Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Rule	Score	Zero	VT	Player
8866	2021-04-28 18:31	IMG_88134.exe 4d0b19cd29e6c8ce724607b85771de8d AsyncRAT backdoor Antivirus AntiDebug AntiVM PE File PE32 .NET EXE Browser Info Stealer FTP Client Info Stealer VirusTotal Malware powershell suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted Creates shortcut Creates executable files unpack itself Windows utilities Disables Windows Security Collect installed applications powershell.exe wrote Check virtual network interfaces suspicious process AppData folder sandbox evasion WriteConsoleW installed browsers check Tofsee Windows Browser ComputerName DNS Cryptographic key Software crashed	4 Keyword trend analysis Info http://ldvamlwhdpetnyn.ml/liverpool-fc-news/features/steven-gerrard-liverpool-future-dalglish--goal-935E964B23126C54BA3A2FFC8EA154CE.html - rule_id: 1176 http://ldvamlwhdpetnyn.ml/liverpool-fc-news/features/steven-gerrard-liverpool-future-dalglish--goal-258E48939AFC85C28CC3028886F4A492.html - rule_id: 1176 http://45.14.115.62:5405// https://api.ip.sb/geoip	5	3	2	18.2	M	17	ZeroCERT

8867	2021-04-28 11:11	FreeMaps.af75d672c26d4cc59fc74... 10e868b5ebf405fe2ca10e0552023d44 packer Gen2 OSCheck File format VirusTotal Malware Check memory Creates executable files unpack itself AppData folder sandbox evasion Tofsee DNS	3 Keyword trend analysis Info http://anx.mindspark.com/anx.gif?anxa=CAPDownloadProcess&anxe=Error&errorCode=-11&errorType=nsisError&errorDetails=File+Not+Found+%28404%29&platform=vicinio&anxv=2.7.1.3000&anxd=2018-10-23&coid=af75d672c26d4cc59fc74465083f473c&refPartner=^BXV^mni000^S29402&refSub=&anxl=en-US&anxr=2075128396&refCobrand=BXV&refCampaign=mni000&refTrack=S29402&refCountry= http://anx.mindspark.com/anx.gif?anxa=CAPDownloadProcess&anxe=Error&errorCode=-16&errorType=nsisError&errorDetails=af75d672c26d4cc59fc74465083f473c&platform=vicinio&anxv=2.7.1.3000&anxd=2018-10-23&coid=af75d672c26d4cc59fc74465083f473c&refPartner=^BXV^mni000^S29402&refSub=&anxl=en-US&anxr=2022722323&refCobrand=BXV&refCampaign=mni000&refTrack=S29402&refCountry= https://dp.tb.ask.com/installerParams.jhtml?coId=af75d672c26d4cc59fc74465083f473c	4	1		4.8		32	ZeroCERT

8868	2021-04-27 16:46	http://union.jctrip.cn/wp-incl... 8d7c388e144427e46654e1f1d75de590 AgentTesla Vulnerability VirusTotal Malware MachineGuid Code Injection Malicious Traffic RWX flags setting exploit crash unpack itself Windows utilities malicious URLs Tofsee Windows Exploit DNS crashed	2 Keyword trend analysis	10	1		8.2	M		guest

8869	2021-04-27 16:45	https://xixaoclothing.com/wp-a... 8d7c388e144427e46654e1f1d75de590 AgentTesla VirusTotal Malware Code Injection RWX flags setting exploit crash unpack itself Windows utilities malicious URLs Tofsee Windows Exploit DNS crashed		2	2		4.6			guest

8870	2021-04-27 09:14	JNhUwWi6.html 1f76d9e2358dcba1670b35ce61d7bd96 Antivirus VirusTotal Malware powershell suspicious privilege MachineGuid Code Injection Check memory Checks debugger Creates shortcut unpack itself Windows utilities powershell.exe wrote Check virtual network interfaces suspicious process Tofsee Windows ComputerName DNS Cryptographic key	1 Keyword trend analysis	2	1		8.4		7	guest

