Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Rule	Score	Zero	VT	Player
61	2021-10-28 11:32	10-20-2021.PDF.jar 668e3c7807e42329a01a3c85ccb17504 VirusTotal Malware Check memory Checks debugger RWX flags setting unpack itself Check virtual network interfaces WriteConsoleW DNS crashed		1			3.4		20	ZeroCERT

62	2021-11-10 09:42	Arrival_7036PDF.jar 1aec13cf9b79fd1858bbe91b6281f568 MSOffice File VirusTotal Malware Check memory heapspray unpack itself Java					2.2		14	ZeroCERT

63	2021-11-10 09:46	Arrival_7036PDF.jar 1aec13cf9b79fd1858bbe91b6281f568 NPKI Malicious Library UPX Malicious Packer MSOffice File PE File OS Processor Check PE32 DLL Malware download NetWireRC VirusTotal Email Client Info Stealer Malware AutoRuns Check memory Checks debugger buffers extracted WMI Creates executable files RWX flags setting unpack itself Windows utilities Check virtual network interfaces suspicious process AppData folder suspicious TLD WriteConsoleW IP Check Windows Java Email ComputerName DNS crashed	2 Keyword trend analysis	11 Info str-master.pw(147.182.174.188) - mailcious objects.githubusercontent.com(185.199.108.133) github.com(52.78.231.108) - mailcious repo1.maven.org(199.232.196.209) ip-api.com(208.95.112.1) 185.199.109.133 - mailcious 147.182.174.188 - mailcious 15.164.81.167 - malware 151.101.52.209 185.205.210.106 208.95.112.1	6	1	9.4	M	14	ZeroCERT

64	2021-11-10 18:03	ServicedetailforDARevision.pdf e822e0070c7f84af44407fd2fdfee044 PDF								ZeroCERT

65	2021-11-10 18:29	ServicedetailforDARevision.pdf e822e0070c7f84af44407fd2fdfee044 PDF unpack itself Windows utilities Windows					1.4			ZeroCERT

66	2021-11-19 01:30	pdfdownload.msi 607606be215f1234c399ffb6c83861b3 Malicious Library MSOffice File								C0d3_22

67	2021-12-09 16:56	13253144463.pdf 11b4f71af56677c1715f738d2788d8e4 PDF Suspicious Link PDF unpack itself Windows utilities Windows					1.4			ZeroCERT

68	2021-12-09 16:58	13253144463.pdf 11b4f71af56677c1715f738d2788d8e4 PDF Suspicious Link PDF unpack itself Windows utilities Windows					1.4			ZeroCERT

69	2021-12-09 17:13	13253144463.pdf 11b4f71af56677c1715f738d2788d8e4 PDF Suspicious Link PDF unpack itself Windows utilities Windows					1.4			ZeroCERT

70	2021-12-09 17:25	13253144463.pdf 11b4f71af56677c1715f738d2788d8e4 PDF Suspicious Link PDF unpack itself Windows utilities Windows					1.4			ZeroCERT

71	2021-12-09 17:25	13253144463.pdf 11b4f71af56677c1715f738d2788d8e4 PDF Suspicious Link PDF								조광섭

72	2021-12-09 17:27	13253144463.pdf 11b4f71af56677c1715f738d2788d8e4 PDF Suspicious Link PDF								조광섭

73	2021-12-09 17:29	13253144463.pdf 11b4f71af56677c1715f738d2788d8e4 PDF Suspicious Link PDF								조광섭

74	2021-12-09 17:38	13253144463.pdf 11b4f71af56677c1715f738d2788d8e4 PDF Suspicious Link PDF AntiDebug AntiVM PNG Format JPEG Format MSOffice File Code Injection RWX flags setting exploit crash unpack itself Windows utilities suspicious TLD Tofsee Windows Exploit DNS crashed	2 Keyword trend analysis	24 Info www.google.com(172.217.161.36) clients2.googleusercontent.com(142.251.42.129) laborke.ru(104.21.22.142) - phishing fonts.googleapis.com(216.58.220.138) www.gstatic.com(142.250.196.131) accounts.google.com(216.58.220.109) _googlecast._tcp.local() fonts.gstatic.com(142.250.207.35) apis.google.com(142.251.42.174) apps.identrust.com(119.207.65.153) clientservices.googleapis.com(142.250.196.99) 142.250.204.35 142.250.207.67 172.217.24.100 172.217.161.161 142.250.66.109 23.206.175.43 142.250.66.142 23.59.72.9 142.250.204.110 172.67.205.79 - phishing 142.250.204.42 23.59.72.17 142.250.199.67	1		4.8	M		ZeroCERT

75	2021-12-31 08:48	Steven M. Bauer 12.14.2021 HSB... 456ea1c56c2ee35f5382ff71376ec45a PDF VirusTotal Malware					0.4		1	guest