Submissions

No Date Request Urls Hosts IDS Rule Score Zero VT Player Etc
17941 2023-05-09 18:51 update.7z  

c9027a96969b77612260fd952c632a54


PWS[m] Escalate priviledges KeyLogger AntiDebug AntiVM suspicious privilege Check memory Checks debugger unpack itself
1.6 M ZeroCERT

17942 2023-05-09 18:48 update.7z  

c9027a96969b77612260fd952c632a54

M ZeroCERT

17943 2023-05-09 18:45 098.hta  

246b0b1de71eeffbb03fa02ccf9c0621


Generic Malware Antivirus PowerShell powershell suspicious privilege Check memory Checks debugger Creates shortcut unpack itself Check virtual network interfaces suspicious process WriteConsoleW Tofsee Windows ComputerName Cryptographic key
2 1 6.0 ZeroCERT

17944 2023-05-09 18:33 %23%23%23%23%23%23%23%23%23%23...  

18418b8b5e1ee58eba592c4b23abc28b


MS_RTF_Obfuscation_Objects RTF File doc Malware download VirusTotal Malware Malicious Traffic exploit crash unpack itself Exploit DNS crashed Downloader
1 1 3 4.6 M 33 ZeroCERT

17945 2023-05-09 18:31 %23%23%23%23%23%23%23%23%23%23...  

a86eff21eb0571be6fa5d185365c4e06


MS_RTF_Obfuscation_Objects RTF File doc Malware download VirusTotal Malware Malicious Traffic buffers extracted exploit crash unpack itself Exploit DNS crashed Downloader
1 1 3 4.8 M 27 ZeroCERT

17946 2023-05-09 18:29 QQQQ%23%23%23%23%23%23%23%23%2...  

3a8641ce8a7de2549623b886e142ce8b


MS_RTF_Obfuscation_Objects RTF File doc LokiBot Malware download VirusTotal Malware c&c Malicious Traffic buffers extracted exploit crash unpack itself Windows Exploit DNS crashed Downloader
2 2 12 5.2 M 28 ZeroCERT

17947 2023-05-09 18:29 droidddxxxPayload.vbs  

3d54b88bf2b6bcd1126ef4eb20d9e9f9


Generic Malware Antivirus PowerShell VirusTotal Malware powershell suspicious privilege Malicious Traffic Check memory Checks debugger buffers extracted Creates shortcut unpack itself Check virtual network interfaces suspicious process WriteConsoleW Windows ComputerName DNS Cryptographic key
1 1 1 10.0 M 5 ZeroCERT

17948 2023-05-09 18:27 vbc.exe  

32b910a06c3169b599852dad6c181ed6


PWS .NET framework Formbook Hide_EXE Generic Malware Antivirus KeyLogger Anti_VM AntiDebug AntiVM .NET EXE PE32 PE File Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware powershell suspicious privilege Code Injection Check memory Checks debugger buffers extracted Creates shortcut unpack itself Windows utilities powershell.exe wrote Check virtual network interfaces suspicious process WriteConsoleW IP Check Tofsee Windows Browser Email ComputerName Cryptographic key Software crashed
1 2 1 14.0 M 51 ZeroCERT

17949 2023-05-09 18:27 test.exe  

a8f6a3eb27d8afa3aee2628739050bd5


PWS .NET framework RAT Downloader Create Service DGA Socket DNS Code injection HTTP PWS[m] Sniff Audio Steal credential Http API P2P Internet API Escalate priviledges FTP KeyLogger ScreenShot AntiDebug AntiVM .NET EXE PE32 PE File VirusTotal Malware AutoRuns Code Injection Check memory Checks debugger unpack itself Windows utilities suspicious process AppData folder WriteConsoleW Ransomware Windows ComputerName
6.4 M 28 ZeroCERT

17950 2023-05-09 17:17 82d3502c53149a88_rhtamjyx.txt  

3e5543f72f7fd36a1aa30aba4f89c334


ScreenShot AntiDebug AntiVM Check memory unpack itself
1.0 guest

17951 2023-05-09 15:13 zqqK.html  

5144480c0b8e79a016fafcfc3d3c3aa7


Generic Malware Antivirus AntiDebug AntiVM PowerShell MSOffice File powershell suspicious privilege MachineGuid Code Injection Check memory Checks debugger Creates shortcut RWX flags setting exploit crash unpack itself Windows utilities powershell.exe wrote suspicious process Tofsee Windows Exploit ComputerName DNS Cryptographic key crashed
2 8.8 ZeroCERT

17952 2023-05-09 14:34 vbc.exe  

8cc158004c15e9dcae74414be7819658


Loki_b Loki_m PWS .NET framework Socket DNS PWS[m] AntiDebug AntiVM .NET EXE PE32 PE File Browser Info Stealer LokiBot Malware download FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware c&c PDB suspicious privilege MachineGuid Code Injection Malicious Traffic Check memory Checks debugger buffers extracted unpack itself malicious URLs installed browsers check Windows Browser Email ComputerName DNS Cryptographic key Software
1 1 7 14.8 M 38 ZeroCERT

17953 2023-05-09 14:34 cryptedclient1.exe  

699c684263c7e3ed81ffb2b1df23bd5f


RAT Generic Malware Antivirus AntiDebug AntiVM .NET EXE PE32 PE File Browser Info Stealer FTP Client Info Stealer VirusTotal Malware AutoRuns suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted Creates shortcut unpack itself Collect installed applications Check virtual network interfaces suspicious process installed browsers check Windows Browser ComputerName DNS Cryptographic key Software crashed
1 3 1 14.4 M 28 ZeroCERT

17954 2023-05-09 14:31 file2.exe  

7008af4d6c8a792cc119540ed6591c07


Malicious Library PE32 PE File VirusTotal Malware PDB
1.6 M 33 ZeroCERT

17955 2023-05-09 13:31 login.term  

33faeaedba7072d68a887ca967f43fb5


AntiDebug AntiVM Email Client Info Stealer suspicious privilege Checks debugger Creates shortcut unpack itself installed browsers check Browser Email ComputerName
3.4 BRY