8871	2021-04-27 09:13	JNhUwWi6 1f76d9e2358dcba1670b35ce61d7bd96 Antivirus VirusTotal Malware powershell suspicious privilege MachineGuid Code Injection Check memory Checks debugger Creates shortcut unpack itself Windows utilities powershell.exe wrote Check virtual network interfaces suspicious process Tofsee Windows ComputerName Cryptographic key	1 Keyword trend analysis	2	1		7.8		7	ZeroCERT

8872	2021-04-27 08:05	https://p8hj.blogspot.com/p/44... 5b0175dd30bd407af2915d017f1f4e90 Antivirus VirusTotal Malware Code Injection Creates executable files RWX flags setting exploit crash unpack itself Windows utilities Tofsee Windows Exploit DNS crashed	27 Keyword trend analysis Info https://resources.blogblog.com/blogblog/data/1kt/simple/gradients_light.png https://p8hj.blogspot.com/favicon.ico https://resources.blogblog.com/blogblog/data/1kt/simple/body_gradient_tile_light.png https://fonts.googleapis.com/css?family=Open+Sans:300 https://www.blogger.com/static/v1/widgets/1564291244-widgets.js https://ssl.gstatic.com/gb/images/p1_c9bc74a1.png https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmWUlfBBc-.woff https://www.google-analytics.com/analytics.js https://www.blogger.com/static/v1/v-css/281434096-static_pages.css https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxM.woff https://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UN_r8OUuhv.woff https://accounts.google.com/ServiceLogin?continue=https://www.blogger.com/blogin.g?blogspotURL%3Dhttps://p8hj.blogspot.com/p/44.html%26type%3Dblog%26bpli%3D1&followup=https://www.blogger.com/blogin.g?blogspotURL%3Dhttps://p8hj.blogspot.com/p/44.html%26type%3Dblog%26bpli%3D1&passive=true&go=true https://www.google.com/css/maia.css https://www.gstatic.com/images/branding/googlelogo/svg/googlelogo_clr_74x24px.svg https://fonts.googleapis.com/css?lang=ko&family=Product+Sans\|Roboto:400,700 https://www.blogger.com/img/blogger-logotype-color-black-1x.png https://www.blogger.com/dyn-css/authorization.css?targetBlogID=3922155243674983324&zx=8a61e2f3-37c8-4d3a-8fe4-f6b29f03e618 https://www.blogger.com/static/v1/jsbin/3101730221-analytics_autotrack.js https://www.blogger.com/blogin.g?blogspotURL=https://p8hj.blogspot.com/p/44.html&type=blog https://www.gstatic.com/og/_/js/k=og.qtm.en_US.3gGou_DPQGQ.O/rt=j/m=q_d,qawd,qmd,qsd,qmutsd,qapid/exm=qaaw,qabr,qadd,qaid,qalo,qebr,qein,qhaw,qhbr,qhch,qhga,qhid,qhin,qhlo,qhmn,qhpc,qhpr,qhsf,qhtt/d=1/ed=1/rs=AA2YrTuZTrLZ4SHM1gfcCFFxdZIZ-5oj0Q https://www.blogger.com/blogin.g?blogspotURL=https%3A%2F%2Fp8hj.blogspot.com%2Fp%2F44.html&type=blog&bpli=1 https://www.blogger.com/static/v1/jsbin/1277698886-ieretrofit.js https://apis.google.com/_/scs/abc-static/_/js/k=gapi.gapi.en.jcYff4gdSOQ.O/m=gapi_iframes,googleapis_client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_CvAHQybwQAZJQL2tdeysMj0HgHw/cb=gapi.loaded_0 https://www.blogger.com/static/v1/widgets/115981500-css_bundle_v2.css https://resources.blogblog.com/img/icon18_wrench_allbkg.png https://p8hj.blogspot.com/p/44.html https://www.gstatic.com/og/_/ss/k=og.qtm.IkH5OKdqKO4.L.I9.O/m=qawd,qmd/excm=qaaw,qabr,qadd,qaid,qalo,qebr,qein,qhaw,qhbr,qhch,qhga,qhid,qhin,qhlo,qhmn,qhpc,qhpr,qhsf,qhtt/d=1/ed=1/ct=zgms/rs=AA2YrTt8q6VIKYZCBV2SKDFkL7YCc5evsA	22 Info fonts.googleapis.com(172.217.26.42) resources.blogblog.com(216.58.220.105) www.google.com(142.250.196.132) www.gstatic.com(142.250.196.99) ssl.gstatic.com(172.217.174.99) accounts.google.com(216.58.197.173) www.google-analytics.com(172.217.25.238) fonts.gstatic.com(216.58.220.131) apis.google.com(172.217.26.46) p8hj.blogspot.com(172.217.25.97) www.blogger.com(216.58.220.105) 142.250.204.141 216.58.199.1 172.217.161.142 172.217.24.78 172.217.161.138 216.58.200.73 142.250.204.68 172.217.174.195 142.250.66.73 142.250.66.67 142.250.204.67	2		4.6			ZeroCERT

