DOCGuard - Detect Maldocs in Seconds!
@doc_guard
Analyze Malwares in seconds!
ID:1330923063068811267
https://app.docguard.io 23-11-2020 17:16:16
507 Tweets
5,2K Followers
96 Following
![π¨ Malicious Excel File Evaded Nearly All the AV Solutions π¨ π VT Detection: 10 / 65 π Filename: ship particulars.xlsm π MD5: 6f3cb94ce1f24cdb30b2cd7f4e4b44c7 π΅οΈββοΈ IOCs: - nsoftonline[.]com DOCGuard Report: app.docguard.io/898eb9a8289ef0β¦](https://pbs.twimg.com/media/GL2TgLJWgAErwHD.png "DOCGuard - Detect Maldocs in Seconds! (@doc_guard) on Twitter photo 2024-04-23 12:09:01 π¨ Malicious Excel File Evaded Nearly All the AV Solutions π¨ π VT Detection: 10 / 65 π Filename: ship particulars.xlsm π MD5: 6f3cb94ce1f24cdb30b2cd7f4e4b44c7 π΅οΈββοΈ IOCs: - nsoftonline[.]com DOCGuard Report: app.docguard.io/898eb9a8289ef0β¦")
![π¨ Malicious LNK File Evaded Nearly All the AV Solutions π¨ π VT Detection: 10 / 60 π Filename: visa_statement_apr_24.lnk π MD5: aa6a2fb601a17ee6315e9a40d740e866 π΅οΈββοΈ IOCs: - clubedasluluzinhasro[.]com[.]br DOCGuard Report: app.docguard.io/ed4149d5ac4b15β¦](https://pbs.twimg.com/media/GLxcezfW4AAiYOs.png "DOCGuard - Detect Maldocs in Seconds! (@doc_guard) on Twitter photo 2024-04-22 13:30:10 π¨ Malicious LNK File Evaded Nearly All the AV Solutions π¨ π VT Detection: 10 / 60 π Filename: visa_statement_apr_24.lnk π MD5: aa6a2fb601a17ee6315e9a40d740e866 π΅οΈββοΈ IOCs: - clubedasluluzinhasro[.]com[.]br DOCGuard Report: app.docguard.io/ed4149d5ac4b15β¦")
π¨ Malicious Word File Evaded Nearly All the AV Solutions π¨
π VT Detection: 18 / 65
π Filename: ΡΠ΅ΠΊΠ»Π°ΠΌΠ°ΡΠΈΡ.doc
π MD5: 3a2e3726dac14166e74c22ccacf082f0
π΅οΈββοΈ IOCs:
- saratovoblgaz[.]ru
- (MD5) 7f204fe0cae5d05b90290430732fc824
DOCGuard Report: app.docguard.io/b8288968633bcfβ¦
![π¨ Malicious Word File Evaded Nearly All the AV Solutions π¨ π VT Detection: 18 / 65 π Filename: ΡΠ΅ΠΊΠ»Π°ΠΌΠ°ΡΠΈΡ.doc π MD5: 3a2e3726dac14166e74c22ccacf082f0 π΅οΈββοΈ IOCs: - saratovoblgaz[.]ru - (MD5) 7f204fe0cae5d05b90290430732fc824 DOCGuard Report: app.docguard.io/b8288968633bcfβ¦](https://pbs.twimg.com/media/GLiKEpBXsAAHJoJ.png "DOCGuard - Detect Maldocs in Seconds! (@doc_guard) on Twitter photo 2024-04-19 14:15:20 π¨ Malicious Word File Evaded Nearly All the AV Solutions π¨ π VT Detection: 18 / 65 π Filename: ΡΠ΅ΠΊΠ»Π°ΠΌΠ°ΡΠΈΡ.doc π MD5: 3a2e3726dac14166e74c22ccacf082f0 π΅οΈββοΈ IOCs: - saratovoblgaz[.]ru - (MD5) 7f204fe0cae5d05b90290430732fc824 DOCGuard Report: app.docguard.io/b8288968633bcfβ¦")
π¨ Phishing HTML File Evaded Most of the AV Solutions π¨
π VT Detection: 5 / 60
π Filename: FedEX AWB Shipment .html
π MD5: 37d3c49bf58f831615a6bc301b23bab4
π΅οΈββοΈ IOCs:
