Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Score	Zero	VT	Player
1396	2024-06-12 17:05	jquery.min.js 41ce2a4359cc224772c6e32eae0a6013 VirusTotal Malware crashed				1.2		37	r0d

1397	2024-06-14 17:49	tes.ps1 bfb1332339eda5252ef18e4a877bccba Generic Malware Antivirus unpack itself Windows Cryptographic key				0.6			ZeroCERT

1398	2024-06-17 09:26	bas.bat e3dd1f8ee9c65b8c514003384a81a3c9 Generic Malware Downloader Antivirus Create Service Socket DGA Http API ScreenShot Escalate priviledges Steal credential PWS Sniff Audio HTTP DNS Code injection Internet API FTP KeyLogger P2P AntiDebug AntiVM MSOffice File PNG Format JPEG Format VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger buffers extracted Creates shortcut RWX flags setting exploit crash unpack itself Windows utilities suspicious process WriteConsoleW Windows Exploit ComputerName Cloudflare DNS Cryptographic key crashed	3 Keyword trend analysis	1	1	7.6		10	ZeroCERT

1399	2024-06-17 09:26	lib.php.ps1 ec1b518541228072eb75463ce15c7bce Generic Malware Antivirus VirusTotal Malware Check memory unpack itself WriteConsoleW Windows Cryptographic key				2.0		31	ZeroCERT

1400	2024-06-17 09:28	oldbas.bat c7b0fc36d7fd3a1accb4f8d85f78ac96 Generic Malware Downloader Antivirus Create Service Socket DGA Http API ScreenShot Escalate priviledges Steal credential PWS Sniff Audio HTTP DNS Code injection Internet API FTP KeyLogger P2P AntiDebug AntiVM PNG Format MSOffice File JPEG Format VirusTotal Malware powershell suspicious privilege Code Injection Check memory Checks debugger buffers extracted Creates shortcut RWX flags setting exploit crash unpack itself Windows utilities powershell.exe wrote suspicious process WriteConsoleW Windows Exploit ComputerName Cloudflare DNS Cryptographic key crashed	3 Keyword trend analysis	1	1	7.6		11	ZeroCERT

1401	2024-06-17 09:31	lib.php_1.ps1 f05991652398406655a6a5eebe3e5f3a Generic Malware Antivirus VirusTotal Malware Check memory unpack itself WriteConsoleW Windows Cryptographic key				1.8	M	27	ZeroCERT

1402	2024-06-17 09:35	tmp.vbs 18f1dab32aa01d481ca68568f7278f89 crashed				0.2			ZeroCERT

1403	2024-06-18 09:32	54776tth.txt.vbs 0078fb0a4ff7e963ec03876cce667746 Generic Malware Antivirus PowerShell VirusTotal Malware powershell suspicious privilege Check memory Checks debugger Creates shortcut unpack itself suspicious process WriteConsoleW Windows ComputerName Cryptographic key	1 Keyword trend analysis			5.8		8	ZeroCERT

1404	2024-06-18 09:35	dmi.txt.vbs 7e4e5ec429a0738c15593112bcf50406 Generic Malware Antivirus PowerShell VirusTotal Malware powershell suspicious privilege Check memory Checks debugger Creates shortcut unpack itself suspicious process WriteConsoleW Windows ComputerName Cryptographic key	1 Keyword trend analysis			5.8		8	ZeroCERT

1405	2024-06-19 09:34	lamda.cmd c348551fa8fea00106049dd9ff8c07c0 Generic Malware Downloader Antivirus Create Service Socket DGA Http API ScreenShot Escalate priviledges Steal credential PWS Sniff Audio HTTP DNS Code injection Internet API FTP KeyLogger P2P AntiDebug AntiVM VirusTotal Malware powershell AutoRuns suspicious privilege Check memory Checks debugger heapspray Creates shortcut unpack itself Windows utilities powershell.exe wrote suspicious process WriteConsoleW Windows ComputerName Cryptographic key	8 Keyword trend analysis Info http://80.76.49.148/LgGFdDAm2/AntiVirus.exe http://80.76.49.148/LgGFdDAm2/AntiVirus2.exe http://80.76.49.148/LgGFdDAm2/AntiVirus3.exe http://80.76.49.148/LgGFdDAm2/AntiVirus4.exe http://80.76.49.148/LgGFdDAm2/MicrosoftNetwork.exe http://80.76.49.148/LgGFdDAm2/MicrosoftRegistry.exe http://80.76.49.148/LgGFdDAm2/MicrosoftSecurity.exe http://80.76.49.148/LgGFdDAm2/MicrosoftValidator.exe			5.8		12	ZeroCERT

1406	2024-06-19 09:36	lamda.cmd 7aad5e78aa5e3c4c1fd5da339379185e Generic Malware Downloader Antivirus Create Service Socket DGA Http API ScreenShot Escalate priviledges Steal credential PWS Sniff Audio HTTP DNS Code injection Internet API FTP KeyLogger P2P AntiDebug AntiVM VirusTotal Malware suspicious privilege Check memory Checks debugger Creates shortcut unpack itself suspicious process WriteConsoleW Windows ComputerName Cryptographic key				3.8		20	ZeroCERT

1407	2024-06-19 09:47	lamda.cmd 1220872b5a60851b40457bfa168f34f2 Generic Malware Downloader Antivirus Create Service Socket DGA Http API ScreenShot Escalate priviledges Steal credential PWS Sniff Audio HTTP DNS Code injection Internet API FTP KeyLogger P2P AntiDebug AntiVM VirusTotal Malware powershell suspicious privilege Check memory Checks debugger heapspray Creates shortcut unpack itself suspicious process WriteConsoleW Windows ComputerName Cryptographic key	6 Keyword trend analysis			4.2	M	11	ZeroCERT

1408	2024-06-19 09:53	lamda1.cmd 34961215950869251baa1879d161a90d Generic Malware Downloader Antivirus Create Service Socket DGA Http API ScreenShot Escalate priviledges Steal credential PWS Sniff Audio HTTP DNS Code injection Internet API FTP KeyLogger P2P AntiDebug AntiVM VirusTotal Malware powershell suspicious privilege Check memory Checks debugger Creates shortcut unpack itself powershell.exe wrote suspicious process WriteConsoleW Windows ComputerName Cryptographic key	2 Keyword trend analysis			4.2	M	18	ZeroCERT

1409	2024-06-19 13:36	adobex.js 52251be9db3c249a21b437db2186a21c VirusTotal Malware VBScript wscript.exe payload download ICMP traffic Dropper	1 Keyword trend analysis	2		10.0		21	ZeroCERT

1410	2024-06-19 13:36	vc.txt.vbs f6f5a4cce34ca5129908c36df08d4f1a Generic Malware Antivirus PowerShell VirusTotal Malware powershell suspicious privilege Check memory Checks debugger Creates shortcut unpack itself suspicious process WriteConsoleW Windows ComputerName Cryptographic key crashed	1 Keyword trend analysis			6.0	M	8	ZeroCERT