8873	2021-04-26 18:27	IMG_5023075401.pdf 427e21ef958ea63e6a12ce4d8d5a3e55 AgentTesla KeyBase Keylogger Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted unpack itself Check virtual network interfaces malicious URLs IP Check Tofsee Windows Browser Email ComputerName DNS Cryptographic key DDNS Software crashed	2 Keyword trend analysis	5	4		13.4	M	16	ZeroCERT

8874	2021-04-26 18:12	IMG_608943011.pdf 5f0e74e8c039c771ec8c2fa77981c7dd AgentTesla KeyBase Keylogger Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted unpack itself Check virtual network interfaces malicious URLs IP Check Tofsee Windows Browser Email ComputerName DNS Cryptographic key DDNS Software crashed	2 Keyword trend analysis	4	4		13.4		14	ZeroCERT

8875	2021-04-26 18:00	file 45a0cfbd6749929ebd451bd5a04120e4 Code Injection Creates executable files ICMP traffic RWX flags setting exploit crash unpack itself Windows utilities Tofsee Windows Exploit DNS crashed	9 Keyword trend analysis Info https://www.googletagmanager.com/gtag/js?id=UA-829541-1 https://www.googletagmanager.com/gtm.js?id=GTM-53LP4T https://www.aaxdetect.com/pxext.gif https://c.aaxads.com/aax.js?pub=AAX3221EY&hst=&ver=1.2 https://www.google-analytics.com/plugins/ua/ec.js https://c.aaxads.com/pxusr.gif https://cdn.otnolatrnup.com/Scripts/infinity.js.aspx?guid=5ff0fb62-0643-4ff1-aaee-c737f9ffc0e0 https://www.google-analytics.com/analytics.js https://l3.aaxads.com/log?___stu13p=aveoaamactga5dnnuee25ti2rm86bcrodqacb&lwbsh=AAX&dewh=SSP_CLIENT_control&dgeg=0&dgw=desktop&flg=AAX3221EY&fw=YONGDONG&ff=KR&xjg=4&dss=0&skw=899&slg=8PR6YK195&gq=&vhuyqdph=rtb-nv-dcos-ssp-10-6-46-228-14293&vg=-1&vyu=042211_229_042211_95_ssp&vf=&yhuvlrq=4&yk=899&yz=1365&yvlg=&ylg=00001619427471141029496787422051&vvsDeExfnhw=CONTROL&qsd=0&oz=0&gdss=green&uwbsh=&jgsu_hqi=1&fvha=0&jgivwu=&jgsu=0&fvvwu=&wfi_fps=&wfi_vwdwxv=&wfi_sus=&vxf=0&xvs_hqi=1&xvs_vwdwxv=0&xvs_ogi=&xvs_vwulqj=&xifd=-1&frssd_vwdwxv=&frssd_dssolhg=&jixqgo=1600&jwg=100&lqlg=&qjixqgo=1700&ugo=800&lg_ghwdlov=°=2&gvwduw=138&ghqg=420&sf=&uhtxuo=file%3A%2F%2F%2FC%3A%2FUsers%2Ftest22%2FAppData%2FLocal%2FTemp%2Ffile.html&nzui=	17 Info www.googletagmanager.com(142.250.196.104) www.aaxdetect.com(104.75.34.8) c.aaxads.com(104.75.22.243) translate.google.com(172.217.26.46) cdn.otnolatrnup.com(104.19.214.37) l3.aaxads.com(104.75.22.243) static.mediafire.com(104.16.202.237) www.google-analytics.com(216.58.197.174) 104.19.215.37 142.250.66.110 104.16.203.237 - mailcious 142.250.204.142 216.58.197.110 104.75.34.8 104.75.22.243 142.250.204.72 104.16.202.237 - mailcious	2		6.6			ZeroCERT