- https[:]//nocodeform.io/f/661e3d5061d3f8c25668372f
DOCGuard Report: app.docguard.io/e3eeb0e4ae430eβ¦
![π¨ Phishing HTML File Evaded Most of the AV Solutions π¨ π VT Detection: 5 / 60 π Filename: FedEX AWB Shipment .html π MD5: 37d3c49bf58f831615a6bc301b23bab4 π΅οΈββοΈ IOCs: - https[:]//nocodeform.io/f/661e3d5061d3f8c25668372f DOCGuard Report: app.docguard.io/e3eeb0e4ae430eβ¦](https://pbs.twimg.com/media/GLcn0otXMAArsBV.png "DOCGuard - Detect Maldocs in Seconds! (@doc_guard) on Twitter photo 2024-04-18 12:27:29 π¨ Phishing HTML File Evaded Most of the AV Solutions π¨ π VT Detection: 5 / 60 π Filename: FedEX AWB Shipment .html π MD5: 37d3c49bf58f831615a6bc301b23bab4 π΅οΈββοΈ IOCs: - https[:]//nocodeform.io/f/661e3d5061d3f8c25668372f DOCGuard Report: app.docguard.io/e3eeb0e4ae430eβ¦")
π¨ Phishing SHTML File Evaded Nearly All the AV Solutions π¨
π VT Detection: 12 / 59
π Filename: Approved notice pdf.shtml
π MD5: 98ff35dc0a1bced67f5678018fd13617
π΅οΈββοΈ IOCs:
- https[:]//yourgreatbargain.com/wordpress/wp-includes/blocks/column/templates.php
DOCGuard Report:
![π¨ Phishing SHTML File Evaded Nearly All the AV Solutions π¨ π VT Detection: 12 / 59 π Filename: Approved notice pdf.shtml π MD5: 98ff35dc0a1bced67f5678018fd13617 π΅οΈββοΈ IOCs: - https[:]//yourgreatbargain.com/wordpress/wp-includes/blocks/column/templates.php DOCGuard Report:](https://pbs.twimg.com/media/GLXp63cWoAAF58B.png "DOCGuard - Detect Maldocs in Seconds! (@doc_guard) on Twitter photo 2024-04-17 13:19:03 π¨ Phishing SHTML File Evaded Nearly All the AV Solutions π¨ π VT Detection: 12 / 59 π Filename: Approved notice pdf.shtml π MD5: 98ff35dc0a1bced67f5678018fd13617 π΅οΈββοΈ IOCs: - https[:]//yourgreatbargain.com/wordpress/wp-includes/blocks/column/templates.php DOCGuard Report:")
![π¨ Outlook Login Panel Themed Phishing HTML Evaded All the AV Solutions π¨ π VT Detection: 0 / 58 π Filename: Staff memo from HR department.htm π MD5: e1f5cdbac6db809cb06fe0279f2c7594 π΅οΈββοΈ IOCs: - https[:]//districtjanitorialrepair.com/dev/dropbox.php -](https://pbs.twimg.com/media/GLSndCjWsAALJwB.png "DOCGuard - Detect Maldocs in Seconds! (@doc_guard) on Twitter photo 2024-04-16 13:49:52 π¨ Outlook Login Panel Themed Phishing HTML Evaded All the AV Solutions π¨ π VT Detection: 0 / 58 π Filename: Staff memo from HR department.htm π MD5: e1f5cdbac6db809cb06fe0279f2c7594 π΅οΈββοΈ IOCs: - https[:]//districtjanitorialrepair.com/dev/dropbox.php -")
π¨ Obfuscated Malicious HTA File Evaded Most of the AV Solutions #AgentTesla π¨
π VT Detection: 3 / 59
π Filename: Ξ€ΞΞΞΞΞΞΞΞ PROFOMA(PI)_978975845646758965856445647655764675465.hta
π MD5: 3cab2cb50468a11173f7abb7d63c75b6
π΅οΈββοΈ IOCs:
