Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Score	Player
15526	2023-03-05 00:41	http://es02.xyz/w2/PvqDq929BSx... PWS[m] Downloader Create Service DGA Socket ScreenShot DNS Internet API Code injection Hijack Network Sniff Audio HTTP Steal credential KeyLogger P2P Escalate priviledges persistence FTP Http API AntiDebug AntiVM PNG Format MSOffice File JPEG Format Code Injection RWX flags setting exploit crash unpack itself Windows utilities malicious URLs Tofsee Windows Exploit DNS crashed		1	2	5.8	guest

15527	2023-03-05 00:41	http://manvim.co/fd6/PvqDq929B... AntiDebug AntiVM MSOffice File Code Injection RWX flags setting exploit crash unpack itself Windows utilities Windows Exploit DNS crashed	2 Keyword trend analysis	2		3.8	guest

15528	2023-03-05 00:40	http://mxrz.xyz/tker3/w2/PvqDq... PWS[m] Downloader Create Service DGA Socket ScreenShot DNS Internet API Code injection Hijack Network Sniff Audio HTTP Steal credential KeyLogger P2P Escalate priviledges persistence FTP Http API AntiDebug AntiVM MSOffice File PNG Format JPEG Format Code Injection RWX flags setting exploit crash unpack itself Windows utilities malicious URLs Tofsee Windows Exploit DNS crashed		1	2	4.2	guest

15529	2023-03-05 00:40	http://manvim.co/fc5/PvqDq929B... b54ad2ea04cc0ae57f89e7379503017f PWS[m] Downloader Create Service DGA Socket ScreenShot DNS Internet API Code injection Hijack Network Sniff Audio HTTP Steal credential KeyLogger P2P Escalate priviledges persistence FTP Http API AntiDebug AntiVM MSOffice File Code Injection Creates executable files ICMP traffic RWX flags setting exploit crash unpack itself Windows utilities malicious URLs Tofsee Windows Exploit DNS crashed	9 Keyword trend analysis Info http://ww1.manvim.co/_fd?terms=Auto%20Auction%20Inventory%20Management%20Software,Customer%20Account%20Management%20Software,Job%20Posting%20Board http://ww1.manvim.co/js/parking.2.103.1.js http://manvim.co/fc5/PvqDq929BSx_A_D_M1n_a.php http://ww1.manvim.co/favicon.ico http://manvim.co/fc5/PvqDq929BSx_A_D_M1n_a.php?ch=1&js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTY3Nzk1MTMzNiwiaWF0IjoxNjc3OTQ0MTM2LCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIydDRrMmpiMzJvN2k0aTNxazQwZTNiaW0iLCJuYmYiOjE2Nzc5NDQxMzYsInRzIjoxNjc3OTQ0MTM2ODAyODMyfQ.6aEk9BZsIrjLdfvWBioDZsd9yjzxKULT_lFyOIdUnkc&sid=35c5ad24-baa2-11ed-b23c-146e5991e9eb http://ww1.manvim.co/px.gif?ch=2&rn=1.2106671952721868 http://ww1.manvim.co/?terms=Auto%20Auction%20Inventory%20Management%20Software,Customer%20Account%20Management%20Software,Job%20Posting%20Board http://ww1.manvim.co/px.gif?ch=1&rn=1.2106671952721868 https://www.google.com/adsense/domains/caf.js	6	2	5.8	guest

15530	2023-03-05 00:39	http://manvim.co/bo/PvqDq929BS... a2a867f799c111f8846ff71b100c8dc0 AntiDebug AntiVM MSOffice File Code Injection Creates executable files RWX flags setting exploit crash unpack itself Windows utilities Tofsee Windows Exploit DNS crashed	9 Keyword trend analysis Info http://ww1.manvim.co/_fd?terms=Auto%20Auction%20Inventory%20Management%20Software,Customer%20Account%20Management%20Software,Job%20Posting%20Board http://ww1.manvim.co/js/parking.2.103.1.js http://ww1.manvim.co/px.gif?ch=1&rn=9.349986912777808 http://ww1.manvim.co/favicon.ico http://manvim.co/bo/PvqDq929BSx_A_D_M1n_a.php http://ww1.manvim.co/px.gif?ch=2&rn=9.349986912777808 http://ww1.manvim.co/?terms=Auto%20Auction%20Inventory%20Management%20Software,Customer%20Account%20Management%20Software,Job%20Posting%20Board http://manvim.co/bo/PvqDq929BSx_A_D_M1n_a.php?ch=1&js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTY3Nzk1MTM5NSwiaWF0IjoxNjc3OTQ0MTk1LCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIydDRrMm1vczAwaDg3azdwMzgwcHFnNmIiLCJuYmYiOjE2Nzc5NDQxOTUsInRzIjoxNjc3OTQ0MTk1NzM5NzUwfQ.hScxHehQRvVzy3Qppt_oH_8OB6rnUH_OxdiEEy3nt8s&sid=58e6a772-baa2-11ed-bfb7-146e1a1435f8 https://www.google.com/adsense/domains/caf.js	6	1	4.6	guest

