popup

Submissions

No Date Request Urls Hosts IDS Rule Score Zero VT Player Etc
1531 2025-03-28 09:52 863f2c19-1ce7-4e66-994b-a280b3...  

c6067cd3b970c7f932f73f4084df78e8


Malicious Library Admin Tool (Sysinternals etc ...) Antivirus Malicious Packer UPX PE File PE64 OS Processor Check VirusTotal Malware 		1.8 51 ZeroCERT

1532 2025-03-28 09:52 windscribe.msi  

3ec402cf37b62c46d70e993af8390d04


Generic Malware Malicious Library CAB MSOffice File OS Processor Check VirusTotal Malware suspicious privilege Check memory Checks debugger unpack itself AntiVM_Disk VM Disk Size Check Tofsee ComputerName Cloudflare DNS 		1 2 4 2.6 1 ZeroCERT

1533 2025-03-28 09:51 Tax_Docu.docx ...  

587e8ed72fc10291f254ec3880f2fe29


Generic Malware Malicious Library UPX Antivirus PE File PE64 OS Processor Check PNG Format VirusTotal Malware powershell suspicious privilege MachineGuid Check memory Checks debugger Creates shortcut unpack itself powershell.exe wrote suspicious process WriteConsoleW Tofsee Windows ComputerName Cloudflare DNS Cryptographic key 		2 2 4 3.8 6 ZeroCERT

1534 2025-03-28 09:40 VsGraphicsResources.exe  

9505eb22bd1997ed978361c94eeec069


Malicious Library .NET framework(MSIL) UPX PE File .NET EXE PE32 OS Processor Check VirusTotal Malware Check memory Checks debugger unpack itself 		2.0 51 ZeroCERT

1535 2025-03-28 09:40 Verkoopcontract Data Markus.pd...  

3bf01e91b90ca74b97bd244636d69ce5


Generic Malware Downloader Antivirus Create Service Socket DGA Http API ScreenShot Escalate priviledges Steal credential PWS Sniff Audio HTTP DNS Code injection Internet API FTP KeyLogger P2P AntiDebug AntiVM Lnk Format GIF Format Email Client Info Stealer powershell suspicious privilege Code Injection Check memory Checks debugger Creates shortcut unpack itself Windows utilities Check virtual network interfaces suspicious process WriteConsoleW anti-virtualization Tofsee Windows Email ComputerName DNS Cryptographic key 		8 3 3 10.4 ZeroCERT

1536 2025-03-28 09:38 Client-built.exe  

2dd0b0481e3dfd56f85b6063e1d0980c


Malicious Library .NET framework(MSIL) UPX PE File .NET EXE PE32 OS Processor Check VirusTotal Malware Check memory Checks debugger unpack itself 		2.0 56 ZeroCERT

1537 2025-03-28 09:37 tkskfaaa.exe  

2ff8e057084b5c180e9b447e08d2d747


Malicious Library PE File PE32 VirusTotal Malware AutoRuns Check memory Windows utilities suspicious process WriteConsoleW Windows ComputerName 		4.2 52 ZeroCERT

1538 2025-03-28 09:36 VsGraphicsResources2.exe  

da576c8a761ee91ba7e9da884fac3dd7


Malicious Library .NET framework(MSIL) UPX PE File .NET EXE PE32 OS Processor Check VirusTotal Malware Check memory Checks debugger unpack itself DNS 		1 2.6 53 ZeroCERT

1539 2025-03-28 09:36 loader.vbs  

cae91a547e1f1f9340d8856b5b1ffd07

VirusTotal Malware VBScript wscript.exe payload download Tofsee Dropper 		2 4 2 10.0 9 ZeroCERT

1540 2025-03-28 09:36 XtuService.exe  

14de8826d5467e30b3e87ae1fe5c8dab


Generic Malware Malicious Library .NET framework(MSIL) Antivirus Malicious Packer UPX PE File .NET EXE PE32 OS Processor Check VirusTotal Malware Check memory Checks debugger unpack itself 		2.4 41 ZeroCERT

1541 2025-03-28 09:35 Results.lnk  

2174326f00b9559f4d6458018f79a8c9


Generic Malware Create Service Escalate priviledges AntiDebug AntiVM Lnk Format GIF Format VirusTotal Malware suspicious privilege Code Injection Creates shortcut unpack itself 		2.6 8 ZeroCERT

1542 2025-03-28 09:31 nbotpasppp.exe  

e08490aaa588933433f6b7d3ffbae613


Generic Malware Malicious Library UPX PE File PE32 OS Processor Check VirusTotal Malware 		1.4 56 ZeroCERT

1543 2025-03-28 09:30 gfdthawdddd.exe  

cb1ab881df77d5e59c9cd71a042489dd


PE File PE64 VirusTotal Cryptocurrency Miner Malware DNS CoinMiner 		6 2 1.4 54 ZeroCERT

1544 2025-03-28 09:15 faktura_586507.pdf.lnk  

6efd4d47b2dc0d6b07e324cb680b5aae


Generic Malware Antivirus AntiDebug AntiVM Lnk Format GIF Format VirusTotal Malware powershell suspicious privilege Code Injection Check memory Checks debugger Creates shortcut unpack itself powershell.exe wrote suspicious process WriteConsoleW Windows ComputerName Cryptographic key 		5.6 32 ZeroCERT

1545 2025-03-27 11:09 tarksloader.hta  

3ffacc93b7d3de5d0d47f31853807f49


AntiDebug AntiVM MSOffice File Code Injection RWX flags setting unpack itself Windows utilities Tofsee Windows 		1 4 1 2.6 ZeroCERT

keyword