Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Score	VT	Player
15076	2021-11-07 10:44	1.dotm 8299c65b3c9e10900aaedf20da44cea6 VBA_macro AntiDebug AntiVM Word 2007 file format(docx) VirusTotal Malware Code Injection RWX flags setting unpack itself DNS		1		7.4	33	ZeroCERT

15077	2021-11-07 10:47	姓氏名字.docx ffeb8e4150061e66092e9bbb513167f7 Word 2007 file format(docx) VirusTotal Malware Microsoft MachineGuid Check memory RWX flags setting unpack itself GameoverP2P Zeus ComputerName Trojan Banking	2 Keyword trend analysis	2	1	5.0	15	ZeroCERT

15078	2021-11-07 17:19	205.exe 64f0b1471c1d2b101f1ffec664b8397d Emotet NPKI Malicious Library UPX Anti_VM PE File PE32 OS Processor Check VirusTotal Malware AutoRuns PDB Checks debugger Windows utilities AntiVM_Disk VM Disk Size Check Windows Remote Code Execution				3.0	16	ZeroCERT

15079	2021-11-07 17:21	210.exe cf3fa87cfc679bddbfb4ec26b06e7f7d RAT Generic Malware Malicious Packer Malicious Library UPX ASPack Antivirus AntiDebug AntiVM PE File PE32 .NET EXE Browser Info Stealer FTP Client Info Stealer VirusTotal Malware powershell AutoRuns PDB suspicious privilege Code Injection Check memory Checks debugger buffers extracted Creates shortcut Creates executable files unpack itself Windows utilities Disables Windows Security Collect installed applications powershell.exe wrote suspicious process AppData folder sandbox evasion WriteConsoleW installed browsers check Windows Browser ComputerName DNS Cryptographic key Software crashed		1		18.8	14	ZeroCERT

15080	2021-11-07 17:22	209.exe 36a105b034d6e44c24b1fada32c9e0c8 Themida Packer Admin Tool (Sysinternals etc ...) PE File PE32 VirusTotal Malware unpack itself Checks Bios Detects VirtualBox Detects VMWare VMware anti-virtualization Windows Firmware crashed				5.2	38	ZeroCERT

15081	2021-11-08 10:00	209.exe 36a105b034d6e44c24b1fada32c9e0c8 Themida Packer Admin Tool (Sysinternals etc ...) PE File PE32 VirusTotal Malware unpack itself Checks Bios Detects VirtualBox Detects VMWare VMware anti-virtualization Windows Firmware crashed				5.2	39	guest

15082	2021-11-08 10:56	gTiBAFGxjBXmnkn.mp3 e44025fdc31cdce162ed7573b6c501f5 Malicious Library PE File PE32 DLL VirusTotal Malware unpack itself crashed				2.2	44	guest

15083	2021-11-08 11:13	gTiBAFGxjBXmnkn.mp3 e44025fdc31cdce162ed7573b6c501f5 Malicious Library PE File PE32 DLL VirusTotal Malware unpack itself crashed				2.2	44	guest

15084	2021-11-08 11:16	gTiBAFGxjBXmnkn.mp3 e44025fdc31cdce162ed7573b6c501f5 Malicious Library PE File PE32 DLL VirusTotal Malware unpack itself crashed				2.2	44	guest

15085	2021-11-08 11:17	gTiBAFGxjBXmnkn.mp3 e44025fdc31cdce162ed7573b6c501f5 Malicious Library PE File PE32 DLL VirusTotal Malware unpack itself crashed				2.2	44	guest

15086	2021-11-08 11:19	gTiBAFGxjBXmnkn.mp3 e44025fdc31cdce162ed7573b6c501f5 Malicious Library PE File PE32 DLL VirusTotal Malware unpack itself crashed				2.2	44	guest

15087	2021-11-08 12:24	cwwwwww.exe 72967ea5d0c15c53f0d92b00f5638215 RAT PWS .NET framework Generic Malware UPX PE File OS Processor Check PE32 .NET EXE Browser Info Stealer FTP Client Info Stealer VirusTotal Malware suspicious privilege Check memory Checks debugger buffers extracted unpack itself Collect installed applications installed browsers check Windows Browser ComputerName DNS Cryptographic key Software crashed		1		5.8	29	ZeroCERT

15088	2021-11-08 12:25	3613_1636286721_5720.exe fc0fc8c35a5808938bc23e31937ff028 RAT PWS .NET framework Generic Malware Antivirus AntiDebug AntiVM PE File PE32 .NET EXE Browser Info Stealer VirusTotal Malware powershell suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted Creates shortcut ICMP traffic unpack itself Windows utilities Collect installed applications powershell.exe wrote Check virtual network interfaces suspicious process WriteConsoleW installed browsers check Tofsee Windows Browser ComputerName DNS Cryptographic key crashed	2 Keyword trend analysis Info https://bbuseruploads.s3.amazonaws.com/dd8f3efb-aea4-4888-a2bc-db69074fc43e/downloads/119951ca-7c8e-4d95-b51f-61fadc093c31/staring.jpg?Signature=43Ph6WHOk0HRvhGlAutHLQZ0fck%3D&Expires=1636343319&AWSAccessKeyId=AKIA6KOSE3BNJRRFUUX6&versionId=7voAXZQSELk6cuYYOiZPoMRibHpYCAvb&response-content-disposition=attachment%3B%20filename%3D%22staring.jpg%22 https://bitbucket.org/setupfx1/software/downloads/staring.jpg	7	1	16.0	26	ZeroCERT

15089	2021-11-08 12:26	pafile.exe ba4f475636064002f09563282879f2a4 Malicious Library UPX PE File OS Processor Check PE32 PDB unpack itself				1.4		ZeroCERT

15090	2021-11-08 12:26	rEfOrwLjKsjDPIY.exe 14d4beb54745916a2798817a6e422f65 RAT BitCoin Generic Malware UPX AntiDebug AntiVM PE File PE32 .NET EXE Browser Info Stealer FTP Client Info Stealer VirusTotal Malware suspicious privilege MachineGuid Code Injection Malicious Traffic Check memory Checks debugger buffers extracted WMI unpack itself Collect installed applications Check virtual network interfaces installed browsers check Tofsee Windows Browser ComputerName DNS Cryptographic key Software crashed	2 Keyword trend analysis	3	2	12.4	41	ZeroCERT