Scribd Logo
Upload

Welcome to Scribd!

  • KSC June

    Uploaded by

    IT Manager l HARRIS POP Festival Bandung
    4 views2 pages
    The document is a report from Kaspersky Security Center detailing threats detected between June 1-30, 2023 across multiple devices and groups. It lists 5 malicious links detected including "confirm.95urbehxy2dh.top" and "gigapurbalingga.cc" which were blocked from infecting devices. The report provides details of the detected threats such as the object type, actions taken, infected devices and groups.

    Original Description:

    Copyright

    © © All Rights Reserved

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    The document is a report from Kaspersky Security Center detailing threats detected between June 1-30, 2023 across multiple devices and groups. It lists 5 malicious links detected including "confirm.95urbehxy2dh.top" and "gigapurbalingga.cc" which were blocked from infecting devices. The report provides details of the detected threats such as the object type, actions taken, infected devices and groups.

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    4 views2 pages

    KSC June

    Uploaded by

    IT Manager l HARRIS POP Festival Bandung
    The document is a report from Kaspersky Security Center detailing threats detected between June 1-30, 2023 across multiple devices and groups. It lists 5 malicious links detected including "confirm.95urbehxy2dh.top" and "gigapurbalingga.cc" which were blocked from infecting devices. The report provides details of the detected threats such as the object type, actions taken, infected devices and groups.

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 2

    Kaspersky Security Center 12

    Report on threats
    Sunday, September 03, 2023 11:34:19 AM
    Period: from Thursday, June 01, 2023 to Friday, June 30, 2023
    This report provides information about threats detected on devices. This report is generated for all groups.

    Summary:

    Detected object Object type Dangerous objects Different files Devices infected Groups infected First attempted run blocked Last attempted run blocked

    confirm.95urbehxy2dh.top Malicious link 1 1 1 1 Tuesday, June 13, 2023 9:43:32 AM Tuesday, June 13, 2023 9:43:32 AM

    gigapurbalingga.cc Malicious link 2 1 1 1 Monday, June 26, 2023 2:33:51 PM Monday, June 26, 2023 2:33:52 PM

    gigapurbalingga.net Malicious link 1 1 1 1 Monday, June 26, 2023 2:33:38 PM Monday, June 26, 2023 2:33:38 PM

    softowa.com Malicious link 1 1 1 1 Monday, June 26, 2023 2:35:00 PM Monday, June 26, 2023 2:35:00 PM

    www.alex71.com Malicious link 2 1 1 1 Monday, June 26, 2023 2:34:51 PM Monday, June 26, 2023 2:34:52 PM

    Different objects: 5 Different files: 5 Devices infected: 2 Groups infected: 2

    Details7 of 7

    Virtual Group Device Detected object Detected at Path to file Object type Action Account Application Version number Last visible Last connected IP address NetBIOS name Windows Open incident
    Administration to Administration domain
    Server Server

    Administrative & ID‐ confirm.95urbehxy2dh.top Tuesday, June 13, confirm.95urbehxy2dh.top Malicious link Event type: Dangerous link HFCB\asm3 Kaspersky 11.4.0.233 Friday, Friday, 172.16.10.159 ID‐ HFCB Absent
    General CFCBDTSALE14 2023 9:43:32 AM blocked Application: Google Endpoint Security September 01, September 01, CFCBDTSALE14
    Chrome Application\Name: for Windows 2023 6:33:22 PM 2023 6:33:22 PM
    chrome.exe Application\Path:
    C:\Program
    Files\Google\Chrome\Application\
    Application\Process ID: 4856
    User: HFCB\asm3 ﴾Active user﴿
    Component: Web Threat
    Protection Result\Description:
    Blocked Result\Type: Malicious
    link Result\Name:
    confirm.95urbehxy2dh.top
    Result\Threat level: High
    Result\Precision: Exactly Object:
    confirm.95urbehxy2dh.top
    Object\Type: Web page
    Object\Path:
    confirm.95urbehxy2dh.top
    Object\Name:
    confirm.95urbehxy2dh.top
    Reason: Automatic analysis
    Database release date: 6/13/2023
    5:15:00 AM