-(FILE) 586f8ede29ee70c42e60f344aee10623
![π¨ Malicious WORD File Evaded Nearly All the AV Solutions π¨ π VT Detection: 10 / 65 π MD5: 3d98b4c649408c7021b1e01dc72f2ae4 π΅οΈββοΈ IOCs: - (URL) letentinfo[.]info - (URL) geographiclocation[.]info - (File) 1386effe1ff6b2609a88d5d07d21242c - (File)](https://pbs.twimg.com/media/GKpWDX2WwAA_VYL.jpg "DOCGuard - Detect Maldocs in Seconds! (@doc_guard) on Twitter photo 2024-04-08 13:29:51 π¨ Malicious WORD File Evaded Nearly All the AV Solutions π¨ π VT Detection: 10 / 65 π MD5: 3d98b4c649408c7021b1e01dc72f2ae4 π΅οΈββοΈ IOCs: - (URL) letentinfo[.]info - (URL) geographiclocation[.]info - (File) 1386effe1ff6b2609a88d5d07d21242c - (File)")
![π¨ Phishing HTML File Evaded All the AV Solutions π¨ π VT Detection: 0 / 60 π Filename: seecommentsoptimumremitdoc982729-pdf.htm π MD5: d2190bc78bb3fa2788766b95cd1e0bff π΅οΈββοΈ IOCs: - https[:]//workdrive.zohoexternal.com/file/34kee22866a12638d48d4b2521a62944eab28 -](https://pbs.twimg.com/media/GKog-0nXcAAbKPI.jpg "DOCGuard - Detect Maldocs in Seconds! (@doc_guard) on Twitter photo 2024-04-08 09:38:12 π¨ Phishing HTML File Evaded All the AV Solutions π¨ π VT Detection: 0 / 60 π Filename: seecommentsoptimumremitdoc982729-pdf.htm π MD5: d2190bc78bb3fa2788766b95cd1e0bff π΅οΈββοΈ IOCs: - https[:]//workdrive.zohoexternal.com/file/34kee22866a12638d48d4b2521a62944eab28 -")
π¨ Phishing HTML File Evaded All the AV Solutions π¨
π VT Detection: 0 / 50
π Filename: SatΔ±n alma sipariΕi_PO_46338730_Akyurek.html
π MD5: ace1e1142524bce4785a98cd02f4fea6
π΅οΈββοΈ IOCs:
- 82ff88f03dfe0d5ba1137a3207c551d1
- 188[.114.96.]7
DOCGuard Report: app.docguard.io/9bd692bc32e131β¦
![π¨ Phishing HTML File Evaded All the AV Solutions π¨ π VT Detection: 0 / 50 π Filename: SatΔ±n alma sipariΕi_PO_46338730_Akyurek.html π MD5: ace1e1142524bce4785a98cd02f4fea6 π΅οΈββοΈ IOCs: - 82ff88f03dfe0d5ba1137a3207c551d1 - 188[.114.96.]7 DOCGuard Report: app.docguard.io/9bd692bc32e131β¦](https://pbs.twimg.com/media/GKZz-65XIAA0pHI.png "DOCGuard - Detect Maldocs in Seconds! (@doc_guard) on Twitter photo 2024-04-05 13:07:21 π¨ Phishing HTML File Evaded All the AV Solutions π¨ π VT Detection: 0 / 50 π Filename: SatΔ±n alma sipariΕi_PO_46338730_Akyurek.html π MD5: ace1e1142524bce4785a98cd02f4fea6 π΅οΈββοΈ IOCs: - 82ff88f03dfe0d5ba1137a3207c551d1 - 188[.114.96.]7 DOCGuard Report: app.docguard.io/9bd692bc32e131β¦")
