Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Score	Zero	VT	Player
646	2021-04-26 18:00	file 45a0cfbd6749929ebd451bd5a04120e4 Code Injection Creates executable files ICMP traffic RWX flags setting exploit crash unpack itself Windows utilities Tofsee Windows Exploit DNS crashed	9 Keyword trend analysis Info https://www.googletagmanager.com/gtag/js?id=UA-829541-1 https://www.googletagmanager.com/gtm.js?id=GTM-53LP4T https://www.aaxdetect.com/pxext.gif https://c.aaxads.com/aax.js?pub=AAX3221EY&hst=&ver=1.2 https://www.google-analytics.com/plugins/ua/ec.js https://c.aaxads.com/pxusr.gif https://cdn.otnolatrnup.com/Scripts/infinity.js.aspx?guid=5ff0fb62-0643-4ff1-aaee-c737f9ffc0e0 https://www.google-analytics.com/analytics.js https://l3.aaxads.com/log?___stu13p=aveoaamactga5dnnuee25ti2rm86bcrodqacb&lwbsh=AAX&dewh=SSP_CLIENT_control&dgeg=0&dgw=desktop&flg=AAX3221EY&fw=YONGDONG&ff=KR&xjg=4&dss=0&skw=899&slg=8PR6YK195&gq=&vhuyqdph=rtb-nv-dcos-ssp-10-6-46-228-14293&vg=-1&vyu=042211_229_042211_95_ssp&vf=&yhuvlrq=4&yk=899&yz=1365&yvlg=&ylg=00001619427471141029496787422051&vvsDeExfnhw=CONTROL&qsd=0&oz=0&gdss=green&uwbsh=&jgsu_hqi=1&fvha=0&jgivwu=&jgsu=0&fvvwu=&wfi_fps=&wfi_vwdwxv=&wfi_sus=&vxf=0&xvs_hqi=1&xvs_vwdwxv=0&xvs_ogi=&xvs_vwulqj=&xifd=-1&frssd_vwdwxv=&frssd_dssolhg=&jixqgo=1600&jwg=100&lqlg=&qjixqgo=1700&ugo=800&lg_ghwdlov=°=2&gvwduw=138&ghqg=420&sf=&uhtxuo=file%3A%2F%2F%2FC%3A%2FUsers%2Ftest22%2FAppData%2FLocal%2FTemp%2Ffile.html&nzui=	17 Info www.googletagmanager.com(142.250.196.104) www.aaxdetect.com(104.75.34.8) c.aaxads.com(104.75.22.243) translate.google.com(172.217.26.46) cdn.otnolatrnup.com(104.19.214.37) l3.aaxads.com(104.75.22.243) static.mediafire.com(104.16.202.237) www.google-analytics.com(216.58.197.174) 104.19.215.37 142.250.66.110 104.16.203.237 - mailcious 142.250.204.142 216.58.197.110 104.75.34.8 104.75.22.243 142.250.204.72 104.16.202.237 - mailcious	2	6.6			ZeroCERT

647	2021-04-23 13:56	index.html f80e9553e5387cb4fcb09a9094416f4d Code Injection Creates executable files RWX flags setting exploit crash unpack itself Windows utilities Tofsee Windows Exploit DNS crashed	4 Keyword trend analysis	2	2	4.2			guest

648	2021-04-23 13:42	index.html f80e9553e5387cb4fcb09a9094416f4d Code Injection Creates executable files RWX flags setting exploit crash unpack itself Windows utilities Tofsee Windows Exploit DNS crashed	4 Keyword trend analysis	2	2	4.2			guest

649	2021-04-23 13:10	index.html f80e9553e5387cb4fcb09a9094416f4d Code Injection Creates executable files RWX flags setting exploit crash unpack itself Windows utilities Tofsee Windows Exploit DNS crashed	4 Keyword trend analysis	2	2	4.2			guest

650	2021-04-08 19:43	zender.txt 5db24413257332efd03849b64f49b2c1 Antivirus Code Injection Check memory Creates executable files exploit crash unpack itself Windows utilities suspicious process Windows Exploit DNS crashed		3		6.4	M	17	ZeroCERT

651	2021-04-07 09:47	real.wsf 6587e06aed7a51ec54d73394cf3b8d9d VirusTotal Malware Code Injection Check memory Checks debugger Creates executable files unpack itself AppData folder				5.6		15	ZeroCERT

652	2021-04-07 09:33	deal.wsf aad06a91c13f3f118b9c1a23b0af4f87 VirusTotal Malware Code Injection Check memory Checks debugger Creates executable files unpack itself AppData folder	3 Keyword trend analysis			5.6		16	ZeroCERT

653	2021-04-07 09:33	real.wsf 6587e06aed7a51ec54d73394cf3b8d9d VirusTotal Malware Code Injection Check memory Checks debugger Creates executable files unpack itself AppData folder DNS	3 Keyword trend analysis			6.2		15	ZeroCERT

