Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Score	Zero	VT	Player
1	2023-07-26 14:36	wininit.exe 73bbb2587a15c2e32d469cb3abe192c9 NSIS UPX Malicious Library PE File PE32 DLL Check memory Creates executable files unpack itself AppData folder				2.0			ZeroCERT

2	2023-07-26 14:36	wininit.exe 614ef8a46ff7b0f353b6ce2540c30d8e NSIS UPX Malicious Library PE File PE32 DLL Check memory Creates executable files unpack itself AppData folder				2.0			ZeroCERT

3	2023-03-23 18:47	INV.exe d826f8c8edb9b4eea8ee18fa75572490 UPX Malicious Library PE32 PE File FormBook Malware download VirusTotal Malware suspicious privilege Malicious Traffic Check memory Creates executable files unpack itself suspicious TLD DNS	24 Keyword trend analysis Info http://www.gitmart.top/hubr/?QCFrH7=8LIoJqXtzQoTeM3tSIRjdvK/wvVoI+eZdkhCTWtrmHUI4YaQHcTCw+vN7fasUs/Q0cHIvjOlVkHozVI89gTByPzeHUA52gVSRwAL/jY=&RbcWz=XTYFdv http://www.kahinghk.com/hubr/?QCFrH7=KA2zyijBF8x3Kgke2P+iKCtl6t6cGVl80Cc65JTye6QbcFhOuDw4y56CfsJy2MXD5dQvnaW1nqx7b9Z6wt4S6QZG6sghwLw0rVDMOz0=&RbcWz=XTYFdv http://www.guochaochao.com/hubr/?QCFrH7=vfnS7kNQ7lGkZwLtMQL9ZqfKyBscb+bEwFm+1uJubApJ6Q5hDNwLUi92Ea3pDCl5aGqTGhnnOe/pMNEIN7harbO0q3jSNOA5A+i+70k=&RbcWz=XTYFdv http://www.kahinghk.com/hubr/ http://www.celestinshipping.org/hubr/ http://www.hbslwhcb.com/hubr/?QCFrH7=5E10n45PC8vNB5pZtNj2sXLK8uWSY44i7aDcSA40kUAwhBPRaI2LrW2xciaMt4VcY7NLJleQuynhqBK73YwksAZi1WQgViquW1DW70o=&RbcWz=XTYFdv http://www.guochaochao.com/hubr/ http://www.mtgu.net/hubr/?QCFrH7=BYsUt3owDFJM7GVfuQIWnXwMgDGHBsC/I/b9ZUSfYrqeSV4owQnpPIjIy5UP/vTtTt2F54HHRXV+MLyWN1XqqGr/sjv3aXZqNOI2ujY=&RbcWz=XTYFdv http://www.bankmobile.online/hubr/?QCFrH7=AqcQf51FHOgh7P9E+wpuxnHpBgBzwI/msQRQ0Dyz8q0S90nTnG8ByyoMHYn461jaf1OBwwUC6quuS4TuPkl+q34PRRmwUjUeIaKK3gY=&RbcWz=XTYFdv http://www.bankmobile.online/hubr/ http://www.auto-sparepart.com/hubr/?QCFrH7=shp9tHQK/I+jiDz9HZEHJbj1KzHSlPA6IKLbVtcuxb+Os6cPDAiYF95XnY/LnjHwM9ayWNJXkgFRKo9FtI2zAKU8dQudTiqe32jNO5U=&RbcWz=XTYFdv http://www.airductshopdk.com/hubr/?QCFrH7=IY6ZMgtXttJgF5cV0sWllCOUaHDATDBCnZNtq8QNvWCyBBYDnskeOxikfpX38PnG5T3Zxr6jgxyRUZdALpyeaupJP3sUL1Dl98sUeiQ=&RbcWz=XTYFdv http://www.hbslwhcb.com/hubr/ http://www.celestinshipping.org/hubr/?QCFrH7=Vfw1tXj75Mnbbr9waYgxlQ7QagSBA5wKBGGly+Su2Nf6tIgktwqqKgDHr8woq6O0Z5sp1IK/HWsht85Es+CPzw2fwmYXFsAsraj4FMw=&RbcWz=XTYFdv http://www.asonsrestaurantbar.co.uk/hubr/ http://www.callceylon-infinity.com/hubr/?QCFrH7=QGWktfIAtu18+t6NQORxBTtvzjo+nFqh7PlIya0sAjXty+UNsna0QAVZJMoUGZhtBucAVwHYc/82s4klU8XEeQDHowb765v/cfPxxLM=&RbcWz=XTYFdv http://www.betting.style/hubr/ http://www.betting.style/hubr/?QCFrH7=Igos4DvGYSTYudzWMt6YfvTMrgMRYd/c9vPdAr65R47dBdgzYQRIJWYhFBMjFdvBBv9IJDMtFMntT2Xn4QfH4WErd6ncw9Si7XBW0k4=&RbcWz=XTYFdv http://www.airductshopdk.com/hubr/ http://www.mtgu.net/hubr/ http://www.gitmart.top/hubr/ http://www.auto-sparepart.com/hubr/ http://www.asonsrestaurantbar.co.uk/hubr/?QCFrH7=LhIi+kEWCIVSy/fPx6ZU7zxwa0K9qbQ4Avh4ugI75RiAcqy+P9f/TzxibnAgVXMDuzt86sgVXJJMNA/faZ0hFKKpQbAodEvnYLncODA=&RbcWz=XTYFdv http://www.sqlite.org/2019/sqlite-dll-win32-x86-3270000.zip	25 Info www.mtgu.net(165.140.71.65) www.celestinshipping.org(74.220.199.6) www.guochaochao.com(23.27.78.200) www.asonsrestaurantbar.co.uk(63.141.242.43) www.auto-sparepart.com(13.248.243.5) www.kahinghk.com(148.66.54.130) www.hbslwhcb.com(103.146.179.136) www.betting.style(64.190.63.111) www.airductshopdk.com(23.228.123.194) www.bankmobile.online(185.104.28.238) www.callceylon-infinity.com(217.160.0.91) www.gitmart.top(199.192.28.110) 23.27.78.200 185.104.28.238 - mailcious 103.146.179.136 76.223.105.230 - mailcious 64.190.63.111 - mailcious 74.220.199.6 - mailcious 192.187.111.219 - mailcious 148.66.54.130 217.160.0.91 45.33.6.223 23.228.123.194 199.192.28.110 165.140.71.65	4	4.6	M	29	ZeroCERT