15531	2023-03-05 00:39	http://sspmoct.xyz/tkrr/T1/w2/... AntiDebug AntiVM MSOffice File PNG Format JPEG Format Code Injection RWX flags setting exploit crash unpack itself Windows utilities Windows Exploit DNS crashed		1		3.8	guest

15532	2023-03-05 00:39	http://manvim.co/fc6/PvqDq929B... fa84833727e656c3dc2a96bef75cb91f PWS[m] Downloader Create Service DGA Socket ScreenShot DNS Internet API Code injection Hijack Network Sniff Audio HTTP Steal credential KeyLogger P2P Escalate priviledges persistence FTP Http API AntiDebug AntiVM PNG Format MSOffice File JPEG Format Code Injection RWX flags setting exploit crash unpack itself Windows utilities malicious URLs Tofsee Windows Exploit DNS crashed		2	2	5.8	guest

15533	2023-03-05 00:38	http://manvim.co/fc7/PvqDq929B... 0b495d269f4b94a31d526da1bc693651 PWS[m] Downloader Create Service DGA Socket ScreenShot DNS Internet API Code injection Hijack Network Sniff Audio HTTP Steal credential KeyLogger P2P Escalate priviledges persistence FTP Http API AntiDebug AntiVM MSOffice File Code Injection Creates executable files RWX flags setting exploit crash unpack itself Windows utilities malicious URLs Tofsee Windows Exploit DNS crashed	9 Keyword trend analysis Info http://ww1.manvim.co/_fd?terms=Auto%20Auction%20Inventory%20Management%20Software,Customer%20Account%20Management%20Software,Job%20Posting%20Board http://manvim.co/fc7/PvqDq929BSx_A_D_M1n_a.php?ch=1&js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTY3Nzk1MTIzNiwiaWF0IjoxNjc3OTQ0MDM2LCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIydDRrMmRndWNoaGFwNmNtc2MwcGV0ZzUiLCJuYmYiOjE2Nzc5NDQwMzYsInRzIjoxNjc3OTQ0MDM2ODY2MDU0fQ.FeLVc0kQXI1wKTJTCUj7q1xtFCpp7JjJhBjaklnAqdc&sid=fa347dbc-baa1-11ed-98f4-146e29b02172 http://ww1.manvim.co/js/parking.2.103.1.js http://ww1.manvim.co/px.gif?ch=1&rn=1.906162677163206 http://ww1.manvim.co/px.gif?ch=2&rn=1.906162677163206 http://ww1.manvim.co/favicon.ico http://ww1.manvim.co/?terms=Auto%20Auction%20Inventory%20Management%20Software,Customer%20Account%20Management%20Software,Job%20Posting%20Board http://manvim.co/fc7/PvqDq929BSx_A_D_M1n_a.php https://www.google.com/adsense/domains/caf.js	6	2	5.6	guest

15534	2023-03-05 00:38	http://manvim.co/os/PvqDq929BS... 14cc691295ea7c8cfd3df7656391ceec AntiDebug AntiVM MSOffice File Code Injection Creates executable files RWX flags setting exploit crash unpack itself Windows utilities Tofsee Windows Exploit DNS crashed	9 Keyword trend analysis Info http://ww1.manvim.co/_fd?terms=Auto%20Auction%20Inventory%20Management%20Software,Customer%20Account%20Management%20Software,Job%20Posting%20Board http://ww1.manvim.co/js/parking.2.103.1.js http://ww1.manvim.co/favicon.ico http://ww1.manvim.co/px.gif?ch=2&rn=9.29489112543848 http://manvim.co/os/PvqDq929BSx_A_D_M1n_a.php?ch=1&js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTY3Nzk1MTMwMSwiaWF0IjoxNjc3OTQ0MTAxLCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIydDRrMmg4aW1tOG1vMG91bGMwcGplbWIiLCJuYmYiOjE2Nzc5NDQxMDEsInRzIjoxNjc3OTQ0MTAxMDk0NjA5fQ.Tm2Jtv-z7A5vYl0bQ-7U_heO5FZ3F0ZqwCRtpxTHLzg&sid=207d228a-baa2-11ed-a784-146e5fed00b1 http://ww1.manvim.co/?terms=Auto%20Auction%20Inventory%20Management%20Software,Customer%20Account%20Management%20Software,Job%20Posting%20Board http://ww1.manvim.co/px.gif?ch=1&rn=9.29489112543848 http://manvim.co/os/PvqDq929BSx_A_D_M1n_a.php https://www.google.com/adsense/domains/caf.js	6	1	4.6	guest