654	2021-04-01 07:46	divine11.html 39f36486a95dd6945a63a4f028b8af54 VBScript suspicious privilege MachineGuid Code Injection WMI wscript.exe payload download Creates executable files unpack itself Windows utilities suspicious process WriteConsoleW Windows ComputerName DNS crashed Dropper	32 Keyword trend analysis Info https://resources.blogblog.com/blogblog/data/1kt/simple/gradients_light.png https://accounts.google.com/ServiceLogin?continue=https://www.blogger.com/comment-iframe.g?blogID%3D9202096335134795169%26pageID%3D3844689482953206831%26blogspotRpcToken%3D8511820%26bpli%3D1&followup=https://www.blogger.com/comment-iframe.g?blogID%3D9202096335134795169%26pageID%3D3844689482953206831%26blogspotRpcToken%3D8511820%26bpli%3D1&passive=true&go=true https://resources.blogblog.com/img/anon36.png https://www.blogger.com/comment-iframe.g?blogID=9202096335134795169&pageID=3844689482953206831&blogspotRpcToken=8511820 https://www.blogger.com/static/v1/widgets/2080820689-widgets.js https://www.blogger.com/comment-iframe-bg.g?bgresponse=js_disabled&iemode=9&page=1&bgint=Pa5A_0uaAzeWbINaO2TQXL0lZm6tAyox2Q6Ari2SFkE https://www.google-analytics.com/analytics.js https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfBBc-.woff https://www.blogger.com/img/share_buttons_20_3.png https://www.blogger.com/blogin.g?blogspotURL=https://humtotmharyhain.blogspot.com/p/divine11.html https://accounts.google.com/ServiceLogin?continue=https://www.blogger.com/blogin.g?blogspotURL%3Dhttps://humtotmharyhain.blogspot.com/p/divine11.html%26bpli%3D1&followup=https://www.blogger.com/blogin.g?blogspotURL%3Dhttps://humtotmharyhain.blogspot.com/p/divine11.html%26bpli%3D1&passive=true&go=true https://www.blogger.com/static/v1/v-css/281434096-static_pages.css https://www.blogger.com/static/v1/widgets/3416767676-css_bundle_v2.css https://www.blogger.com/static/v1/jsbin/3762525058-cmt__en_gb.js https://resources.blogblog.com/img/blank.gif https://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UN_r8OUuhv.woff https://resources.blogblog.com/blogblog/data/1kt/simple/body_gradient_tile_light.png https://fonts.googleapis.com/css?family=Open+Sans:300 https://www.google.com/css/maia.css https://www.blogger.com/comment-iframe.g?blogID=9202096335134795169&pageID=3844689482953206831&blogspotRpcToken=8511820&bpli=1 https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxM.woff https://www.blogger.com/blogin.g?blogspotURL=https%3A%2F%2Fhumtotmharyhain.blogspot.com%2Fp%2Fdivine11.html&bpli=1 https://fonts.googleapis.com/css?lang=ko&family=Product+Sans\|Roboto:400,700 https://www.blogger.com/img/blogger-logotype-color-black-1x.png https://www.blogger.com/static/v1/jsbin/3101730221-analytics_autotrack.js https://www.blogger.com/static/v1/jsbin/1277698886-ieretrofit.js https://www.blogger.com/static/v1/v-css/2621646369-cmtfp.css https://www.blogger.com/static/v1/jsbin/3858658042-comment_from_post_iframe.js https://www.google.com/js/bg/Pa5A_0uaAzeWbINaO2TQXL0lZm6tAyox2Q6Ari2SFkE.js https://resources.blogblog.com/img/icon18_edit_allbkg.gif https://www.blogger.com/dyn-css/authorization.css?targetBlogID=9202096335134795169&zx=13bf7370-9e7a-4c19-af40-56e74bd3158e https://resources.blogblog.com/img/icon18_wrench_allbkg.png	19 Info resources.blogblog.com(172.217.31.137) ia801408.us.archive.org(207.241.228.148) - mailcious www.google.com(172.217.24.132) www.gstatic.com(172.217.175.99) fonts.googleapis.com(172.217.175.42) archive.org(207.241.224.2) - mailcious accounts.google.com(172.217.175.45) www.google-analytics.com(172.217.175.78) fonts.gstatic.com(172.217.31.131) www.blogger.com(172.217.31.137) 172.217.163.228 216.58.200.74 216.58.197.109 207.241.228.148 - mailcious 216.58.200.67 172.217.174.206 172.217.24.201 216.58.220.195 172.217.26.137		10.0	M		ZeroCERT

655	2021-03-27 11:36	Encoding.html d7bb6b9d1cd02209f89dc0c4759ddd87 Antivirus Malware download VirusTotal Malware powershell suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted Creates shortcut Creates executable files unpack itself Windows utilities powershell.exe wrote Check virtual network interfaces suspicious process WriteConsoleW Tofsee Windows ComputerName DNS Cryptographic key	4 Keyword trend analysis	3	3	10.6	M	2	ZeroCERT

656	2021-03-27 11:26	Encoding.html d7bb6b9d1cd02209f89dc0c4759ddd87 VirusTotal Malware crashed				0.6		2	ZeroCERT

657	2021-03-17 16:47	test.html 1e4afb756fe35ed1998103207ffb6758 Code Injection RWX flags setting unpack itself Windows utilities Windows				2.2			guest