4	2023-01-28 23:42	INV.exe f5ba8cd2153faf89a84faceabd8c8a50 Malicious Library UPX PE32 PE File FormBook Malware download VirusTotal Malware suspicious privilege Malicious Traffic Check memory Creates executable files unpack itself DNS	18 Keyword trend analysis Info http://www.defituesday.com/gbhu/ http://www.bordain.website/gbhu/?dwq11ePF=Z0JOfegcJus8QT/ga7HhKsxVghDCE41qFhckdElZvPNE+U6wFU3FpNVOM7LfjIcK+KFXTjs52Dx2xmlkwnBEWQpZ+ijccONCTZsjAaQ=&YabdMo=eHFLyxLS9HiIq http://www.49138.net/gbhu/?dwq11ePF=WL2v/sGFsFIuAk53tX4v3ozaI9MekZ54iiHcVmD4RVE9irnVRUhCIdhzHcX9OStZFhWObZgZr940JPQfa5eUhFHz/csG7i5yqe9ZH20=&YabdMo=eHFLyxLS9HiIq http://www.bts-exhibition20.com/gbhu/?dwq11ePF=tpqPZatFSWftMZbuFeOnBOSwBNRYNC4bECF+5KuudrHZL+uj6SAhnLM79xl9TgWodfNUMHSE7zon0vuCBBc1ktEpBF17jxL0iiyPMLM=&YabdMo=eHFLyxLS9HiIq http://www.bobblehead8.com/gbhu/ http://www.adalexs.com/gbhu/?dwq11ePF=D1b/tXE1wqN7p4mfTi76DPsviRaFjnrtscBWiPbYkZ2JHeEtyHLUC4ibH92W8gaDc10nQ7RDCV1MC1LMji13NdslOWFcPJvVlGENFow=&YabdMo=eHFLyxLS9HiIq http://www.bobblehead8.com/gbhu/?dwq11ePF=meqTUx5kIEeA9O3K+DspA+9TJQ7rWtYm9pdGl178RL9fSiIP48l7cIqKAbR6uI16zGzDWzC2kHM4w1/jD5NrA8QTbIMv2qGMhL2x80Q=&YabdMo=eHFLyxLS9HiIq http://www.bordain.website/gbhu/ http://www.sqlite.org/2022/sqlite-dll-win32-x86-3390000.zip http://www.defituesday.com/gbhu/?dwq11ePF=K8gb+vg3lIj7mLsgY2s/Un2w4+nCuuuuWVhNes+vUVynttvh63W50QdwpB+jXhqV1vb6jBT4NlQZn884uDSkCA0C7jdkyYeP3Sv4iJE=&YabdMo=eHFLyxLS9HiIq http://www.govcintria.online/gbhu/ http://www.actualabaule.com/gbhu/?dwq11ePF=2pxLiO942t5FkFRjNHyAiMW5bHO63rkjCdflxXdQmiqtiPUBqVrUFlO8JTqg/bEqxMzFYZexGJrShELInTuzWAoQXV3U24qzi0sYkgA=&YabdMo=eHFLyxLS9HiIq http://www.govcintria.online/gbhu/?dwq11ePF=dVbA+IXcm1YuOJ1N0YfoPOUPspwoFrMI8eGyv/hTd7M6maCfXa3GNmu+O7MNTYOdhYiwJPdemCWc8/TOWhgps6HIHGnlIWhMsDwJ9t4=&YabdMo=eHFLyxLS9HiIq http://www.adalexs.com/gbhu/ http://www.actualabaule.com/gbhu/ http://www.dongshi88.com/gbhu/ http://www.49138.net/gbhu/ http://www.dongshi88.com/gbhu/?dwq11ePF=b1ijv7/tEC2PXjxDsbuxsXva2wZ3D1czsA+lhOYVJxZEUWwbEdFBMQFsyzcPw/mr8NXL74lT/Fd9q4Dp8JhY/9JDjuMN4js97XFbSws=&YabdMo=eHFLyxLS9HiIq	20 Info www.adalexs.com(66.112.211.168) - www.govcintria.online(2.57.90.16) - www.bordain.website(162.0.216.254) - www.defituesday.com(199.59.243.222) - www.dongshi88.com(211.149.132.144) - www.bts-exhibition20.com(199.59.243.222) - www.sqlite.org(45.33.6.223) - www.bobblehead8.com(66.96.147.160) - www.actualabaule.com(217.70.184.50) - www.49138.net(143.92.48.236) - 143.92.48.236 211.149.132.144 - 199.59.243.222 - mailcious 104.21.76.77 - 217.70.184.50 - 66.112.211.168 - 2.57.90.16 - 162.0.216.254 - 45.33.6.223 - 66.96.147.160 -	2	5.2		45	ZeroCERT

5	2023-01-26 10:47	vbc.exe 78e04840b1afd0c966a7ddaee7b67b5e Malicious Library UPX PE32 PE File OS Processor Check JPEG Format Browser Info Stealer Remcos VirusTotal Malware AutoRuns Malicious Traffic Check memory Checks debugger Creates executable files unpack itself AppData folder Windows Browser DNS keylogger	1 Keyword trend analysis	3	1	6.2	M	22	ZeroCERT

6	2022-12-29 09:40	Invoice_Payment.exe 9936ebad181a8b6f482c2eced5700dcb RAT UPX PE32 .NET EXE PE File VirusTotal Malware suspicious privilege Malicious Traffic Check memory Checks debugger unpack itself Windows utilities Check virtual network interfaces Windows Cryptographic key	1 Keyword trend analysis	2		6.0		26	ZeroCERT