Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Score	Zero	VT	Player
1666	2025-03-08 12:27	4261683a-d502-4ae4-afca-049875... 6ca1d8895e299ea630a4673213536564 Emotet Gen1 Malicious Library UPX AntiDebug AntiVM PE File PE64 CAB ZIP Format VirusTotal Malware AutoRuns PDB MachineGuid Code Injection Check memory Checks debugger Creates executable files unpack itself suspicious process WriteConsoleW Windows ComputerName RCE				7.0	M	50	ZeroCERT

1667	2025-03-08 12:24	1.exe 64d97ceac5d0fbb39f316eb8707c5af4 Generic Malware PE File PE64 VirusTotal Malware				1.6	M	60	ZeroCERT

1668	2025-03-08 12:24	3.exe 38c5ce383f70dc49175cc5843f017ff9 Malicious Packer PE File PE64 VirusTotal Malware suspicious privilege Check memory Checks debugger unpack itself Windows utilities suspicious process WriteConsoleW Windows				3.8	M	51	ZeroCERT

1669	2025-03-08 12:22	f3727065-e97b-4230-9333-63b156... a8ead31687926172939f6c1f40b6cc31 ScreenShot AntiDebug AntiVM PE File .NET EXE PE32 VirusTotal Malware Code Injection Check memory Checks debugger buffers extracted unpack itself crashed				7.6	M	56	ZeroCERT

1670	2025-03-08 12:22	V0Bt74c.exe 019b0ee933aa09404fb1c389dca4f4d1 PE File .NET EXE PE32 VirusTotal Malware Check memory Checks debugger unpack itself ComputerName				2.8	M	47	ZeroCERT

1671	2025-03-08 12:21	nicegirlwanttokissingmylipswit... 33af9b492a761074c088271e39cfb522 Downloader Create Service Socket DGA Http API ScreenShot Escalate priviledges Steal credential PWS Sniff Audio HTTP DNS Code injection Internet API persistence FTP KeyLogger P2P AntiDebug AntiVM VirusTotal Malware VBScript Code Injection Check memory wscript.exe payload download Creates executable files suspicious process malicious URLs Tofsee DNS Dropper	1 Keyword trend analysis	3	4	10.0	M	10	ZeroCERT

1672	2025-03-08 12:21	43468004-0ccb-4efd-a141-13e0c7... db2604ef26c68ec665dfc57e38841454 ScreenShot AntiDebug AntiVM PE File .NET EXE PE32 VirusTotal Malware Code Injection Check memory Checks debugger buffers extracted unpack itself crashed				7.6	M	59	ZeroCERT

1673	2025-03-08 12:19	devil.ps1 fcefd0bfa2f36f93c0eb8ac368b4c7d9 AgentTesla Hide_EXE Generic Malware Antivirus Malicious Library Malicious Packer UPX PE File PE64 OS Memory Check .NET EXE PE32 OS Processor Check OS Name Check Browser Info Stealer VirusTotal Email Client Info Stealer Malware powershell suspicious privilege Malicious Traffic Check memory Checks debugger buffers extracted Creates executable files unpack itself powershell.exe wrote Check virtual network interfaces AppData folder IP Check Windows Browser Email ComputerName DNS crashed	2 Keyword trend analysis	3	7 Info ET INFO External IP Lookup Domain in DNS Lookup (ip-api .com) ET POLICY External IP Lookup ip-api.com SURICATA Applayer Detect protocol only one direction ET INFO Executable Download from dotted-quad Host ET POLICY PE EXE or DLL Windows file download HTTP ET INFO Executable Retrieved With Minimal HTTP Headers - Potential Second Stage Download ET HUNTING SUSPICIOUS Dotted Quad Host MZ Response	9.8	M	20	ZeroCERT

1674	2025-03-08 12:19	mIrI3a9.exe c4e6239cad71853ac5330ab665187d9f Generic Malware UPX Antivirus PE File .NET EXE PE32 VirusTotal Malware powershell PDB suspicious privilege Check memory Checks debugger Creates shortcut unpack itself powershell.exe wrote suspicious process WriteConsoleW Windows ComputerName DNS Cryptographic key		1	1	5.6		18	ZeroCERT

1675	2025-03-08 12:16	cubrodriver.exe 190272ebd2e82a80b242b1bdd442b859 Themida UPX PE File PE32 VirusTotal Malware AutoRuns Checks debugger ICMP traffic unpack itself Checks Bios Detects VMWare VMware anti-virtualization Windows crashed		2	1	7.2	M	46	ZeroCERT

1676	2025-03-08 12:16	91e9cb20-bc50-4ed6-aed4-e7c171... ab09d0db97f3518a25cd4e6290862da7 Malicious Library .NET framework(MSIL) ScreenShot AntiDebug AntiVM PE File .NET EXE PE32 VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself DNS crashed		1		8.6	M	51	ZeroCERT

1677	2025-03-08 12:14	hustle.exe c7103c02f1e59a99d4b736a61cdd851a AgentTesla Malicious Library Malicious Packer UPX PE File OS Memory Check .NET EXE PE32 OS Processor Check OS Name Check Browser Info Stealer VirusTotal Email Client Info Stealer Malware suspicious privilege Malicious Traffic Check memory Checks debugger unpack itself Check virtual network interfaces IP Check Browser Email ComputerName DNS crashed	1 Keyword trend analysis	3	3	6.6	M	52	ZeroCERT

1678	2025-03-08 12:14	7b1d576b-6562-4acd-a891-b267e0... 87445a0f29a952af98f410e972b7902a ScreenShot AntiDebug AntiVM PE File .NET EXE PE32 VirusTotal Malware Code Injection Check memory Checks debugger buffers extracted unpack itself crashed				7.6	M	59	ZeroCERT

1679	2025-03-08 12:12	76a10c1b-5401-4483-8d02-0593c9... 42d1f59bd9027984edcfef168f8e86a4 Emotet Gen1 Generic Malware Malicious Library Malicious Packer UPX PE File CAB PE32 OS Processor Check DLL DllRegisterServer dll VirusTotal Malware PDB Checks debugger Creates executable files ICMP traffic unpack itself suspicious TLD DNS	1 Keyword trend analysis	25 Info imap.t-online.de(194.25.134.51) www.google.com(142.250.207.100) imap.serviciodecorreo.es(82.223.190.138) foapologetics.com(198.54.120.34) bff-search-web.domclick.ru(178.248.234.210) example.org(96.7.128.186) - mailcious vanaheim.cn(141.8.198.29) - mailcious imap.ionos.de(212.227.15.171) 185.7.214.57 198.54.120.34 - phishing 185.42.12.45 185.7.214.51 23.215.0.132 178.248.234.210 142.250.197.36 141.8.198.29 193.143.1.5 212.227.15.171 185.147.125.145 185.147.125.146 185.147.125.147 194.25.134.115 82.223.190.138 121.133.128.1 185.156.72.58	2	5.6	M	45	ZeroCERT

1680	2025-03-08 12:12	3cb8101e-6b12-4e05-a658-7fa9ed... cf3268c419da49574f98a9a36d263165 Generic Malware Admin Tool (Sysinternals etc ...) Malicious Library UPX PE File .NET EXE PE32 VirusTotal Malware suspicious privilege Check memory Checks debugger unpack itself Windows DNS Cryptographic key		8	2	3.8	M	53	ZeroCERT