popup

Submissions

No Date Request Urls Hosts IDS Rule Score Zero VT Player Etc
15106 2023-03-05 06:32 http://125.44.39.187:44434/bin...  


PWS[m] Downloader Create Service DGA Socket ScreenShot DNS Internet API Code injection Hijack Network Sniff Audio HTTP Steal credential KeyLogger P2P Escalate priviledges persistence FTP Http API AntiDebug AntiVM MSOffice File PNG Format JPEG Format Code Injection RWX flags setting exploit crash unpack itself Windows utilities malicious URLs Tofsee Windows Exploit DNS crashed 		1 2 5.8 guest

15107 2023-03-05 06:31 http://182.119.227.61:44258/i  


PWS[m] Downloader Create Service DGA Socket ScreenShot DNS Internet API Code injection Hijack Network Sniff Audio HTTP Steal credential KeyLogger P2P Escalate priviledges persistence FTP Http API AntiDebug AntiVM MSOffice File PNG Format JPEG Format Code Injection RWX flags setting exploit crash unpack itself Windows utilities malicious URLs Tofsee Windows Exploit DNS crashed 		1 2 6.4 guest

15108 2023-03-05 06:30 http://222.141.120.140:38990/b...  


PWS[m] Downloader Create Service DGA Socket ScreenShot DNS Internet API Code injection Hijack Network Sniff Audio HTTP Steal credential KeyLogger P2P Escalate priviledges persistence FTP Http API AntiDebug AntiVM PNG Format JPEG Format MSOffice File Code Injection RWX flags setting exploit crash unpack itself Windows utilities malicious URLs Tofsee Windows Exploit DNS crashed 		1 2 6.4 guest

15109 2023-03-05 06:30 http://219.157.209.186:58973/i  


PWS[m] Downloader Create Service DGA Socket ScreenShot DNS Internet API Code injection Hijack Network Sniff Audio HTTP Steal credential KeyLogger P2P Escalate priviledges persistence FTP Http API AntiDebug AntiVM PNG Format MSOffice File JPEG Format Code Injection RWX flags setting exploit crash unpack itself Windows utilities malicious URLs Tofsee Windows Exploit DNS crashed 		1 2 5.8 guest

15110 2023-03-05 06:28 http://117.215.219.156:47729/b...  


AntiDebug AntiVM MSOffice File PNG Format JPEG Format Code Injection RWX flags setting exploit crash unpack itself Windows utilities Windows Exploit DNS crashed 		1 2 5.4 guest

15111 2023-03-05 06:28 http://www.cpasdrole.com/handd...  

f48570526e4923521a63c718ea4a15d3


PWS[m] Gen2 Trojan_PWS_Stealer Credential User Data Downloader Malicious Packer SQLite Cookie UPX Malicious Library Create Service DGA Socket ScreenShot DNS Internet API Code injection Hijack Network Sniff Audio HTTP Steal credential KeyLogger P2P Escalat Code Injection Creates executable files exploit crash unpack itself Windows utilities AppData folder malicious URLs Tofsee Windows Exploit DNS crashed 		2 3 6.2 M guest

15112 2023-03-05 06:27 http://115.49.235.234:51481/bi...  


PWS[m] Downloader Create Service DGA Socket ScreenShot DNS Internet API Code injection Hijack Network Sniff Audio HTTP Steal credential KeyLogger P2P Escalate priviledges persistence FTP Http API AntiDebug AntiVM PNG Format MSOffice File JPEG Format Code Injection RWX flags setting exploit crash unpack itself Windows utilities malicious URLs Tofsee Windows Exploit DNS crashed 		1 2 5.8 guest

15113 2023-03-05 06:26 http://117.195.83.21:48709/bin...  


PWS[m] Downloader Create Service DGA Socket ScreenShot DNS Internet API Code injection Hijack Network Sniff Audio HTTP Steal credential KeyLogger P2P Escalate priviledges persistence FTP Http API AntiDebug AntiVM PNG Format MSOffice File JPEG Format Code Injection RWX flags setting exploit crash unpack itself Windows utilities malicious URLs Tofsee Windows Exploit DNS crashed 		1 2 5.8 guest

15114 2023-03-05 06:24 http://122.190.165.118:58960/b...  


AntiDebug AntiVM PNG Format JPEG Format MSOffice File Code Injection RWX flags setting exploit crash unpack itself Windows utilities Windows Exploit DNS crashed 		1 2 4.8 guest

15115 2023-03-05 06:21 http://115.52.188.130:49280/bi...  


PWS[m] Downloader Create Service DGA Socket ScreenShot DNS Internet API Code injection Hijack Network Sniff Audio HTTP Steal credential KeyLogger P2P Escalate priviledges persistence FTP Http API AntiDebug AntiVM PNG Format MSOffice File JPEG Format Code Injection RWX flags setting exploit crash unpack itself Windows utilities malicious URLs Tofsee Windows Exploit DNS crashed 		1 2 5.8 guest

15116 2023-03-05 06:20 http://114.246.183.233:54929/i  


AntiDebug AntiVM MSOffice File PNG Format JPEG Format Code Injection RWX flags setting exploit crash unpack itself Windows utilities Tofsee Windows Exploit DNS crashed 		1 2 5.4 guest

15117 2023-03-05 06:19 http://119.189.153.85:54272/i  


PWS[m] Downloader Create Service DGA Socket ScreenShot DNS Internet API Code injection Hijack Network Sniff Audio HTTP Steal credential KeyLogger P2P Escalate priviledges persistence FTP Http API AntiDebug AntiVM PNG Format MSOffice File JPEG Format Code Injection RWX flags setting exploit crash unpack itself Windows utilities malicious URLs Tofsee Windows Exploit DNS crashed 		1 2 5.8 guest

15118 2023-03-05 06:19 http://27.219.11.41:45127/i  


PWS[m] Downloader Create Service DGA Socket ScreenShot DNS Internet API Code injection Hijack Network Sniff Audio HTTP Steal credential KeyLogger P2P Escalate priviledges persistence FTP Http API AntiDebug AntiVM MSOffice File PNG Format JPEG Format Code Injection RWX flags setting exploit crash unpack itself Windows utilities malicious URLs Tofsee Windows Exploit DNS crashed 		1 2 5.8 guest

15119 2023-03-05 06:17 https://bitbucket.org/thisisaw...  

cee44021a4841cf66516938c3b09cd3a


PWS[m] Downloader Create Service DGA Socket ScreenShot DNS Internet API Code injection Hijack Network Sniff Audio HTTP Steal credential KeyLogger P2P Escalate priviledges persistence FTP Http API AntiDebug AntiVM PNG Format JPEG Format MSOffice File Code Injection RWX flags setting exploit crash unpack itself Windows utilities malicious URLs Tofsee Windows Exploit DNS crashed 		2 2 4.8 M guest

15120 2023-03-05 06:16 http://121.227.222.56:59094/i  


PWS[m] Downloader Create Service DGA Socket ScreenShot DNS Internet API Code injection Hijack Network Sniff Audio HTTP Steal credential KeyLogger P2P Escalate priviledges persistence FTP Http API AntiDebug AntiVM PNG Format MSOffice File JPEG Format Code Injection RWX flags setting exploit crash unpack itself Windows utilities malicious URLs Tofsee Windows Exploit DNS crashed 		1 2 5.8 guest

keyword