![π¨ Phishing Word File Evaded All the AV Solutions π¨ π VT Detection: 0 / 61 π Filename: Wire Transfer Receipt.docx π MD5: 01cbbc4ca405f8ea1680f456c0250acc π΅οΈββοΈ IOCs: - https[:]//xzu.fqqydm.ru - https[:]//24x7bus.com DOCGuard Report: app.docguard.io/1dbc2597eec818β¦](https://pbs.twimg.com/media/GKZybjdXsAEr1sI.png "DOCGuard - Detect Maldocs in Seconds! (@doc_guard) on Twitter photo 2024-04-05 13:04:54 π¨ Phishing Word File Evaded All the AV Solutions π¨ π VT Detection: 0 / 61 π Filename: Wire Transfer Receipt.docx π MD5: 01cbbc4ca405f8ea1680f456c0250acc π΅οΈββοΈ IOCs: - https[:]//xzu.fqqydm.ru - https[:]//24x7bus.com DOCGuard Report: app.docguard.io/1dbc2597eec818β¦")
π¨ Phishing PDF File Evaded All the AV Solutions π¨
π VT Detection: 0 / 61
π Filename: VERTRAULICHES DOKUMENT (als PDF).pdf
π MD5: e248d6afde41221bca0009d17dad8fc1
π΅οΈββοΈ IOCs:
- dential-document-6762ac[.]webflow[.]io
- joboot[.]co
DOCGuard Report: app.docguard.io/ef1ceaf2c36058β¦
![π¨ Phishing PDF File Evaded All the AV Solutions π¨ π VT Detection: 0 / 61 π Filename: VERTRAULICHES DOKUMENT (als PDF).pdf π MD5: e248d6afde41221bca0009d17dad8fc1 π΅οΈββοΈ IOCs: - dential-document-6762ac[.]webflow[.]io - joboot[.]co DOCGuard Report: app.docguard.io/ef1ceaf2c36058β¦](https://pbs.twimg.com/media/GKZx6F-XwAAqtRQ.png "DOCGuard - Detect Maldocs in Seconds! (@doc_guard) on Twitter photo 2024-04-05 12:57:11 π¨ Phishing PDF File Evaded All the AV Solutions π¨ π VT Detection: 0 / 61 π Filename: VERTRAULICHES DOKUMENT (als PDF).pdf π MD5: e248d6afde41221bca0009d17dad8fc1 π΅οΈββοΈ IOCs: - dential-document-6762ac[.]webflow[.]io - joboot[.]co DOCGuard Report: app.docguard.io/ef1ceaf2c36058β¦")
π¨ Phishing HTML File Evaded All the AV Solutions π¨
π VT Detection: 0/60
π Filename: [[email protected]] Please confirm to continue..htm
π MD5: fead95af1dec5de06708433c531f7854
π΅οΈββοΈ IOCs:
-
![π¨ Phishing HTML File Evaded All the AV Solutions π¨ π VT Detection: 0/60 π Filename: [press@rtrn.ru] Please confirm to continue..htm π MD5: fead95af1dec5de06708433c531f7854 π΅οΈββοΈ IOCs: -](https://pbs.twimg.com/media/GKPPfIpWsAEud9L.png "DOCGuard - Detect Maldocs in Seconds! (@doc_guard) on Twitter photo 2024-04-03 11:55:03 π¨ Phishing HTML File Evaded All the AV Solutions π¨ π VT Detection: 0/60 π Filename: [press@rtrn.ru] Please confirm to continue..htm π MD5: fead95af1dec5de06708433c531f7854 π΅οΈββοΈ IOCs: -")
![π¨ Phishing HTML File Evaded Most of the AV Solutions π¨ π VT Detection: 4/60 π Filename: message.html π MD5: e4af1ec7a89c9898860187b2209437e8 π΅οΈββοΈ IOCs: - https[:]//vujoi.orierma.com/ DOCGuard Report: app.docguard.io/c4c0cf3c5486f4β¦](https://pbs.twimg.com/media/GKPJTr6XkAAD9qY.png "DOCGuard - Detect Maldocs in Seconds! (@doc_guard) on Twitter photo 2024-04-03 11:49:07 π¨ Phishing HTML File Evaded Most of the AV Solutions π¨ π VT Detection: 4/60 π Filename: message.html π MD5: e4af1ec7a89c9898860187b2209437e8 π΅οΈββοΈ IOCs: - https[:]//vujoi.orierma.com/ DOCGuard Report: app.docguard.io/c4c0cf3c5486f4β¦")
