Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Score	Zero	VT	Player
136	2023-07-07 10:13	page.html f6b00338f9b1aa52396ffb72af40bf04 AntiDebug AntiVM MSOffice File Code Injection unpack itself Windows utilities Tofsee Windows DNS	4 Keyword trend analysis	34 Info edgedl.me.gvt1.com(34.104.35.123) - bit.ly(67.199.248.11) - www.google.com(142.250.207.100) - www.gstatic.com(142.250.76.131) - pdf-readonline.website(45.83.122.52) - _googlecast._tcp.local() - fonts.googleapis.com(142.250.206.202) - clients2.googleusercontent.com(142.250.76.129) - accounts.google.com(172.217.25.173) - dhqidctjo3ugevk9u5sev1r.webdav.drivehq.com(66.220.9.58) - fonts.gstatic.com(142.250.206.195) - apis.google.com(142.250.76.142) - dhqidlnsxx2qigisdvn7x2f.webdav.drivehq.com(66.220.9.58) - p13n.adobe.io(54.224.241.105) - dhqid45r064utd5gygt2jy6.webdav.drivehq.com(66.220.9.58) - www.smartsheet.com(151.101.194.191) - clientservices.googleapis.com(172.217.25.163) - 142.250.204.35 - 52.6.155.20 - 142.250.207.99 - 146.75.50.191 - 142.250.66.132 - 216.58.200.227 - 67.199.248.10 - 66.220.9.58 - 121.254.136.27 - 142.250.204.129 - 142.250.204.46 - 142.250.66.77 - 172.217.24.99 - 142.250.204.110 - 45.83.122.52 - 142.250.204.74 - 34.104.35.123 -	2	3.4			ZeroCERT

137	2023-07-07 09:35	page.html f6b00338f9b1aa52396ffb72af40bf04 AntiDebug AntiVM MSOffice File Code Injection exploit crash unpack itself Windows utilities Tofsee Windows Exploit DNS crashed			2	3.4			ZeroCERT

138	2023-06-21 07:39	thomas.hta 5ee0717be491e47a97affc5d4bc8d206 VirusTotal Malware crashed				1.0		25	ZeroCERT

139	2023-06-18 09:29	secret_conversations.html e57fdf1dad4fabac8ad020453f07cdbb AntiDebug AntiVM MSOffice File Code Injection RWX flags setting exploit crash unpack itself Windows utilities Tofsee Windows Exploit DNS crashed	1 Keyword trend analysis	2	2	3.8			guest

140	2023-06-14 16:04	7za_SC.bat 4bd2a27b7bb64b9d060d0e4cafadceac Downloader Create Service DGA Socket DNS Code injection HTTP PWS[m] Sniff Audio Steal credential Http API P2P Internet API Escalate priviledges FTP KeyLogger ScreenShot AntiDebug AntiVM WriteConsoleW				0.6			ZeroCERT

