Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Score	Zero	VT	Player
1771	2024-07-31 09:57	test.lnk 80d39df7a53e3c5e23eb0a71f6799882 Generic Malware Antivirus AntiDebug AntiVM Lnk Format GIF Format VirusTotal Malware powershell suspicious privilege Code Injection Check memory Checks debugger Creates shortcut RWX flags setting unpack itself powershell.exe wrote suspicious process Interception Windows ComputerName DNS Cryptographic key	1 Keyword trend analysis	2	1	7.4		24	ZeroCERT

1772	2024-07-31 09:48	SetupPacket.pdf.lnk 76c809c3d668c4b5d280c7ca0d7920ae Generic Malware Malicious Library Admin Tool (Sysinternals etc ...) UPX Antivirus PDF Anti_VM AntiDebug AntiVM Lnk Format GIF Format PowerShell PE File PE32 MZP Format ZIP Format BMP Format VirusTotal Malware powershell Microsoft suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted heapspray Creates shortcut Creates executable files RWX flags setting unpack itself Windows utilities powershell.exe wrote Check virtual network interfaces suspicious process AppData folder sandbox evasion WriteConsoleW installed browsers check Interception Windows Browser ComputerName DNS Cryptographic key	8 Keyword trend analysis Info http://acroipm2.adobe.com/20/rdr/ENU/win/nooem/none/consumer/277_20_6_20042.zip http://acroipm2.adobe.com/20/rdr/ENU/win/nooem/none/consumer/message.zip http://212.18.104.197/AdeptTranslatorPro_%5B3MB%5D_%5B1sig%5D.exe http://acroipm2.adobe.com/20/rdr/ENU/win/nooem/none/consumer/281_20_6_20042.zip http://acroipm2.adobe.com/20/rdr/ENU/win/nooem/none/consumer/280_20_6_20042.zip http://212.18.104.197/TopNotchSetupPacket.pdf http://acroipm2.adobe.com/20/rdr/ENU/win/nooem/none/consumer/278_20_6_20042.zip http://212.18.104.197/SetupPacket	1	6 Info ET POLICY PE EXE or DLL Windows file download HTTP ET HUNTING SUSPICIOUS Dotted Quad Host MZ Response ET INFO Dotted Quad Host PDF Request ET INFO Executable Download from dotted-quad Host ET INFO Executable Retrieved With Minimal HTTP Headers - Potential Second Stage Download ET WEB_CLIENT Hostile Microsoft Rich Text File (RTF) with corrupted listoverride	18.0	M	27	ZeroCERT

1773	2024-07-31 09:47	releaseform.txt.lnk 46d6193d7f5c337f5f76db8e470b21f8 Generic Malware UPX Antivirus AntiDebug AntiVM Lnk Format GIF Format PowerShell PE File PE32 VirusTotal Malware powershell suspicious privilege Code Injection Check memory Checks debugger buffers extracted heapspray Creates shortcut RWX flags setting unpack itself powershell.exe wrote Check virtual network interfaces suspicious process AppData folder WriteConsoleW Interception Windows ComputerName DNS Cryptographic key	2 Keyword trend analysis	1	6 Info ET INFO Packed Executable Download ET INFO Executable Download from dotted-quad Host ET POLICY PE EXE or DLL Windows file download HTTP ET HUNTING SUSPICIOUS Dotted Quad Host MZ Response ET INFO EXE - Served Inline HTTP ET INFO Executable Retrieved With Minimal HTTP Headers - Potential Second Stage Download	14.2	M	24	ZeroCERT

1774	2024-07-31 09:46	Photo.lnk e4de11b91bd957eeb367b13b9ab7d066 Generic Malware Antivirus AntiDebug AntiVM Lnk Format GIF Format VirusTotal Malware powershell suspicious privilege Code Injection Check memory Checks debugger Creates shortcut unpack itself powershell.exe wrote suspicious process WriteConsoleW Windows ComputerName Cryptographic key	1 Keyword trend analysis			4.8		18	ZeroCERT

1775	2024-07-31 09:43	medium.exe 581bca6d99edd1eb945af367af110a8c UPX PE File PE32 VirusTotal Malware PDB Remote Code Execution				1.4	M	30	ZeroCERT

1776	2024-07-31 09:39	myteste.pdf.lnk e3eddc4e7a18976f35529d739557724c Generic Malware Antivirus AntiDebug AntiVM Lnk Format GIF Format VirusTotal Malware powershell suspicious privilege Code Injection Check memory Checks debugger Creates shortcut unpack itself powershell.exe wrote suspicious process WriteConsoleW Windows ComputerName Cryptographic key	1 Keyword trend analysis			4.8		17	ZeroCERT

