHT/status/1412022566487834624/photo/1
-
[2021-07-05 18:08:23] @JAMESWT_MHT @cocaman caught this email with password protected attachment DOC .zip pw "Um652VtV3sX2eyy" https://bazaar.abuse.ch/sample/794a518c2857ed2106f0ee8d409c8dc9e0b358df749e6f693ee2a7ba5150b084/ inside Um652VtV3sX2eyy.exe https://bazaar.abuse.ch/sample/32e64abe73b4a1466ff42d4ae193b93a27dd38469fe3df1aea02727db34d8c58 cc @verovaleros any idea what malware ? #AgentTesla? https://twitter.com/JAMESWT_MHT/status/1412005431359250432/photo/1
-
보이스피싱, 불법촬영물, 랜섬웨어, 사이버 안보위협 등에 관련된 사안의 경우 다음과 같은 기관 및 단체의 도움을 받을 수 있습니다. 노모어랜섬(No More Ransom) 경찰청 사이버범죄 신고시스템 국가정보원 민원센터