Submissions

No Date Request Urls Hosts IDS Rule Score Zero VT Player Etc
1 2024-12-18 16:15 bo.js  

32254df5cf8de301c1266c7905a7b5a4


Generic Malware Antivirus PowerShell VirusTotal Malware suspicious privilege Check memory Checks debugger Creates shortcut unpack itself suspicious process WriteConsoleW Windows ComputerName Cryptographic key crashed
5.8 20 ZeroCERT

2 2024-12-16 19:23 EM.ps1  

8e04834cd195af2ca19b161e0216403a


Hide_EXE Generic Malware Antivirus Malicious Library Malicious Packer Confuser .NET PWS AntiDebug AntiVM BitCoin .NET EXE PE32 PE File VirusTotal Malware powershell Buffer PE suspicious privilege Code Injection Check memory Checks debugger buffers extracted Creates executable files unpack itself powershell.exe wrote AppData folder ComputerName
11.4 9 ZeroCERT

3 2024-12-16 18:40 xx.ps1  

f69b016d952adc017710ec876b525327


Hide_EXE Generic Malware Antivirus AntiDebug AntiVM FormBook Malware download VirusTotal Malware powershell Buffer PE Code Injection Check memory Checks debugger buffers extracted Creates executable files unpack itself powershell.exe wrote
3 3 1 10.0 25 ZeroCERT

4 2024-12-16 18:40 DON.ps1  

653067d2d3176ff5d92fb98c03cef517


Hide_EXE Generic Malware Antivirus VirusTotal Malware
0.6 15 ZeroCERT

5 2024-12-06 10:02 26.ps1  

6c7bb2eade7ae01218c2e33fc7d30d1f


Generic Malware Antivirus powershell unpack itself powershell.exe wrote Check virtual network interfaces Windows ComputerName Cryptographic key
2 1 3.2 ZeroCERT

6 2024-12-06 09:50 g8wt4y.ps1  

cec79015727b3bff0975cf827521069f


Hide_EXE Generic Malware Antivirus VirusTotal Malware Check memory unpack itself WriteConsoleW Windows Cryptographic key
1.8 23 ZeroCERT

7 2024-12-06 09:48 x75eie.ps1  

25e1952efb3a1a45146c028117fd923c


Hide_EXE Generic Malware Antivirus VirusTotal Malware Check memory unpack itself WriteConsoleW Windows Cryptographic key
1.6 15 ZeroCERT

8 2024-12-06 09:46 fff.ps1  

42fdb45fcd954470c11adb6c97a214b3


Generic Malware Antivirus VirusTotal Malware Check memory Creates executable files unpack itself Windows Cryptographic key
2.0 22 ZeroCERT

9 2024-12-06 09:44 Transfer-https.vbs  

e2f4a3c6e7570b4424089b24b059c9d0


Hide_EXE PE32 PE File VirusTotal Malware Creates executable files AppData folder DNS
1 7.6 40 ZeroCERT

10 2024-12-01 12:47 saw.bat  

887c821a48cf66c815f6dce4f8cb61d5


Generic Malware Downloader Antivirus Create Service Socket DGA Http API ScreenShot Escalate priviledges Steal credential PWS Sniff Audio HTTP DNS Code injection Internet API FTP KeyLogger P2P AntiDebug AntiVM MSOffice File VirusTotal Malware powershell suspicious privilege Code Injection Check memory Checks debugger buffers extracted Creates shortcut exploit crash unpack itself Windows utilities powershell.exe wrote suspicious process WriteConsoleW installed browsers check Tofsee Windows Exploit Browser ComputerName Cloudflare DNS Cryptographic key crashed
2 2 2 7.4 12 ZeroCERT

11 2024-12-01 02:27 dns.log  

09b081750dde8d0cebad84499db9fc11


ScreenShot Anti_VM AntiDebug AntiVM Check memory unpack itself
1.0 guest

12 2024-12-01 02:16 analyzer.log  

a6a4a1e82b1baedd0016891a8c19e817


ScreenShot AntiDebug AntiVM Check memory unpack itself
1.0 guest

13 2024-11-29 13:32 injector.ps1  

2e1cab692dcab564f7117dbb6cf6a165


Generic Malware Antivirus DLL PE32 PE File .NET DLL VirusTotal Malware Check memory Creates executable files unpack itself Windows utilities AppData folder WriteConsoleW Windows Cryptographic key
3.8 2 ZeroCERT

14 2024-11-27 12:36 Hyttegsten.bat  

3eb2c328550925d05ae2752a11941ef9


Generic Malware Downloader Antivirus Create Service Socket DGA Http API ScreenShot Escalate priviledges Steal credential PWS Sniff Audio HTTP DNS Code injection Internet API FTP KeyLogger P2P AntiDebug AntiVM powershell suspicious privilege Code Injection Check memory Checks debugger Creates shortcut unpack itself Windows utilities Check virtual network interfaces suspicious process WriteConsoleW Windows ComputerName Cryptographic key
1 5.4 guest

15 2024-11-27 12:36 Grundtvigsk.cmd  

63b3e6c2830edd0332ac2509ec420469


Generic Malware Downloader Antivirus Create Service Socket DGA Http API ScreenShot Escalate priviledges Steal credential PWS Sniff Audio HTTP DNS Code injection Internet API FTP KeyLogger P2P AntiDebug AntiVM powershell suspicious privilege Code Injection Check memory Checks debugger Creates shortcut unpack itself Windows utilities powershell.exe wrote Check virtual network interfaces suspicious process WriteConsoleW Windows ComputerName Cryptographic key
1 6.6 guest