![π¨ Phishing HTML File Evaded All the AV Solutions π¨ π VT Detection: 0/58 π Filename: [External]Culligan Service Report.htm π MD5: a4a13d3f24acc386cecd6fcb99ee5521 π΅οΈββοΈ IOCs: - https[:]//ebilling.culligan.co.uk/Logon DOCGuard Report: app.docguard.io/3f85275795821eβ¦](https://pbs.twimg.com/media/GKPIRuqWoAAQFKg.png "DOCGuard - Detect Maldocs in Seconds! (@doc_guard) on Twitter photo 2024-04-03 11:21:54 π¨ Phishing HTML File Evaded All the AV Solutions π¨ π VT Detection: 0/58 π Filename: [External]Culligan Service Report.htm π MD5: a4a13d3f24acc386cecd6fcb99ee5521 π΅οΈββοΈ IOCs: - https[:]//ebilling.culligan.co.uk/Logon DOCGuard Report: app.docguard.io/3f85275795821eβ¦")
![π¨ Phishing HTML File Evaded Most of the AV Solutions π¨ π VT Detection: 2/60 π Filename: [SUSPECTED SPAM]Password Expiration Notification.htm π MD5: 1152ce6f8a91a9b84346cec570102628 π΅οΈββοΈ IOCs: - https[:]//googleweblight.com - https[:]//trk-mkt.tason.com -](https://pbs.twimg.com/media/GKPHswhXEAAShuQ.png "DOCGuard - Detect Maldocs in Seconds! (@doc_guard) on Twitter photo 2024-04-03 11:17:30 π¨ Phishing HTML File Evaded Most of the AV Solutions π¨ π VT Detection: 2/60 π Filename: [SUSPECTED SPAM]Password Expiration Notification.htm π MD5: 1152ce6f8a91a9b84346cec570102628 π΅οΈββοΈ IOCs: - https[:]//googleweblight.com - https[:]//trk-mkt.tason.com -")
![π¨ Phishing MS Login Panel Sending Credentials via Socket π¨ π VT Detection: 4 / 60 π Filename: Voicemail246.htm π MD5: 21a3343e71f7f3e127a8ee36bfa86c29 π΅οΈββοΈ IOCs: - tvh[.endrowl.]com DOCGuard Report: app.docguard.io/f12b69222c625dβ¦](https://pbs.twimg.com/media/GKE6MRlWcAE68YH.jpg "DOCGuard - Detect Maldocs in Seconds! (@doc_guard) on Twitter photo 2024-04-01 11:41:40 π¨ Phishing MS Login Panel Sending Credentials via Socket π¨ π VT Detection: 4 / 60 π Filename: Voicemail246.htm π MD5: 21a3343e71f7f3e127a8ee36bfa86c29 π΅οΈββοΈ IOCs: - tvh[.endrowl.]com DOCGuard Report: app.docguard.io/f12b69222c625dβ¦")
![π¨ Phishing EXCEL File Executing Malicious AutoHotkey File #opendir π¨ π VT Detection: 18 / 64 π Filename: re-march-26-2024-2136.xlsx π MD5: 46b8df6ba4b2e42894a3572c603daae2 π΅οΈββοΈ IOCs: - (MD5) backupitfirst[.]com - (URL) 170[.]130.55.130 DOCGuard Report:](https://pbs.twimg.com/media/GJ1wQhfWYAAGe_n.png "DOCGuard - Detect Maldocs in Seconds! (@doc_guard) on Twitter photo 2024-03-29 13:03:41 π¨ Phishing EXCEL File Executing Malicious AutoHotkey File #opendir π¨ π VT Detection: 18 / 64 π Filename: re-march-26-2024-2136.xlsx π MD5: 46b8df6ba4b2e42894a3572c603daae2 π΅οΈββοΈ IOCs: - (MD5) backupitfirst[.]com - (URL) 170[.]130.55.130 DOCGuard Report:")