Skip to content

Latest commit

 

History

History
65 lines (54 loc) · 1.21 KB

Malware.md

File metadata and controls

65 lines (54 loc) · 1.21 KB
Raw

VXVault

VXVault is run by a security researcher.

Malware

VXVault publishes a list of malicious URLs.

Domain Name

  • Website
  • http://vxvault.net/
  • Source
  • http://vxvault.net/URL_List.php
  • Data
  • URL
  • Format
  • Text
  • API/Token
  • None
  • Status
  • Ok
  • Comments
  • No comment
Sample Output of IntelMQ
{
  "source":{
    "fqdn":"five5lesson.top",
    "url":"http://five5lesson.top/2.gif"
  },
  "feed":{
    "name":"VxVault",
    "url":"http://vxvault.siri-urz.net/URL_List.php",
    "accuracy":100.0
  },
  "time":{
    "observation":"2016-07-07T15:00:04+00:00"
  },
  "raw":"aHR0cDovL2ZpdmU1bGVzc29uLnRvcC8yLmdpZg==",
  "classification":{
    "type":"malware"
  }
}

There's only URL information in in http://vxvault.net/URL_List.php. It looks like:

VX Vault last 100 Links
Mon, 29 Aug 2016 08:30:42 +0000

http://kelurahanpanjunan.com/wp-content/file.exe
http://www.dryversandsettyngsall0ficceversions.info/Off1cce365upd4te.exe
http://www.przemyslawszymanowski.pl/20000.exe
http://www.przemyslawszymanowski.pl/test/trust.exe
http://www.przemyslawszymanowski.pl/test/kc.exe

But there's more information in http://vxvault.net/ViriList.php:

  • MD5
  • IP
  • Tools