찾아줄게요
ARK 파일은 무엇입니까?
-
안녕하세요. 제 컴퓨터에서 ARK라는 파일을 찾았는데 이것이 무엇인지 잘 모르겠습니다. 알려주시면 감사하겠습니다.
-
ARK 파일은 QUARK 입니다. QUARK에서 배포한 파일인 것으로 보입니다. 2015-12-05 00:53:01에 처음으로 보고되었으며 2015-12-05 00:53:01에 마지막으로 보고되었습니다.
-
적절한 프로그램을 다운로드하여 ARK 파일을 열 수 있습니다.
-
QUARK
-
시그니처 정보가 없습니다.
-
연관 링크 #1: 첨부된 링크가 없습니다.
-
연관 링크 #2: 첨부된 링크가 없습니다.
-
-
[2021-07-06 19:13:40] @yvesago #phishing via attached html form POST to s://mark.al-majarra.com/py/roll.php?email= ping @malwrhunterteam @Spam404 @PhishStats https://twitter.com/yvesago/status/1412384251207733249/photo/1
-
[2021-07-05 09:07:25] @ActorExpose BTC Mixer on Darkweb review https://bitcoinmixer.reviews/
-
[2021-07-03 21:52:38] @dark0pcodes #kasaya REvil entrypoint (despues de desempaquetar). Interesante string "DTrump4Ever". https://www.virustotal.com/gui/file/9b11711efed24b3c6723521a7d7eb4a52e4914db7420e278aa36e727459d59dd/detection https://twitter.com/dark0pcodes/status/1411337089237536768/photo/1
-
[2021-07-01 22:20:03] @James_inthe_box @ScarletSharkSec doc hash: 6d49f2569b2b1cfd37632eac81c97051148ba960f4a0d25a2ff96119a8c69983 dll hash: b2921c1f4a8bdae171c6a3e122d4b2f9cfe28f9ab7bc1d3096dfbc3eb4cd8839
-
[2021-07-01 22:14:42] @James_inthe_box @ScarletSharkSec Was at the dentist :) C2's: http://raeonoran.com/8/forum.php http://duclowtionly.ru/8/forum.php http://unteladenad.ru/8/forum.php #ficker stealer http://rar1tet.ru/7sdf43fs.exe
-
[2021-07-01 09:38:22] @nao_sec @Arkbird_SOLG @h2jazi Maybe LeetBackdoor (aka Flapjack backdoor?) from #Tonto Team. Old similar sample is this tmplogon.exe. (CC: @aRtAGGI. @k_sec) https://www.virustotal.com/gui/file/855a060c43a83aa42faa63bfe4b08f31b4ba11cd64ea4cad69ad50910730f02f/detection https://twitter.com/nao_sec/status/1410427530037760000/photo/1
-
[2021-06-30 02:59:26] @James_inthe_box @Max_Mal_ @ScarletSharkSec Aye..additional c2 IP's: 41.77.185.182 45.239.234.2 and a couple drops: http://45.148.120.206/images/redbutton.png http://45.148.120.206/images/cutscroll.png
-
[2021-06-30 02:15:31] @James_inthe_box @Max_Mal_ @ScarletSharkSec dll hash: 684995dd0d6292096fce36f526a4b615f027263f4cac7beb9c919bf4451e5ff1
-
[2021-06-26 17:43:35] @abuse_ch @petrovic082 ArkeiStealer. RedLineStealer. RacoonStealer: https://urlhaus.abuse.ch/host/136.144.41.133/
-
[2021-06-25 17:17:31] @ozuma5119 #Phishing Alert⚠ #フィッシング #詐欺 hxxps://paypay-ban1k.ojmjj.com/ ‼️ need SrcIP= JP???????? Registrar: 新网???????? https://otx.alienvault.com/indicator/domain/ojmjj.com IP: 45.58.150.66 (AS46844 Sharktech.NL????????) Brand: ペイペイ銀行 PayPay Bank ???????? (旧ジャパンネット銀行) @Bank_Security https://twitter.com/ozuma5119/status/1408368754447118342/photo/1
-
[2021-06-23 20:13:01] @AltShiftPrtScn Ransomware gangs spotted the opportunity for a gold rush roughly 3 years ago. looks like the cyber insurance firms are finally beginning to realize they are the ones providing the gold. https://therecord.media/cyber-insurance-market-faces-a-reckoning-as-losses-pile-up/
-
[2021-06-22 21:53:07] @phishunt_io #NewPhishing | #phishing #scam ???? /www.rmaster.ru/xls/media/market/wellsfargo.comV3 ???? 185.20.224.22 ☁ Domain names registrar http://REG.RU. Ltd ???? Thawte RSA CA 2018 https://twitter.com/phishunt_io/status/1407350945286135814/photo/1
-
[2021-06-22 04:49:22] @1ZRR4H @dark0pcodes Otro dominio relacionado qgam.top (194.147.84.117) ???? Interesante. luego de encriptar la información. obtienen el C2 desde bandakere.tumblr.com para descargar y ejecutar Vidar #Stealer (159.69.20.131). Sample: https://app.any.run/tasks/49ab286b-1f6d-43cd-be3c-11c16f70cb4f/ #Djvu / #STOP -> #Vidar / #Arkei https://twitter.com/1ZRR4H/status/1407093309340852233/photo/1
-
[2021-06-21 17:21:56] @Certego_Intel #Malware #Arkei #Blocklist Domain: vrta.top VirusTotal: https://www.virustotal.com/gui/domain/vrta.top #CyberSecurity #ThreatIntel (bot generated)
-
[2021-06-21 04:49:59] @ActorExpose Defacement Incident (not recovered) 기념품제작.판촉물제작.굿즈제작.홍보물품제작 - hxxps://intermarket.co.kr/zz.html @mstoned7 @2RunJack2 Indonesian exfil: https://t.me/kadaljoging FB: https://www.facebook.com/sontik.sontik.5/
-