141	2023-06-13 09:56	smartoption.php.html 00cf40deab29bc4bdf812434e171c14c Generic Malware Antivirus PowerShell Malware powershell AutoRuns suspicious privilege Malicious Traffic Check memory Checks debugger Creates shortcut RWX flags setting unpack itself Windows utilities powershell.exe wrote Check virtual network interfaces suspicious process WriteConsoleW Windows ComputerName Cryptographic key	10 Keyword trend analysis Info http://kentwater.cn/caches/caches_template/user/index.php?CAVOt6Npb=xjPDl6R&ydEJCl=MAErLBSCmOJG&4iGjK=4lSxO0qiNcfvm1H7&21Jn0lD=QBUjHXJTHgQjAggSS1UhRVEPJxEgXkwbKwADHxtUbl5QUQU9GWQnLQcaKiAvdQ&E9vtGu=ugi http://kentwater.cn/caches/caches_template/user/index.php?MXsl7LC8D=N7X1SoIhvZV&uFzOMrnj=M8FeRUNq1nP&qUMSj=7FeDtQP8Hk1csmZI&74bdWNa=Qz8VIUkyP1UlCl8HVQkzO1IlES0bP21KLQhUCgUIfCBTezMBIgUGfAESfTUxKQ&XKAn=WEen6 http://kentwater.cn/caches/caches_template/user/index.php?VXRu=6kLbuY1aWeJmjO&LVfau=lH0D8E1OxtUGIkJR&RA6dcsU=GDFAIQUmXiIVFTsjbw8jIAkrRC1XKww9HRcwLj8ObDsIdWYBbhFnCzENGRELLw http://kentwater.cn/caches/caches_template/user/index.php?SN6vlWX5=0szj7BZlSTNRF&l9L7t85E1=P9KV5iWFmfb&9il5=AQ3BbrwCUXu1&kzwDru=rp3yzGvbSNwQ&u8dw2=8uLpU5jDOHdsrPly&D4yaJKE=TAw8FWhWBSkiKQoXVDQFC10WOBk6W1c2KisBGgQ1ShBcSBo1A2E8AAYxKCUwFA&vRdFJALhu=bLMoFCsqn http://kentwater.cn/caches/caches_template/user/index.php?lIc=1FOdISaB&9P71m=NqDdzlOor3fSQpIG&qPv7KDa=Ogg0AUcPIAIfUgg3dxQgNSsSMA0VAnIdF1ADOicVby4qTBIhLDgZKztKKgUTNA http://kentwater.cn/caches/caches_template/user/index.php?6v=GUrbi7L&vtfW8=sYghU7IQo21ftAXj&9eDt13B=ByAXDWhUJjwCU18CUiUxGBY6EwE6WXQjClFUDwIkfgMXZDEtA2MfFSZLfTA2BQ&Mz4s=UO2J0&g4VEDh=HjdIpfc http://kentwater.cn/caches/caches_template/user/index.php?DNhmTrg6B=RLgh7dp3c2rTt&h=wap8I5&inu2wpr5G=bKXDenjoQ&2JptK=y7gAKRvqBtib8mpu&F9umKUj=DU4XJHYxGRwvFQcGHgkZBxxUEygkPEsDJxcMC04IVhwdCjEEHQYgNQsNJTR6KQ&7=ugwN http://kentwater.cn/caches/caches_template/user/index.php?TlMcD0Ao=25IilUCF6y&TU1JA34g=Tyzc7puEYRS1O3Q&hregZ=UO7DwbvfTCphWZzq&Pcm50x6=ITZHIUoBGQs5Ih4McT4TAzAsQy0YDEsUMSAVASE_XBgxcmEBITYgIh06PD4VHg&IHGKOC=4UESkm http://kentwater.cn/caches/caches_template/user/index.php?z1sUfI=gi8u3&7Aq42=Gub3nUqdgYFKP8Bf&Xi7cSqs=MwwSVlM2HgkKOCgvdlwrFCIWFloBO0wWAjojIiZdZA8jSDR2OAEnIC4gCh0SfA&o43vz0Wd=DUdJK95 http://pumpmotor.net/editor/smartoption.php	2		8.2			ZeroCERT

142	2023-06-13 09:50	smartoption.php.html 00cf40deab29bc4bdf812434e171c14c unpack itself crashed				0.6			ZeroCERT

143	2023-06-12 13:11	message.html 8840dc3329993782c0ff500a220a000e AntiDebug AntiVM MSOffice File Code Injection RWX flags setting exploit crash unpack itself Windows utilities Tofsee Windows Exploit DNS crashed			2	3.8			guest

144	2023-06-08 17:41	snappyshop.it_img_docse.php.ps... 3e2fdbdefa7c8e16b351a46ed1afc33d Generic Malware Antivirus AutoRuns Check memory unpack itself WriteConsoleW Windows Cryptographic key	1 Keyword trend analysis			2.2			ZeroCERT

145	2023-06-07 13:42	index.html e66507bcd2afe260f82a61cb981ec964 AntiDebug AntiVM PNG Format MSOffice File JPEG Format Code Injection RWX flags setting exploit crash unpack itself Windows utilities Tofsee Windows Exploit DNS crashed		2	2	3.8			guest

146	2023-06-07 10:05	index.html e66507bcd2afe260f82a61cb981ec964 AntiDebug AntiVM MSOffice File PNG Format JPEG Format Code Injection RWX flags setting exploit crash unpack itself Windows utilities Tofsee Windows Exploit DNS crashed	1 Keyword trend analysis	2	1	3.8			ZeroCERT

147	2023-06-07 09:01	index.html e66507bcd2afe260f82a61cb981ec964 Generic Malware Browser Info Stealer MachineGuid Code Injection Checks debugger exploit crash unpack itself installed browsers check Exploit Browser crashed				3.6			ZeroCERT

148	2023-06-01 19:56	1.html 9b78bbb925f4d5e4fb3b19b1962674b9 Generic Malware Antivirus Hide_URL AntiDebug AntiVM Malware powershell AutoRuns suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger Creates shortcut RWX flags setting unpack itself powershell.exe wrote Check virtual network interfaces suspicious process WriteConsoleW Windows ComputerName DNS Cryptographic key	1 Keyword trend analysis	1		9.8	M		ZeroCERT

149	2023-06-01 19:46	1.html 9b78bbb925f4d5e4fb3b19b1962674b9 Generic Malware Antivirus Browser Info Stealer MachineGuid Code Injection Checks debugger exploit crash unpack itself installed browsers check Exploit Browser crashed				3.6	M		ZeroCERT

150	2023-06-01 19:27	1.html 9b78bbb925f4d5e4fb3b19b1962674b9 Antivirus AntiDebug AntiVM MSOffice File Code Injection exploit crash unpack itself Windows utilities Windows Exploit DNS crashed				3.4	M		ZeroCERT