Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Score	Zero	VT	Player
1591	2024-08-05 10:44	rundll.exe 4c6421a1802b81596b4a5c1f67261826 Malicious Library PE File PE64 VirusTotal Malware RWX flags setting DNS		1		3.2	M	57	ZeroCERT

1592	2024-08-05 10:44	Client.exe fedb1274930bfa08a83480134a3f1412 Malicious Library Malicious Packer Antivirus .NET framework(MSIL) UPX PE File .NET EXE PE32 OS Processor Check VirusTotal Malware Check memory Checks debugger unpack itself				2.0	M	55	ZeroCERT

1593	2024-08-05 10:43	wmiexec.exe e3e29ce5e9af4e3b0452b79bad2a31ac Gen1 Generic Malware Malicious Library UPX Anti_VM PE File PE64 OS Processor Check DLL ftp ZIP Format VirusTotal Malware Check memory Creates executable files				2.0	M	26	ZeroCERT

1594	2024-08-05 10:43	secretsdump.exe 96ec8798bba011d5be952e0e6398795d Gen1 Generic Malware Malicious Library UPX PE File PE32 OS Processor Check DLL .NET DLL VirusTotal Malware Creates executable files unpack itself AppData folder WriteConsoleW				2.8	M	52	ZeroCERT

1595	2024-08-05 10:41	XFTZHD.exe f9eb9ee28788c0079bbc91086cef30f2 PE File PE32 VirusTotal Malware unpack itself DNS	1 Keyword trend analysis	1		3.4	M	42	ZeroCERT

1596	2024-08-05 10:39	Cbmefxrmnv.exe 170fb4fa36de83de39a9e228f17b0060 Hide_EXE Malicious Library .NET framework(MSIL) Socket Http API ScreenShot PWS HTTP DNS Internet API Anti_VM AntiDebug AntiVM PE File .NET EXE PE32 VirusTotal Malware Buffer PE AutoRuns suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself Windows Cryptographic key				9.0	M	46	ZeroCERT

1597	2024-08-05 10:38	wmiexec.exe 47e001253af2003985f15282cdc90a1c Gen1 Generic Malware Malicious Library UPX PE File PE32 OS Processor Check DLL .NET DLL VirusTotal Malware Creates executable files unpack itself AppData folder WriteConsoleW				2.8		52	ZeroCERT

1598	2024-08-05 10:38	hash.exe 9879e4811c6e80b9aac5801af2541e9f UPX PE File PE32 Checks debugger Creates executable files WriteConsoleW				2.4			ZeroCERT

1599	2024-08-05 10:35	1.exe 24cb424d6c5941a3fa8c2a5df0160773 Malicious Packer UPX PE File PE32 VirusTotal Malware unpack itself DNS		1	1	4.0		67	ZeroCERT

1600	2024-08-05 10:33	active2 94a367aad29847380f2bdf52a90197aa UPX PE File PE32 VirusTotal Malware PDB Remote Code Execution				1.2		20	ZeroCERT