    Sales Marketing ID‐ gigapurbalingga.cc Monday, June 26, gigapurbalingga.cc Malicious link Event type: Dangerous link HFCB\design Kaspersky 11.4.0.233 Saturday, Thursday, August 172.16.10.121 ID‐ HFCB Absent
    CFCBDTSALE16 2023 2:33:51 PM blocked Application: Google Endpoint Security September 02, 31, 2023 1:30:23 CFCBDTSALE16
    Chrome Application\Name: for Windows 2023 10:43:01 PM
    chrome.exe Application\Path: ﴾11.4.0﴿ PM
    C:\Program
    Files\Google\Chrome\Application\
    Application\Process ID: 15400
    User: HFCB\design ﴾Active user﴿
    Component: Web Threat
    Protection Result\Description:
    Blocked Result\Type: Malicious
    link Result\Name:
    gigapurbalingga.cc Result\Threat
    level: High Result\Precision:
    Exactly Object:
    gigapurbalingga.cc Object\Type:
    Web page Object\Path:
    gigapurbalingga.cc Object\Name:
    gigapurbalingga.cc Reason:
    Automatic analysis Database
    release date: 26/06/2023 08:53:00

    Sales Marketing ID‐ gigapurbalingga.cc Monday, June 26, gigapurbalingga.cc Malicious link Event type: Dangerous link HFCB\design Kaspersky 11.4.0.233 Saturday, Thursday, August 172.16.10.121 ID‐ HFCB Absent
    CFCBDTSALE16 2023 2:33:52 PM blocked Application: Google Endpoint Security September 02, 31, 2023 1:30:23 CFCBDTSALE16
    Chrome Application\Name: for Windows 2023 10:43:01 PM
    chrome.exe Application\Path: ﴾11.4.0﴿ PM
    C:\Program
    Files\Google\Chrome\Application\
    Application\Process ID: 15400
    User: HFCB\design ﴾Active user﴿
    Component: Web Threat
    Protection Result\Description:
    Blocked Result\Type: Malicious
    link Result\Name:
    gigapurbalingga.cc Result\Threat
    level: High Result\Precision:
    Exactly Object:
    gigapurbalingga.cc Object\Type:
    Web page Object\Path:
    gigapurbalingga.cc Object\Name:
    gigapurbalingga.cc Reason:
    Automatic analysis Database
    release date: 26/06/2023 08:53:00

    Sales Marketing ID‐ gigapurbalingga.net Monday, June 26, gigapurbalingga.net Malicious link Event type: Dangerous link HFCB\design Kaspersky 11.4.0.233 Saturday, Thursday, August 172.16.10.121 ID‐ HFCB Absent
    CFCBDTSALE16 2023 2:33:38 PM blocked Application: Google Endpoint Security September 02, 31, 2023 1:30:23 CFCBDTSALE16
    Chrome Application\Name: for Windows 2023 10:43:01 PM
    chrome.exe Application\Path: ﴾11.4.0﴿ PM
    C:\Program
    Files\Google\Chrome\Application\
    Application\Process ID: 15400
    User: HFCB\design ﴾Active user﴿
    Component: Web Threat
    Protection Result\Description:
    Blocked Result\Type: Malicious
    link Result\Name:
    gigapurbalingga.net Result\Threat
    level: High Result\Precision:
    Exactly Object:
    gigapurbalingga.net Object\Type:
    Web page Object\Path:
    gigapurbalingga.net
    Object\Name:
    gigapurbalingga.net Reason:
    Automatic analysis Database
    release date: 26/06/2023 08:53:00

