Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Score	Zero	VT	Player
1681	2024-08-02 17:27	66a3594e79991.msi f3baa740b63233597af9102a1063a17f Generic Malware Malicious Library MSOffice File CAB OS Processor Check VirusTotal Malware suspicious privilege Check memory Checks debugger unpack itself AntiVM_Disk VM Disk Size Check ComputerName				2.4	M	15	ZeroCERT

1682	2024-08-02 17:25	guardservice.exe d0e4beee4073fbe4ffeaf89c052eab2b Emotet Generic Malware Malicious Library Malicious Packer UPX ASPack ftp PE File PE32 OS Processor Check DllRegisterServer dll Lnk Format GIF Format VirusTotal Malware AutoRuns Check memory Creates shortcut Creates executable files AppData folder sandbox evasion Tofsee Windows ComputerName DNS	1 Keyword trend analysis	2	3	5.6		39	ZeroCERT

1683	2024-08-02 17:24	build_2024-07-24_23-16.exe 72bcb9136fde10fdddfaa593f2cdfe42 Malicious Library UPX PE File PE32 OS Processor Check VirusTotal Malware unpack itself Windows Remote Code Execution				3.4	M	56	ZeroCERT

1684	2024-08-02 17:21	%E5%AE%89%E8%A3%85%E5%AF%9F%E7... f9589d32c6fcbb019e3a95c4be0f4e92 Generic Malware Malicious Library Antivirus MSOffice File CAB OS Processor Check VirusTotal Malware suspicious privilege Check memory Checks debugger unpack itself AntiVM_Disk VM Disk Size Check ComputerName DNS		1		4.4		34	ZeroCERT

1685	2024-08-02 10:30	payload_1_3.ps1 be3d9786fc25e399ba1785508fb8c441 Generic Malware Antivirus PE File DLL PE32 .NET DLL VirusTotal Malware Check memory Creates executable files unpack itself Windows utilities AppData folder Windows ComputerName DNS Cryptographic key		1		5.4		6	ZeroCERT

1686	2024-08-02 10:29	payload_1_2.ps1 c6ea5594b44dd4612456a0e4a98d3e8a Generic Malware Antivirus PE File DLL PE32 .NET DLL VirusTotal Malware Check memory Creates executable files unpack itself Windows utilities AppData folder Windows ComputerName DNS Cryptographic key		1		5.4		6	ZeroCERT

1687	2024-08-02 10:29	payload_1.ps1 f387d33215ba34ab33266b9b971c942b Generic Malware Antivirus PE File DLL PE32 .NET DLL VirusTotal Malware Check memory Creates executable files unpack itself Windows utilities AppData folder Windows ComputerName DNS Cryptographic key		1		5.4		5	ZeroCERT

1688	2024-08-02 09:50	wemustbegood.js a1cf34ca2fc8b93d34e15b80b7d5424d Generic Malware Antivirus Hide_URL ActiveXObject PowerShell VirusTotal Malware powershell suspicious privilege Check memory Checks debugger Creates shortcut ICMP traffic unpack itself Check virtual network interfaces suspicious process WriteConsoleW Windows ComputerName DNS Cryptographic key DDNS	2 Keyword trend analysis	1	2	7.4		4	ZeroCERT

1689	2024-08-02 09:50	SNK.txt.exe 18c1314189b50b530c8cf1db4176c1b6 Malicious Library Malicious Packer .NET framework(MSIL) UPX PE File .NET EXE PE32 Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware Telegram suspicious privilege Malicious Traffic Check memory Checks debugger unpack itself Check virtual network interfaces IP Check Tofsee Windows Browser Email ComputerName DNS Cryptographic key DDNS Software crashed keylogger	2 Keyword trend analysis	6	9 Info ET POLICY External IP Lookup - checkip.dyndns.org ET INFO 404/Snake/Matiex Keylogger Style External IP Check ET INFO External IP Address Lookup Domain in DNS Lookup (reallyfreegeoip .org) ET HUNTING Telegram API Domain in DNS Lookup ET INFO TLS Handshake Failure ET HUNTING Observed Telegram API Domain (api .telegram .org in TLS SNI) SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) ET INFO External IP Lookup Domain in DNS Query (checkip .dyndns .org) ET INFO External IP Lookup Service Domain (reallyfreegeoip .org) in TLS SNI	7.8		56	ZeroCERT

1690	2024-08-02 09:50	sos.txt.exe 184303252d69a1ca88ece7779af9c82f Malicious Library Malicious Packer UPX PE File PE64 VirusTotal Malware DNS crashed		1		3.4	M	8	ZeroCERT

1691	2024-08-02 09:46	newlevelcreatedgirlseyewithme.... 39842ac95e5d6500f94a88a158709223 Generic Malware Antivirus VirusTotal Malware powershell suspicious privilege Check memory Checks debugger Creates shortcut unpack itself suspicious process WriteConsoleW Windows ComputerName Cryptographic key	1 Keyword trend analysis			5.8	M	4	ZeroCERT

1692	2024-08-02 09:46	blessedflowerongirlhairwithcre... e7116bd7b7352b12e22506b1b8c4adab Generic Malware Antivirus Hide_URL PowerShell VirusTotal Malware powershell suspicious privilege Check memory Checks debugger Creates shortcut ICMP traffic unpack itself Check virtual network interfaces suspicious process WriteConsoleW Windows ComputerName DNS Cryptographic key DDNS	2 Keyword trend analysis	1	2	7.4	M	4	ZeroCERT

1693	2024-08-02 09:46	Done.js a5246a96de7e1d5ebdd3fd74579aae3a unpack itself crashed				0.6			ZeroCERT

1694	2024-08-02 09:35	IMG_8729.scr 7a9e91cd05bb23625354d0f46066904c Gen1 Generic Malware Malicious Library UPX Http API HTTP Code injection Internet API Anti_VM AntiDebug AntiVM PE File PE64 OS Processor Check VirusTotal Malware Buffer PE Code Injection Malicious Traffic Check memory Checks debugger buffers extracted exploit crash unpack itself Windows utilities suspicious process malicious URLs sandbox evasion WriteConsoleW installed browsers check Windows Exploit Browser ComputerName DNS crashed	3 Keyword trend analysis	1	1	12.0		15	ZeroCERT

1695	2024-08-02 09:31	wethinkingentirethingstobegrea... 98fccb07a0d2a7658b6c42edb5eb1462 MS_RTF_Obfuscation_Objects RTF File doc VirusTotal Malware Malicious Traffic exploit crash unpack itself Exploit DNS crashed	1 Keyword trend analysis	1		4.6	M	38	ZeroCERT