1601	2024-08-05 09:55	Guidelines_for_Citizen_Safety.... 7058eef2fba6a8bf7944a23cc5f03886 Generic Malware Malicious Library MSOffice File CAB OS Processor Check VirusTotal Malware Buffer PE suspicious privilege Malicious Traffic Check memory Checks debugger buffers extracted unpack itself AntiVM_Disk VM Disk Size Check Tofsee ComputerName	15 Keyword trend analysis Info http://ocsp.digicert.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBTfIs%2BLjDtGwQ09XEB1Yeq%2BtX%2BBgQQU7NfjgtJxXWRM3y5nP%2Be6mK4cD08CEAitQLJg0pxMn17Nqb2Trtk%3D http://ocsp.digicert.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBSRXerF0eFeSWRripTgTkcJWMm7iQQUaDfg67Y7%2BF8Rhvv%2BYXsIiGX0TkICEAooSZl45YmN9AojjrilUug%3D http://ocsp.digicert.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBT3xL4LQLXDRDM9P665TW442vrsUQQUReuir%2FSSy4IxLVGLp6chnfNtyA8CEA6bGI750C3n79tQ4ghAGFo%3D http://cacerts.digicert.com/DigiCertTrustedG4CodeSigningRSA4096SHA3842021CA1.crt http://cacerts.digicert.com/DigiCertTrustedRootG4.crt https://ps.pndsn.com/time/0?pnsdk=NET45CSharp6.13.0.0&requestid=cf65c790-3bba-4a64-9937-f36220f6c218&uuid=55038c67-569f-4d99-8a57-744508033a9a https://ps.pndsn.com/v2/subscribe/sub-c-a02ceca8-a958-11e5-bd8c-0619f8945a4f/55038c67-569f-4d99-8a57-744508033a9a/0?heartbeat=93&pnsdk=NET45CSharp6.13.0.0&requestid=702fbf86-0fa7-4934-b774-f6bcb0b8b572&tr=36&tt=17228191021137080&uuid=55038c67-569f-4d99-8a57-744508033a9a https://ps.pndsn.com/v2/subscribe/sub-c-a02ceca8-a958-11e5-bd8c-0619f8945a4f/55038c67-569f-4d99-8a57-744508033a9a/0?heartbeat=93&pnsdk=NET45CSharp6.13.0.0&requestid=b5e04d33-6bf0-42c4-8e59-52ccdb41e3db&tt=0&uuid=55038c67-569f-4d99-8a57-744508033a9a https://ps.pndsn.com/time/0?pnsdk=NET45CSharp6.13.0.0&requestid=79383a77-1246-4ab7-add1-a742496ba2f9&uuid=55038c67-569f-4d99-8a57-744508033a9a https://ps.pndsn.com/time/0?pnsdk=NET45CSharp6.13.0.0&requestid=ca859d8d-9d89-4015-8fa6-99b7cf72a1f8&uuid=55038c67-569f-4d99-8a57-744508033a9a https://ps.pndsn.com/time/0?pnsdk=NET45CSharp6.13.0.0&requestid=e9e7b332-e51c-4aa0-a801-d87c8acbcc8a&uuid=55038c67-569f-4d99-8a57-744508033a9a https://ps.atera.com/agentpackagesnet45/AgentPackageAgentInformation/37.2/AgentPackageAgentInformation.zip?IaYiaqQ9y9o8b7g3EnJ8yVxQedXylv6S7z7zWYWmLKBc3BStISV4S61La6VNNgx5 https://ps.pndsn.com/v2/subscribe/sub-c-a02ceca8-a958-11e5-bd8c-0619f8945a4f/55038c67-569f-4d99-8a57-744508033a9a/0?heartbeat=93&pnsdk=NET45CSharp6.13.0.0&requestid=ad327499-f709-4137-84e5-53afcd35656e&tr=36&tt=17228191047232239&uuid=55038c67-569f-4d99-8a57-744508033a9a https://ps.pndsn.com/v2/presence/sub_key/sub-c-a02ceca8-a958-11e5-bd8c-0619f8945a4f/channel/55038c67-569f-4d99-8a57-744508033a9a/heartbeat?heartbeat=93&pnsdk=NET45CSharp6.13.0.0&requestid=e494ecc6-7d5c-4596-adb2-e9b303d7c1a2&uuid=55038c67-569f-4d99-8a57-744508033a9a https://ps.pndsn.com/time/0?pnsdk=NET45CSharp6.13.0.0&requestid=acca9136-a599-4cb0-ad20-a7cb3388de77&uuid=55038c67-569f-4d99-8a57-744508033a9a	9	1	4.2		10	ZeroCERT

1602	2024-08-05 09:50	RingQ.exe 76b660aeed75fd20555985ca7c7c1edd Generic Malware UPX PE File PE64 OS Processor Check VirusTotal Malware Remote Code Execution crashed				2.0	M	22	ZeroCERT

1603	2024-08-05 09:42	PerformanceTest.exe 8470e0b0235dc793feccebf5a9355e3a Malicious Packer UPX PE File PE32 VirusTotal Malware unpack itself DNS		1		4.0	M	66	ZeroCERT

1604	2024-08-05 09:40	TcpExternal.exe e57226f3f9adee7cfb553626f64dd38c Malicious Packer UPX PE File PE32 VirusTotal Malware unpack itself DNS		1		4.0	M	65	ZeroCERT

1605	2024-08-05 09:40	setup.exe 7bb9ec0d09f2d1bffa9c2e1925d6d5ca PE File PE64 VirusTotal Malware MachineGuid Check memory Checks debugger buffers extracted unpack itself Windows ComputerName Cryptographic key crashed				3.6	M	58	ZeroCERT