    Sales Marketing ID‐ softowa.com Monday, June 26, softowa.com Malicious link Event type: Dangerous link HFCB\design Kaspersky 11.4.0.233 Saturday, Thursday, August 172.16.10.121 ID‐ HFCB Absent
    CFCBDTSALE16 2023 2:35:00 PM blocked Application: Google Endpoint Security September 02, 31, 2023 1:30:23 CFCBDTSALE16
    Chrome Application\Name: for Windows 2023 10:43:01 PM
    chrome.exe Application\Path: ﴾11.4.0﴿ PM
    C:\Program
    Files\Google\Chrome\Application\
    Application\Process ID: 15400
    User: HFCB\design ﴾Active user﴿
    Component: Web Threat
    Protection Result\Description:
    Blocked Result\Type: Malicious
    link Result\Name: softowa.com
    Result\Threat level: High
    Result\Precision: Exactly Object:
    softowa.com Object\Type: Web
    page Object\Path: softowa.com
    Object\Name: softowa.com
    Reason: Automatic analysis
    Database release date:
    26/06/2023 08:53:00

    Sales Marketing ID‐ www.alex71.com Monday, June 26, www.alex71.com Malicious link Event type: Dangerous link HFCB\design Kaspersky 11.4.0.233 Saturday, Thursday, August 172.16.10.121 ID‐ HFCB Absent
    CFCBDTSALE16 2023 2:34:51 PM blocked Application: Google Endpoint Security September 02, 31, 2023 1:30:23 CFCBDTSALE16
    Chrome Application\Name: for Windows 2023 10:43:01 PM
    chrome.exe Application\Path: ﴾11.4.0﴿ PM
    C:\Program
    Files\Google\Chrome\Application\
    Application\Process ID: 15400
    User: HFCB\design ﴾Active user﴿
    Component: Web Threat
    Protection Result\Description:
    Blocked Result\Type: Malicious
    link Result\Name: www.alex71.com
    1/2
    Result\Threat level: High
    Result\Precision: Exactly Object:
    www.alex71.com Object\Type:
    Web page Object\Path:
    www.alex71.com Object\Name:
    Chrome Application\Name: for Windows 2023 10:43:01 PM
    chrome.exe Application\Path: ﴾11.4.0﴿ PM
    C:\Program
    Files\Google\Chrome\Application\
    Application\Process ID: 15400
    User: HFCB\design ﴾Active user﴿
    Component: Web Threat
    Protection Result\Description:
    Blocked Result\Type: Malicious
    link Result\Name: www.alex71.com
    Result\Threat level: High
    Result\Precision: Exactly Object:
    www.alex71.com Object\Type:
    Web page Object\Path:
    www.alex71.com Object\Name:
    www.alex71.com Reason:
    Automatic analysis Database
    release date: 26/06/2023 08:53:00

    Sales Marketing ID‐ www.alex71.com Monday, June 26, www.alex71.com Malicious link Event type: Dangerous link HFCB\design Kaspersky 11.4.0.233 Saturday, Thursday, August 172.16.10.121 ID‐ HFCB Absent
    CFCBDTSALE16 2023 2:34:52 PM blocked Application: Google Endpoint Security September 02, 31, 2023 1:30:23 CFCBDTSALE16
    Chrome Application\Name: for Windows 2023 10:43:01 PM
    chrome.exe Application\Path: ﴾11.4.0﴿ PM
    C:\Program
    Files\Google\Chrome\Application\
    Application\Process ID: 15400
    User: HFCB\design ﴾Active user﴿
    Component: Web Threat
    Protection Result\Description:
    Blocked Result\Type: Malicious
    link Result\Name: www.alex71.com
    Result\Threat level: High
    Result\Precision: Exactly Object:
    www.alex71.com Object\Type:
    Web page Object\Path:
    www.alex71.com Object\Name:
    www.alex71.com Reason:
    Automatic analysis Database
    release date: 26/06/2023 08:53:00

    2/2

    You might also like