1777	2024-07-31 09:37	myid.lnk 633759772a1a46e0bfec8caad46f9e6b Generic Malware Antivirus AntiDebug AntiVM Lnk Format GIF Format VirusTotal Malware powershell suspicious privilege Code Injection Check memory Checks debugger Creates shortcut RWX flags setting unpack itself powershell.exe wrote suspicious process suspicious TLD Interception Windows ComputerName DNS Cryptographic key	1 Keyword trend analysis	2	1	7.8		22	ZeroCERT

1778	2024-07-31 09:37	Guide.pdf.lnk 0e5138203d1ba9f34206bdde51374198 Generic Malware AntiDebug AntiVM Lnk Format GIF Format VirusTotal Malware Code Injection Creates shortcut Windows utilities suspicious process WriteConsoleW Windows	1 Keyword trend analysis			3.2		22	ZeroCERT

1779	2024-07-31 09:37	DR_Mod_200_2023.PDF.lnk 0d6f8a03885e85f384584cb2416f859e Generic Malware Antivirus AntiDebug AntiVM Lnk Format GIF Format VirusTotal Malware powershell suspicious privilege Code Injection Check memory Checks debugger Creates shortcut RWX flags setting unpack itself powershell.exe wrote suspicious process Interception Windows ComputerName Cryptographic key	1 Keyword trend analysis	1		6.6		35	ZeroCERT

1780	2024-07-31 09:23	corp.lnk 7eac7583b780de8a2c0e782ca49519c3 Generic Malware Antivirus AntiDebug AntiVM Lnk Format GIF Format VirusTotal Malware powershell suspicious privilege Code Injection Check memory Checks debugger Creates shortcut unpack itself powershell.exe wrote suspicious process WriteConsoleW Windows ComputerName Cryptographic key	1 Keyword trend analysis			4.8		11	ZeroCERT

1781	2024-07-31 09:21	123123123.lnk 2a833855401c9710a5aeeea932a4d705 Generic Malware Antivirus AntiDebug AntiVM Lnk Format GIF Format VirusTotal Malware powershell suspicious privilege Code Injection Check memory Checks debugger Creates shortcut RWX flags setting unpack itself powershell.exe wrote suspicious process Interception Windows ComputerName Cryptographic key	1 Keyword trend analysis	1		6.4		25	ZeroCERT

1782	2024-07-31 09:21	8.lnk d60ad359db69bf1814acba1a77c4d292 Generic Malware Antivirus AntiDebug AntiVM Lnk Format GIF Format VirusTotal Malware powershell suspicious privilege Code Injection Check memory Checks debugger Creates shortcut unpack itself powershell.exe wrote suspicious process WriteConsoleW Windows ComputerName Cryptographic key	1 Keyword trend analysis			4.6		8	ZeroCERT

1783	2024-07-31 09:21	7.lnk abd62871ee205dc0d58baa78e60d67f6 Generic Malware Antivirus AntiDebug AntiVM Lnk Format GIF Format VirusTotal Malware powershell suspicious privilege Code Injection Check memory Checks debugger Creates shortcut unpack itself powershell.exe wrote suspicious process WriteConsoleW Windows ComputerName Cryptographic key	1 Keyword trend analysis			4.8		16	ZeroCERT

1784	2024-07-31 09:14	5.lnk c5f2ade21d5b2cb2eea83d9e3ad64c3f Generic Malware Antivirus AntiDebug AntiVM Lnk Format GIF Format VirusTotal Malware powershell suspicious privilege Code Injection Check memory Checks debugger Creates shortcut unpack itself powershell.exe wrote suspicious process WriteConsoleW Windows ComputerName Cryptographic key	1 Keyword trend analysis			4.8		11	ZeroCERT

1785	2024-07-31 09:13	4.lnk 6415eab0ee8401628cbb061942e3dd83 Generic Malware Antivirus AntiDebug AntiVM Lnk Format GIF Format VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger Creates shortcut unpack itself suspicious process WriteConsoleW Windows ComputerName Cryptographic key	1 Keyword trend analysis			4.0		8	ZeroCERT

First
Previous
111
112
113
114
115
116
117
118
119
120
Next
Last
Total : 48,230cnts

Submissions

80d39df7a53e3c5e23eb0a71f6799882

76c809c3d668c4b5d280c7ca0d7920ae

46d6193d7f5c337f5f76db8e470b21f8

e4de11b91bd957eeb367b13b9ab7d066

581bca6d99edd1eb945af367af110a8c

e3eddc4e7a18976f35529d739557724c

633759772a1a46e0bfec8caad46f9e6b

0e5138203d1ba9f34206bdde51374198

0d6f8a03885e85f384584cb2416f859e

7eac7583b780de8a2c0e782ca49519c3

2a833855401c9710a5aeeea932a4d705

d60ad359db69bf1814acba1a77c4d292

abd62871ee205dc0d58baa78e60d67f6

c5f2ade21d5b2cb2eea83d9e3ad64c3f

6415eab0ee8401628cbb061942e3dd83

View

Insert

Alert