8876	2021-04-26 09:36	"http://5.79.75.210/0beU0RimJU... Malware Code Injection Malicious Traffic RWX flags setting exploit crash unpack itself Windows utilities Tofsee Windows Exploit DNS crashed		1	2		4.2	M		guest

8877	2021-04-26 09:24	apps.exe cd155fbcc108d054d747ab4514f3cfd6 VirusTotal Malware Code Injection buffers extracted Creates executable files RWX flags setting exploit crash unpack itself Windows utilities suspicious TLD Tofsee Windows Exploit DNS crashed	46 Keyword trend analysis Info https://exws.ru/css/themify-icons.css https://fonts.googleapis.com/css?family=Open+Sans:300,400,600%7CPoppins:300,400,500,600&subset=cyrillic https://exws.ru/downloads/js/vendor/isotope.pkgd.min.js https://exws.ru/downloads/js/main.js https://exws.ru/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js https://mc.yandex.ru/watch/36586115/1?callback=_ymjsp776041626&page-url=https%3A%2F%2Fexws.ru%2Fdownloads%2Fusercp.php%3Fmsg%3D%C3%90%C2%A2%C3%91%E2%82%AC%C3%90%C2%B5%C3%90%C2%B1%C3%91%C6%92%C3%90%C2%B5%C3%91%E2%80%9A%C3%91%C2%81%C3%91%C2%8F%2520%C3%90%C2%B0%C3%90%C2%B2%C3%91%E2%80%9A%C3%90%C2%BE%C3%91%E2%82%AC%C3%90%C2%B8%C3%90%C2%B7%C3%90%C2%B0%C3%91%E2%80%A0%C3%90%C2%B8%C3%91%C2%8F%3A&charset=utf-8&browser-info=nb%3A1%3Acl%3A754%3Aar%3A1%3Agdpr%3A14%3Avf%3A5gv0p5rfuji4o8hq%3Afu%3A0%3Aen%3Autf-8%3Ala%3Ako%3Av%3A502%3Acn%3A1%3Adp%3A0%3Als%3A453733073728%3Ahid%3A839055131%3Az%3A540%3Ai%3A20210426175915%3Aet%3A1619427555%3Ac%3A1%3Arn%3A620849982%3Arqn%3A2%3Au%3A1619427536570725093%3Aw%3A1211x841%3As%3A1365x1024x24%3Aj%3A1%3Ans%3A1619427526687%3Ads%3A%2C%2C%2C%2C%2C%2C%2C%2C6%2C13572%2C13636%2C3%2C13566%3Awv%3A2%3Arqnl%3A1%3Ati%3A3%3Ast%3A1619427555&wmode=5 https://exws.ru/downloads/js/jquery.ajaxchimp.min.js https://exws.ru/images/logotype/logo-white.png https://mc.yandex.ru/metrika/advert.gif https://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UNirkOVuhv.woff https://exws.ru/downloads/ https://exws.ru/images/logotype/logo-dark.png https://fonts.gstatic.com/s/poppins/v15/pxiByp8kv8JHgFVrLDz8Z1xlEw.woff https://exws.ru/downloads/js/vendor/jquery-2.2.0.min.js https://exws.ru/favicon.ico https://use.fontawesome.com/releases/v5.0.6/js/all.js https://fonts.gstatic.com/s/opensans/v18/mem8YaGs126MiZpBA-UFUZ0d.woff https://exws.ru/downloads/js/style.changer.js https://exws.ru/css/sparkicons.css https://exws.ru/downloads/js/placeholder.js