Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	Score	Zero	VT	Player
1726	2025-03-06 10:46	2c46c808-8f6c-45b3-8137-980983... a83c1c3f6750b43679b34eb20f3ffe71 Generic Malware Malicious Packer UPX PE File PE64 OS Processor Check VirusTotal Malware PDB			1.4	M	47	ZeroCERT

1727	2025-03-05 10:16	17wzez.ps1 126ba2166352af938ba086ad7df1fbd8 Hide_EXE Generic Malware UPX Antivirus Malicious Library Malicious Packer Confuser .NET AntiDebug AntiVM PE File DLL PE32 .NET EXE Browser Info Stealer VirusTotal Malware powershell Buffer PE Code Injection Check memory Checks debugger buffers extracted Creates executable files unpack itself powershell.exe wrote AppData folder Browser crashed	4 Keyword trend analysis Info http://www.sqlite.org/2021/sqlite-dll-win32-x86-3360000.zip http://www.travel-cure.sbs/n6q4/ http://www.travel-cure.sbs/n6q4/?4cT0jDh=n+Cyrj9OcMUOWbDH4cjzKV/mJzLVooIVzDhzjZWQ23L4TEIxqC5WR48IB5WiMds40RZ9NTJRlRbPGhU2cb6gL2r66QPe44kxxCPi3jqpmP6s3kOEOGJbSc3XzwQ6hLk8mBslsio=&-OJ=H27UH http://www.sqlite.org/2022/sqlite-dll-win32-x86-3370000.zip	3	12.0	M	17	ZeroCERT

1728	2025-03-05 10:16	cssess.exe 868c0a40cf4219a47ee081ade911a8f7 Process Kill Generic Malware Malicious Library FindFirstVolume CryptGenKey UPX PE File Device_File_Check PE32 OS Processor Check DLL Browser Info Stealer VirusTotal Malware Checks debugger buffers extracted Creates executable files unpack itself AppData folder Browser		20 Info www.temecula.deals(15.197.148.33) www.anartisthuman.info(208.91.197.27) www.multo.xyz(13.248.169.48) www.vaishnavi.xyz(92.204.40.98) www.jplttj.info(47.83.1.90) www.needethereum.xyz(13.248.169.48) www.statusq.studio(13.248.243.5) www.agistaking.xyz(13.248.169.48) www.zeniow.xyz(209.74.77.230) www.pond-magic.shop(15.197.148.33) 15.197.148.33 - mailcious 92.204.40.98 76.223.54.146 - mailcious 209.74.77.230 13.248.243.5 - phishing 208.91.197.27 - mailcious 3.33.130.190 - phishing 13.248.169.48 - mailcious 45.33.6.223 47.83.1.90 - mailcious	5.8	M	51	ZeroCERT

1729	2025-03-05 10:14	beautifulmomentswithniceplaceg... e3068b8cc3613ac1d7b59b8eebab7a7d Downloader Create Service Socket DGA Http API ScreenShot Escalate priviledges Steal credential PWS Sniff Audio HTTP DNS Code injection Internet API FTP KeyLogger P2P AntiDebug AntiVM VirusTotal Malware VBScript Code Injection Check memory wscript.exe payload download Creates executable files suspicious process malicious URLs DNS Dropper	1 Keyword trend analysis	3	10.0		7	ZeroCERT

1730	2025-03-05 10:14	morninghtaaaafilex.hta d07552e70fe8bb34a7c0231e04ca246a Downloader Create Service Socket DGA Http API ScreenShot Escalate priviledges Steal credential PWS Sniff Audio HTTP DNS Code injection Internet API FTP KeyLogger P2P AntiDebug AntiVM VirusTotal Malware VBScript Code Injection Check memory wscript.exe payload download Creates executable files unpack itself suspicious process Dropper	1 Keyword trend analysis	2	10.0	M	3	ZeroCERT

1731	2025-03-05 10:12	server.exe 6a3d1e12057da9877676b1c9e4ab03ac Generic Malware Malicious Library Malicious Packer Antivirus UPX PE File PE32 OS Processor Check VirusTotal Malware Check memory suspicious TLD sandbox evasion Browser		2	2.8	M	63	ZeroCERT

1732	2025-03-05 09:19	RuntimeBroker.exe 57145c33045ce67e1c1fe7c763438ab1 Malicious Library .NET framework(MSIL) UPX PE File .NET EXE PE32 OS Processor Check VirusTotal Malware Check memory Checks debugger unpack itself			2.0	M	63	guest

1733	2025-03-04 09:52	HMRC_Self_Assessment.pdf.lnk 150b8a919ff51049aa765c2217fe4d50 Generic Malware Antivirus AntiDebug AntiVM GIF Format Lnk Format VirusTotal Malware powershell suspicious privilege Code Injection Check memory Checks debugger Creates shortcut RWX flags setting unpack itself powershell.exe wrote suspicious process Interception Windows ComputerName Cryptographic key	1 Keyword trend analysis	2	6.4		26	ZeroCERT

1734	2025-03-04 09:51	RE-8430940237206210.pdf.lnk beb1a61e973cb2f4b1fc1164b4ebc475 Generic Malware AntiDebug AntiVM GIF Format Lnk Format VirusTotal Malware Code Injection Check memory Creates shortcut unpack itself suspicious process			3.2		29	ZeroCERT

1735	2025-03-04 09:45	Acrobat.exe cc060d002d279752c9514571ed151706 njRAT backdoor Generic Malware Malicious Library Antivirus UPX PE File MSOffice File CAB PE32 OS Processor Check OS Name Check DLL VirusTotal Malware PDB suspicious privilege Check memory Checks debugger buffers extracted Creates executable files unpack itself AppData folder AntiVM_Disk VM Disk Size Check Windows ComputerName RCE DNS Cryptographic key crashed		1	6.2		23	ZeroCERT

1736	2025-03-04 09:34	XClient.exe dc5ec981b6e326d7b15c69bd871ace66 Antivirus UPX PE File .NET EXE PE32 OS Processor Check VirusTotal Malware suspicious privilege MachineGuid Check memory Checks debugger unpack itself AntiVM_Disk VM Disk Size Check ComputerName			3.8	M	57	ZeroCERT

1737	2025-03-04 09:32	Ext.exe 1931fd02f375be6223b8b875fcfdacfd Generic Malware Malicious Library .NET framework(MSIL) Malicious Packer UPX PE File .NET EXE PE32 OS Processor Check VirusTotal Malware Check memory Checks debugger unpack itself			2.0		58	ZeroCERT

1738	2025-03-04 09:30	sonic.exe 3cc32d37dc6b03cad9a786752dddc434 Generic Malware Malicious Library UPX PE File PE64 OS Processor Check VirusTotal Malware PDB			0.8	M	11	ZeroCERT

1739	2025-03-04 09:29	AntiRat.exe 6ae8c66807d71409faaf19979e9108e7 Generic Malware Malicious Library .NET framework(MSIL) Malicious Packer UPX PE File .NET EXE PE32 OS Processor Check VirusTotal Malware Check memory Checks debugger unpack itself			2.0		50	ZeroCERT

1740	2025-03-04 09:28	pws.exe 896262de23c427acb7feac7ae9c49840 .NET framework(MSIL) Antivirus PE File .NET EXE PE32 VirusTotal Malware Check memory Checks debugger unpack itself Check virtual network interfaces			2.4	M	59	ZeroCERT