Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Rule	Score	Zero	VT	Player
151	2025-04-15 23:41	Kula A.- protokół grudzień 202... eac7a805b6ac97358d440cd0cd8a3484 MSOffice File								guest

152	2025-04-15 23:40	Kula A.- protokól kwiecień 202... f27f0b2b67910a1f79bb5cdb15ca1f4a PDF								guest

153	2025-04-15 23:40	Kula A . protokół październik ... c076e93a4b020eb5ba877adff771ff1c PDF								guest

154	2025-04-15 23:40	Kula A.- protokół luty 2024 r.... 13a484df8cbb1f389825687e79337be3 PDF								guest

155	2025-04-15 23:40	Kula A.- protokół grudzień 202... eac7a805b6ac97358d440cd0cd8a3484 MSOffice File								guest

156	2025-04-15 23:40	Kula A.- protokól kwiecień 202... f27f0b2b67910a1f79bb5cdb15ca1f4a PDF								guest

157	2025-04-15 23:40	Kula A . protokół październik ... c076e93a4b020eb5ba877adff771ff1c PDF								guest

158	2025-04-15 22:51	http://collector.eu01.nr-data.... Downloader Create Service Socket DGA Http API ScreenShot Escalate priviledges Steal credential PWS Hijack Network Sniff Audio HTTP DNS Code injection Internet API persistence FTP KeyLogger P2P AntiDebug AntiVM MSOffice File Code Injection RWX flags setting unpack itself Windows utilities malicious URLs Tofsee Windows	2 Keyword trend analysis	2	1		3.0			guest

159	2025-04-15 09:47	EVEGBPOK.msi b7ebb3cd13958da87889abf3e15c99c8 CAB MSOffice File VirusTotal Malware suspicious privilege Check memory Checks debugger unpack itself AntiVM_Disk VM Disk Size Check installed browsers check Browser ComputerName		7	1		2.6	M	10	ZeroCERT

160	2025-04-15 09:45	loader.hta 3d38ab222579d17632acd5d383490a05 Check memory RWX flags setting unpack itself Tofsee DNS		3	2		1.6			ZeroCERT

161	2025-04-15 09:43	pixel.exe 52749d5846a4f486c6268f892cf30088 task schedule PWS Code injection AntiDebug AntiVM PE File .NET EXE PE32 DLL .NET DLL Malware download VirusTotal Malware Code Injection Malicious Traffic Check memory Checks debugger buffers extracted Creates executable files unpack itself Windows utilities Check virtual network interfaces AppData folder Windows DNS Cryptographic key Downloader	1 Keyword trend analysis	1	6 Info ET DROP Spamhaus DROP Listed Traffic Inbound group 13 ET INFO Executable Download from dotted-quad Host ET MALWARE Terse alphanumeric executable downloader high likelihood of being hostile ET POLICY PE EXE or DLL Windows file download HTTP ET INFO Executable Retrieved With Minimal HTTP Headers - Potential Second Stage Download ET HUNTING SUSPICIOUS Dotted Quad Host MZ Response	1	10.8	M	28	ZeroCERT

162	2025-04-15 09:41	001.exe c37235367c898eca6efefd178b37073c NSIS Malicious Library UPX PE File PE32 DLL VirusTotal Malware Check memory Creates executable files unpack itself AppData folder					2.4	M	27	ZeroCERT

163	2025-04-15 08:57	Kula A.- protokół luty 2024 r.... 13a484df8cbb1f389825687e79337be3 PDF ZIP Format Windows utilities Windows	5 Keyword trend analysis Info http://acroipm2.adobe.com/20/rdr/ENU/win/nooem/none/consumer/277_20_6_20042.zip http://acroipm2.adobe.com/20/rdr/ENU/win/nooem/none/consumer/280_20_6_20042.zip http://acroipm2.adobe.com/20/rdr/ENU/win/nooem/none/consumer/message.zip http://acroipm2.adobe.com/20/rdr/ENU/win/nooem/none/consumer/278_20_6_20042.zip http://acroipm2.adobe.com/20/rdr/ENU/win/nooem/none/consumer/281_20_6_20042.zip				1.4			guest

164	2025-04-15 08:57	Kula A.- protokół luty 2024 r.... 13a484df8cbb1f389825687e79337be3 PDF unpack itself Windows utilities Windows					1.4			guest

165	2025-04-15 08:55	Kula A.- protokół luty 2024 r.... 13a484df8cbb1f389825687e79337be3 PDF								guest