https://mc.yandex.ru/watch/36586115?callback=_ymjsp696528223&page-url=https%3A%2F%2Fexws.ru%2Fdownloads%2Fusercp.php%3Fmsg%3D%C3%90%C2%A2%C3%91%E2%82%AC%C3%90%C2%B5%C3%90%C2%B1%C3%91%C6%92%C3%90%C2%B5%C3%91%E2%80%9A%C3%91%C2%81%C3%91%C2%8F%2520%C3%90%C2%B0%C3%90%C2%B2%C3%91%E2%80%9A%C3%90%C2%BE%C3%91%E2%82%AC%C3%90%C2%B8%C3%90%C2%B7%C3%90%C2%B0%C3%91%E2%80%A0%C3%90%C2%B8%C3%91%C2%8F%3A&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A5gv0p5rfuji4o8hq%3Afp%3A6737%3Afu%3A0%3Aen%3Autf-8%3Ala%3Ako%3Av%3A502%3Acn%3A1%3Adp%3A0%3Als%3A453733073728%3Ahid%3A839055131%3Az%3A540%3Ai%3A20210426175855%3Aet%3A1619427536%3Ac%3A1%3Arn%3A611767612%3Arqn%3A1%3Au%3A1619427536570725093%3Aw%3A1211x841%3As%3A1365x1024x24%3Aj%3A1%3Ans%3A1619427526687%3Ads%3A0%2C0%2C0%2C3%2C1%2C1%2C1%2C22%2C%2C%2C%2C%2C%3Awv%3A2%3Arqnl%3A1%3Ati%3A3%3Ast%3A1619427536%3At%3AEXWS.RU%20-%20%D0%A6%D0%B5%D0%BD%D1%82%D1%80%20%D0%B7%D0%B0%D0%B3%D1%80%D1%83%D0%B7%D0%BE%D0%BA%20%D0%B8%20%D0%BE%D0%B1%D0%BD%D0%BE%D0%B2%D0%BB%D0%B5%D0%BD%D0%B8%D0%B9&wmode=5 https://exws.ru/downloads/templates/default/default.css https://exws.ru/css/et-line.css https://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UN_r8OVuhv.woff https://mc.yandex.ru/watch/36586115?callback=_ymjsp776041626&page-url=https%3A%2F%2Fexws.ru%2Fdownloads%2Fusercp.php%3Fmsg%3D%C3%90%C2%A2%C3%91%E2%82%AC%C3%90%C2%B5%C3%90%C2%B1%C3%91%C6%92%C3%90%C2%B5%C3%91%E2%80%9A%C3%91%C2%81%C3%91%C2%8F%2520%C3%90%C2%B0%C3%90%C2%B2%C3%91%E2%80%9A%C3%90%C2%BE%C3%91%E2%82%AC%C3%90%C2%B8%C3%90%C2%B7%C3%90%C2%B0%C3%91%E2%80%A0%C3%90%C2%B8%C3%91%C2%8F%3A&charset=utf-8&browser-info=nb%3A1%3Acl%3A754%3Aar%3A1%3Agdpr%3A14%3Avf%3A5gv0p5rfuji4o8hq%3Afu%3A0%3Aen%3Autf-8%3Ala%3Ako%3Av%3A502%3Acn%3A1%3Adp%3A0%3Als%3A453733073728%3Ahid%3A839055131%3Az%3A540%3Ai%3A20210426175915%3Aet%3A1619427555%3Ac%3A1%3Arn%3A620849982%3Arqn%3A2%3Au%3A1619427536570725093%3Aw%3A1211x841%3As%3A1365x1024x24%3Aj%3A1%3Ans%3A1619427526687%3Ads%3A%2C%2C%2C%2C%2C%2C%2C%2C6%2C13572%2C13636%2C3%2C13566%3Awv%3A2%3Arqnl%3A1%3Ati%3A3%3Ast%3A1619427555&wmode=5 https://www.free-kassa.ru/img/fk_btn/16.png https://fonts.gstatic.com/s/poppins/v15/pxiByp8kv8JHgFVrLEj6Z1xlEw.woff https://exws.ru/downloads/js/jquery.magnific-popup.min.js https://exws.ru/downloads/usercp.php?msg=Требуется%20авторизация: https://exws.ru/css/bootstrap.min.css