Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Rule	Score	Zero	VT	Player
16	2023-03-09 11:15	5814 N 17ST.doc d44eab3f49c70836c4f7b9524a343f31 emotet Generic Malware VBA_macro MSOffice File VirusTotal Malware Malicious Traffic exploit crash unpack itself Tofsee Exploit crashed	3 Keyword trend analysis	15 Info finephotos.com.au(212.1.210.110) - malware baangnews.com(104.21.69.237) - malware www.theaffiliateincome.com(66.96.149.32) - malware snjwellers.com() - malware vietcontents.xyz() - malware pesquisacred.com() - malware arthurjacksonctc.com(185.230.63.171) - malware apps.identrust.com(23.216.159.81) luandasoft.com(103.224.212.222) - malware 104.21.69.237 212.1.210.110 121.254.136.27 185.230.63.107 - phishing 103.224.212.222 - mailcious 66.96.149.32 - mailcious	3	1	3.8		45	ZeroCERT

17	2023-03-09 10:05	EPR Payment Summary.doc ad16430c43ef743109301fa643a25eed VBA_macro MSOffice File VirusTotal Malware Malicious Traffic exploit crash unpack itself Tofsee Exploit DNS crashed	6 Keyword trend analysis Info http://apps.identrust.com/roots/dstrootcax3.p7c http://meeting.nmconline.org/wp-content/pgynuy3gyq-qib01-12349/ https://www.honeybearlane.com/epj71/tBtwANZJs/ https://ramadepo.000webhostapp.com/wp-includes/90cn-6er-1300852063/ https://royalinteriorsdesign.000webhostapp.com/wp-admin/hkgyeqNXL/ https://stretchpilates.fit/wp-content/kvRYjXUH/	12 Info royalinteriorsdesign.000webhostapp.com(145.14.145.187) - mailcious stretchpilates.fit(192.124.249.111) - malware www.honeybearlane.com(199.79.53.17) - mailcious apps.identrust.com(23.216.159.9) meeting.nmconline.org(104.207.254.70) - malware ramadepo.000webhostapp.com(145.14.144.143) - malware 145.14.145.163 - mailcious 104.207.254.70 145.14.144.197 - malware 121.254.136.57 192.124.249.111 199.79.53.17	4		4.8	M	40	ZeroCERT

18	2023-03-09 10:01	PO-465514-180820.doc d7e6921bfd008f707ba52dee374ff3db Generic Malware VBA_macro MSOffice File VirusTotal Malware Malicious Traffic exploit crash unpack itself Tofsee Exploit crashed	6 Keyword trend analysis Info http://apps.identrust.com/roots/dstrootcax3.p7c http://52550750-56-20180826151453.webstarterz.com/savewayexpressthai.com/jnze_2o3j_k/ http://oubaina.com/wp-includes/lqkz_nvr_1avf4/ https://www.msbc.kz/data/k527_5_cbdvv5bi19/ http://okcupidating.com/im/fsq_esj_qgx060p/ http://bike-nomad.com/cgi-bin/7n_0x0_62mnzyh9q/	10 Info bike-nomad.com(63.247.140.170) - mailcious 52550750-56-20180826151453.webstarterz.com() - malware www.msbc.kz(195.210.46.42) - mailcious okcupidating.com() - mailcious apps.identrust.com(23.216.159.81) oubaina.com(123.253.24.22) - malware 63.247.140.170 - mailcious 123.253.24.22 195.210.46.42 - mailcious 121.254.136.57	1		3.8	M	47	ZeroCERT

19	2023-03-03 10:57	docMALWARE.doc e1f118af01a87bfc473c6a60d5ab50f5 MSOffice File Malware download VirusTotal Malware ICMP traffic exploit crash unpack itself Exploit DNS crashed		2	1		4.0		3	ZeroCERT

20	2022-10-03 13:21	bodli.doc 795c0ee208d098df11d56d72236175b2 Generic Malware VBA_macro MSOffice File VirusTotal Malware exploit crash unpack itself Exploit crashed					3.2		30	ZeroCERT

21	2022-09-25 19:03	mbcoin.doc 4bf987800ff8ab9d95f2438510c91685 Generic Malware VBA_macro MSOffice File VirusTotal Malware exploit crash unpack itself Exploit crashed					2.8		36	ZeroCERT

22	2022-09-15 10:08	IPhone-Winners.doc 9c7716e1681e45e83096eed703058331 Generic Malware VBA_macro Antivirus Hide_URL MSOffice File VirusTotal Malware powershell suspicious privilege Check memory Checks debugger Creates shortcut exploit crash unpack itself suspicious process WriteConsoleW Windows Exploit ComputerName DNS Cryptographic key crashed		1			8.4		34	ZeroCERT

23	2022-09-14 22:16	IPhone-Winners.doc 9c7716e1681e45e83096eed703058331 Generic Malware VBA_macro Antivirus Hide_URL MSOffice File VirusTotal Malware powershell suspicious privilege Check memory Checks debugger Creates shortcut unpack itself suspicious process WriteConsoleW Windows ComputerName Cryptographic key					6.8		34	guest

24	2022-09-14 22:02	IPhone-Winners.doc 9c7716e1681e45e83096eed703058331 Generic Malware VBA_macro Antivirus Hide_URL MSOffice File VirusTotal Malware powershell suspicious privilege Check memory Checks debugger Creates shortcut unpack itself suspicious process WriteConsoleW Windows ComputerName Cryptographic key					6.8		34	guest

25	2022-09-05 07:45	4oXCFBqnnxeb7vIM.php ec37158064e64e685409050426fbacaa MSOffice File unpack itself					0.8			ZeroCERT

26	2022-08-29 10:26	flyer.png 8cf97f8f60792dc2c7b9dd0ab55b0bd2 Generic Malware VBA_macro MSOffice File VirusTotal Malware exploit crash unpack itself Exploit crashed					3.2	M	30	ZeroCERT

27	2022-08-29 09:25	flyer.png 8cf97f8f60792dc2c7b9dd0ab55b0bd2 Generic Malware VBA_macro MSOffice File VirusTotal Malware unpack itself					1.8	M	30	ZeroCERT

28	2022-08-23 18:22	741-Mau2_Tr.doc e15e45a4d840b91db3adb1907ac9b836 MSOffice File RWX flags setting exploit crash unpack itself Exploit crashed					2.2			ZeroCERT

29	2022-08-23 18:18	SCL.doc a921188d8e6fa531e50bd6380fc8321e MSOffice File RWX flags setting exploit crash unpack itself Exploit crashed					2.2			ZeroCERT

30	2022-08-20 19:08	emo.doc 3079af4d01ee6ec51bd3d9911da7e23f Generic Malware VBA_macro MSOffice File Vulnerability VirusTotal Malware unpack itself		7			3.0		44	guest