15535	2023-03-05 00:37	http://wenolira.top/bofaadmin/ ee8ae4ab167c63dd6d171d38d0efe587 PWS[m] Downloader Create Service DGA Socket ScreenShot DNS Internet API Code injection Hijack Network Sniff Audio HTTP Steal credential KeyLogger P2P Escalate priviledges persistence FTP Http API AntiDebug AntiVM PNG Format MSOffice File JPEG Format Code Injection Creates executable files RWX flags setting exploit crash unpack itself Windows utilities malicious URLs suspicious TLD Tofsee Windows Exploit DNS crashed	6 Keyword trend analysis Info http://www.wenolira.top/bofaadmin/ http://www.wenolira.top/common.js http://www.wenolira.top/tj.js http://wenolira.top/bofaadmin/ https://hm.baidu.com/hm.js?9053860856a19b8bcc9f5a5d26bf4859 https://hm.baidu.com/hm.gif?cc=1&ck=1&cl=32-bit&ds=1365x1024&vl=893&et=0&ja=1&ln=ko&lo=0&rnd=898598240&si=9053860856a19b8bcc9f5a5d26bf4859&v=1.3.0&lv=1&sn=13536&r=0&ww=1365&u=http%3A%2F%2Fwww.wenolira.top%2Fbofaadmin%2F&tt=%E4%B8%83%E5%8F%B0%E6%B2%B3%E7%9A%86%E6%9D%82%E7%A7%9F%E5%94%AE%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8	7	4	5.0	guest

15536	2023-03-05 00:35	http://gjusvoqmkddfahvoccsx.co... AntiDebug AntiVM MSOffice File PNG Format JPEG Format Code Injection RWX flags setting exploit crash unpack itself Windows utilities Windows Exploit DNS crashed		1		3.8	guest

15537	2023-03-05 00:34	http://gjusvoqmkddfahvoccsx.co... PWS[m] Downloader Create Service DGA Socket ScreenShot DNS Internet API Code injection Hijack Network Sniff Audio HTTP Steal credential KeyLogger P2P Escalate priviledges persistence FTP Http API AntiDebug AntiVM PNG Format MSOffice File JPEG Format Code Injection RWX flags setting exploit crash unpack itself Windows utilities malicious URLs Tofsee Windows Exploit DNS crashed		1	2	4.8	guest

15538	2023-03-05 00:33	http://gepardmain.com/admin/ PWS[m] Downloader Create Service DGA Socket ScreenShot DNS Internet API Code injection Hijack Network Sniff Audio HTTP Steal credential KeyLogger P2P Escalate priviledges persistence FTP Http API AntiDebug AntiVM MSOffice File PNG Format JPEG Format Code Injection RWX flags setting exploit crash unpack itself Windows utilities malicious URLs Tofsee Windows Exploit DNS crashed		1	2	4.2	guest

15539	2023-03-05 00:33	http://manvim.co/fd1/PvqDq929B... 73fcb916867f4604e3dd66d77a10bdc8 PWS[m] Downloader Create Service DGA Socket ScreenShot DNS Internet API Code injection Hijack Network Sniff Audio HTTP Steal credential KeyLogger P2P Escalate priviledges persistence FTP Http API AntiDebug AntiVM MSOffice File Code Injection Creates executable files RWX flags setting exploit crash unpack itself Windows utilities malicious URLs Tofsee Windows Exploit DNS crashed	9 Keyword trend analysis Info http://ww1.manvim.co/_fd?terms=Auto%20Auction%20Inventory%20Management%20Software,Customer%20Account%20Management%20Software,Job%20Posting%20Board http://ww1.manvim.co/js/parking.2.103.1.js http://manvim.co/fd1/PvqDq929BSx_A_D_M1n_a.php?ch=1&js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTY3Nzk1MDk1MiwiaWF0IjoxNjc3OTQzNzUyLCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIydDRrMXN2aWZtcjViZGlhYTQwbjM1MDIiLCJuYmYiOjE2Nzc5NDM3NTIsInRzIjoxNjc3OTQzNzUyNjYxNzMxfQ.WwD9r5H3I35T3zBZ16FbZeEEMbSaAwQfCdOfU-tlrtE&sid=50ce52a2-baa1-11ed-a0fd-bb17d31ab64f http://ww1.manvim.co/px.gif?ch=2&rn=1.9119834174495333 http://manvim.co/fd1/PvqDq929BSx_A_D_M1n_a.php http://ww1.manvim.co/favicon.ico http://ww1.manvim.co/px.gif?ch=1&rn=1.9119834174495333 http://ww1.manvim.co/?terms=Auto%20Auction%20Inventory%20Management%20Software,Customer%20Account%20Management%20Software,Job%20Posting%20Board https://www.google.com/adsense/domains/caf.js	6	2	5.6	guest

15540	2023-03-05 00:33	http://gjusvoqmkddfahvoccsx.co... AntiDebug AntiVM PNG Format MSOffice File JPEG Format Code Injection RWX flags setting exploit crash unpack itself Windows utilities Windows Exploit DNS crashed		1		3.8	guest

Submissions

b54ad2ea04cc0ae57f89e7379503017f

a2a867f799c111f8846ff71b100c8dc0

fa84833727e656c3dc2a96bef75cb91f

0b495d269f4b94a31d526da1bc693651

14cc691295ea7c8cfd3df7656391ceec

ee8ae4ab167c63dd6d171d38d0efe587

73fcb916867f4604e3dd66d77a10bdc8

View

Insert

Alert