https://mc.yandex.ru/watch/36586115/1?callback=_ymjsp696528223&page-url=https%3A%2F%2Fexws.ru%2Fdownloads%2Fusercp.php%3Fmsg%3D%C3%90%C2%A2%C3%91%E2%82%AC%C3%90%C2%B5%C3%90%C2%B1%C3%91%C6%92%C3%90%C2%B5%C3%91%E2%80%9A%C3%91%C2%81%C3%91%C2%8F%2520%C3%90%C2%B0%C3%90%C2%B2%C3%91%E2%80%9A%C3%90%C2%BE%C3%91%E2%82%AC%C3%90%C2%B8%C3%90%C2%B7%C3%90%C2%B0%C3%91%E2%80%A0%C3%90%C2%B8%C3%91%C2%8F%3A&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A5gv0p5rfuji4o8hq%3Afp%3A6737%3Afu%3A0%3Aen%3Autf-8%3Ala%3Ako%3Av%3A502%3Acn%3A1%3Adp%3A0%3Als%3A453733073728%3Ahid%3A839055131%3Az%3A540%3Ai%3A20210426175855%3Aet%3A1619427536%3Ac%3A1%3Arn%3A611767612%3Arqn%3A1%3Au%3A1619427536570725093%3Aw%3A1211x841%3As%3A1365x1024x24%3Aj%3A1%3Ans%3A1619427526687%3Ads%3A0%2C0%2C0%2C3%2C1%2C1%2C1%2C22%2C%2C%2C%2C%2C%3Awv%3A2%3Arqnl%3A1%3Ati%3A3%3Ast%3A1619427536%3At%3AEXWS.RU%20-%20%D0%A6%D0%B5%D0%BD%D1%82%D1%80%20%D0%B7%D0%B0%D0%B3%D1%80%D1%83%D0%B7%D0%BE%D0%BA%20%D0%B8%20%D0%BE%D0%B1%D0%BD%D0%BE%D0%B2%D0%BB%D0%B5%D0%BD%D0%B8%D0%B9&wmode=5 https://exws.ru/downloads/js/smoothscroll.js https://exws.ru/downloads/js/owl.carousel.min.js https://exws.ru/css/owl.carousel.css https://mc.yandex.ru/metrika/tag.js https://fonts.gstatic.com/s/poppins/v15/pxiEyp8kv8JHgFVrJJfedA.woff https://exws.ru/css/magnific-popup.css https://exws.ru/css/style.css https://exws.ru/fonts/sparkicons.eot@wwjpvu https://exws.ru/images/screen/launcher.png https://informer.yandex.ru/informer/36586115/3_0_202020FF_000000FF_1_pageviews https://exws.ru/downloads/js/plugins.js https://exws.ru/downloads/login.php https://www.webmoney.ru/img/icons/88x31_wm_white_blue.png https://fonts.gstatic.com/s/poppins/v15/pxiByp8kv8JHgFVrLGT9Z1xlEw.woff https://exws.ru/fonts/et-line.eot@	16 Info exws.ru(104.21.55.21) informer.yandex.ru(93.158.134.119) fonts.googleapis.com(172.217.26.42) use.fontawesome.com(23.111.9.35) fonts.gstatic.com(216.58.220.131) www.webmoney.ru(145.239.95.188) www.free-kassa.ru(104.22.18.208) mc.yandex.ru(93.158.134.119) 23.111.9.35 87.250.250.119 104.22.18.208 87.250.251.119 51.254.201.70 142.250.204.42 216.58.220.195 104.21.55.21	1		6.4		14	ZeroCERT

8878	2021-04-24 20:55	info-33549970.xlsm effeb6845cee0ab05c452d39f9e5382d VirusTotal Malware Check memory unpack itself Tofsee crashed		4	2		3.2		5	ZeroCERT

8879	2021-04-24 18:22	documents-633524133.xlsm a14c32fc53b0c42e12a563838d67526b VirusTotal Malware Check memory unpack itself Tofsee crashed		4	2		3.2		4	ZeroCERT

8880	2021-04-24 18:22	documents-627949424.xlsm 16a1eca6fb8eb48e67bcfe30beb28dca VirusTotal Malware Check memory unpack itself Tofsee DNS crashed		4	2		3.8		4	ZeroCERT