[2021-06-20 17:41:55] @Arkbird_SOLG Yep. looks like #Destover of Lazarus. Sample : https://bazaar.abuse.ch/sample/5c2f339362d0cd8e5a8e3105c9c56971087bea2701ea3b7324771b0ea2c26c6c/ cc: @ShadowChasing1 @cyberwar_15 https://twitter.com/h2jazi/status/1406401709157629952 https://twitter.com/Arkbird_SOLG/status/1406562954426912770/photo/1
-
[2021-06-20 07:49:25] @ghost_motley The latest version of UserBenchmark is detected as 'potentially unwanted software' by 14 different Anti-Virus engines. including Microsoft Defender https://www.virustotal.com/gui/file/c321cf889b7b02ee16037bca42657e87ffcadc9e323703cf841e49f89a0d28b7/detection
-
[2021-06-20 00:46:14] @Paladin3161 @marcusjcarey @KryptoDos https://www.nytimes.com/2017/06/17/us/houston-juneteenth-emancipation-park.html
-
[2021-06-19 15:21:55] @Certego_Intel #Covid19 #Spam #Suspicious Domain: jenmarkest.casa VirusTotal: https://www.virustotal.com/gui/domain/jenmarkest.casa #CyberSecurity #ThreatIntel (bot generated)
-
[2021-06-17 23:07:38] @the_OmPande Resources to check the security of Website & details 1) https://themarkup. org/blacklight 2) https://sitecheck.sucuri.net/ 3) https://www.virustotal. com/gui/home/url 4) https://vms.drweb. com/online/?lng= en
-
[2021-06-15 13:41:15] @SecurityJoes *BITCOIN SWAPPER* Our Threat Center found another interesting sample - "cracked" #Arkei stealer. The malware drops a booby trapped ????Payload.exe (VT - https://cutt.ly/anHBnv4) that grabs the clipboard and modifies it to the threat actor's wallet. https://app.any.run/tasks/37f5016e-24b6-4607-a20d-2f4b6534d28d/
-
[2021-06-11 16:45:50] @ffforward @JAMESWT_MHT @verovaleros @felixw3000 @malwrhunterteam @guelfoweb @sugimu_sec @Arkbird_SOLG @fr0s7_ @Jan0fficial @lazyactivist192 @FBussoletti @securityaffairs Additional one https://www.virustotal.com/gui/file/a7fab8c1fc7ffc5002452f5a783f7a43b263ad302fab8d9fdd412610122f77ce/detection communication with /pigghiamlnwwe.nl on same IP. Signed "ART BOOK PHOTO s.r.o."
-
[2021-06-11 02:48:37] @James_inthe_box @ScarletSharkSec #ficker #stealer was here: zazno9a.ru/f7jk8uisdfkh.exe
-
[2021-06-08 04:35:36] @Arkbird_SOLG Except all the remarks. this works and detect the v2 #XCSSET. I share one of my samples if someone is interested to analysis it. https://bazaar.abuse.ch/sample/ba14cfe19a51a168813ee1d2bd2e57a8d2aeffa7721575772b6718114df778f3/
-
[2021-06-08 02:21:17] @AltShiftPrtScn #Darkside #ColonialPipeline live now: https://www.justice.gov/live
-
[2021-06-07 17:38:33] @kyleehmke Some recent. probable FIN7 domains to add to those listed in the below thread: unitious.com (157.90.14.145) boldhamia.com (157.90.14.146) uprestrice.com (157.90.14.144) perespectable.com (157.90.14.141) landownerable.com (157.90.14.136) https://twitter.com/Arkbird_SOLG/status/1400845453101522947
-
[2021-06-06 00:22:46] @b_muf9 دائما تأتي روابط ولا نعلم مدى خطورتها ولكن جبت لكم هذي المواقع تفحص لك الروابط وتخبرنا عن مدى خطورتها والأمان ، احفظها لديك… https://urlscan.io/ https://sitecheck.sucuri.net/ https://www.virustotal.com/gui/home/url https://themarkup.org/blacklight
-
[2021-06-05 20:27:33] @Arkbird_SOLG Have the same mutex {8761ABBD-7F85-42EE-B272-A76179687C63} and some others similarities with medusa locker. looks like a recent fork. https://bazaar.abuse.ch/sample/877c612cf42d85b943010437599b828383ecdf02a17e2b017367db34637e5463/ https://www.carbonblack.com/blog/tau-threat-analysis-medusa-locker-ransomware/ https://twitter.com/fbgwls245/status/1400971422336311297 https://twitter.com/Arkbird_SOLG/status/1401168816894271489/photo/1
-
[2021-06-04 23:02:37] @Arkbird_SOLG The rest of the TTPs are the same that on the last report early 2021 of Morphisec. H/T @MLParker1 @z0ul_ @JAMESWT_MHT Delivery domain : opposedent.com C2: legislationient.com deprivationant.com SID Anyrun : 2033073
-
[2021-06-04 22:10:49] @James_inthe_box @LittleRedBean2 @Arkbird_SOLG @c3rb3ru5d3d53c @JAMESWT_MHT Confirmed; c2: http://139.198.186.114:443/ajax/libs/jquery/3.3.1/jquery.slim.min.js https://twitter.com/James_inthe_box/status/1400832419742195716/photo/1
-
보이스피싱, 불법촬영물, 랜섬웨어, 사이버 안보위협 등에 관련된 사안의 경우 다음과 같은 기관 및 단체의 도움을 받을 수 있습니다. 노모어랜섬(No More Ransom) 경찰청 사이버범죄 신고시스템 국가정보원 민원센터