Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Score	Zero	VT	Player
17971	2023-05-09 07:27	http://www.google.com/profiles... 6395ac3078f4e5141fb41b72c27d5f3f Downloader Create Service DGA Socket DNS Hijack Network Code injection HTTP PWS[m] Sniff Audio Steal credential Http API P2P Internet API Escalate priviledges persistence FTP KeyLogger ScreenShot AntiDebug AntiVM MSOffice File VirusTotal Malware Code Injection RWX flags setting exploit crash unpack itself Windows utilities malicious URLs Tofsee Windows Exploit DNS crashed	11 Keyword trend analysis Info http://www.google.com/profiles/102128379777508964956 https://www.google.com/favicon.ico https://accounts.google.com/generate_204?CQdfzQ https://profiles.google.com/browser-not-supported/?ref=/102128379777508964956 https://ssl.gstatic.com/images/branding/googlelogo/2x/googlelogo_color_74x24dp.png https://accounts.google.com/ServiceLogin?passive=1209600&osid=1&continue=https://currents.google.com/me?ref%3D/102128379777508964956&followup=https://currents.google.com/me?ref%3D/102128379777508964956 https://profiles.google.com/102128379777508964956 https://accounts.google.com/_/bscframe https://currents.google.com/me?ref=/102128379777508964956 https://accounts.google.com/v3/signin/identifier?dsh=S-351430295%3A1683584467026608&continue=https%3A%2F%2Fcurrents.google.com%2Fme%3Fref%3D%2F102128379777508964956&followup=https%3A%2F%2Fcurrents.google.com%2Fme%3Fref%3D%2F102128379777508964956&ifkv=Af_xneGAwdXlM71QtApQgJX60HESyPgacMTfgO3LaftBx_eM2GnLiR-jPZE9E3TQW_mqqTCDD44X&osid=1&passive=1209600&flowName=WebLiteSignIn&flowEntry=ServiceLogin https://accounts.google.com/InteractiveLogin?continue=https://currents.google.com/me?ref%3D/102128379777508964956&followup=https://currents.google.com/me?ref%3D/102128379777508964956&osid=1&passive=1209600&ifkv=Af_xneGJoNKj2T9U05PVsA_KSaY3oBjOnkW36Vw43Lz6UJdMM4RZiCVZttO9JzHcfrsVto9JWZGA7w	10	2	4.6			guest

17972	2023-05-09 07:27	http://www.google.com/profiles... 027de6380a27d9116764f11da1b25b61 AntiDebug AntiVM MSOffice File icon VirusTotal Malware Code Injection RWX flags setting exploit crash unpack itself Windows utilities Tofsee Windows Exploit DNS crashed	11 Keyword trend analysis Info http://www.google.com/profiles/102128379777508964956 https://accounts.google.com/InteractiveLogin?continue=https://currents.google.com/me?ref%3D/102128379777508964956&followup=https://currents.google.com/me?ref%3D/102128379777508964956&osid=1&passive=1209600&ifkv=Af_xneEIrOshotgoHQt0SnZntPIX7ToJV9I8a-hvTpKW7W3c9gQ5r_tUFoV23iiRyVJdr1Kn6S7t0g https://www.google.com/favicon.ico https://accounts.google.com/v3/signin/identifier?dsh=S1577148976%3A1683584498722183&continue=https%3A%2F%2Fcurrents.google.com%2Fme%3Fref%3D%2F102128379777508964956&followup=https%3A%2F%2Fcurrents.google.com%2Fme%3Fref%3D%2F102128379777508964956&ifkv=Af_xneGzLOf3QE0BAdY56p2k9njpE8Nwr7HKJTy0uZ0qk14EOAfOvf3KfIVz02i8EriRQvsD-dmlLA&osid=1&passive=1209600&flowName=WebLiteSignIn&flowEntry=ServiceLogin https://profiles.google.com/browser-not-supported/?ref=/102128379777508964956 https://accounts.google.com/generate_204?f5g_lA https://accounts.google.com/ServiceLogin?passive=1209600&osid=1&continue=https://currents.google.com/me?ref%3D/102128379777508964956&followup=https://currents.google.com/me?ref%3D/102128379777508964956 https://profiles.google.com/102128379777508964956 https://accounts.google.com/_/bscframe https://currents.google.com/me?ref=/102128379777508964956 https://ssl.gstatic.com/images/branding/googlelogo/2x/googlelogo_color_74x24dp.png	10	2	4.2			guest

17973	2023-05-09 06:50	http://www.google.com/profiles... faf06d1d50c4dcb652d72a25485883e8 Downloader Create Service DGA Socket DNS Hijack Network Code injection HTTP PWS[m] Sniff Audio Steal credential Http API P2P Internet API Escalate priviledges persistence FTP KeyLogger ScreenShot AntiDebug AntiVM MSOffice File VirusTotal Malware Code Injection RWX flags setting exploit crash unpack itself Windows utilities malicious URLs Tofsee Windows Exploit DNS crashed	11 Keyword trend analysis Info http://www.google.com/profiles/102128379777508964956 https://www.google.com/favicon.ico https://accounts.google.com/generate_204?32gd7A https://profiles.google.com/browser-not-supported/?ref=/102128379777508964956 https://accounts.google.com/v3/signin/identifier?dsh=S1560857253%3A1683582201539252&continue=https%3A%2F%2Fcurrents.google.com%2Fme%3Fref%3D%2F102128379777508964956&followup=https%3A%2F%2Fcurrents.google.com%2Fme%3Fref%3D%2F102128379777508964956&ifkv=Af_xneGT38AOWoAbiQxRbOgFVOaM4wGyqbs4y-uPcUtcGpmnCQimIrDB1P28LreIQtw91HIeUSc_YA&osid=1&passive=1209600&flowName=WebLiteSignIn&flowEntry=ServiceLogin https://accounts.google.com/ServiceLogin?passive=1209600&osid=1&continue=https://currents.google.com/me?ref%3D/102128379777508964956&followup=https://currents.google.com/me?ref%3D/102128379777508964956 https://profiles.google.com/102128379777508964956 https://accounts.google.com/_/bscframe https://currents.google.com/me?ref=/102128379777508964956 https://ssl.gstatic.com/images/branding/googlelogo/2x/googlelogo_color_74x24dp.png https://accounts.google.com/InteractiveLogin?continue=https://currents.google.com/me?ref%3D/102128379777508964956&followup=https://currents.google.com/me?ref%3D/102128379777508964956&osid=1&passive=1209600&ifkv=Af_xneGNJ7kcu9Uhhue22zywgr1cPQrPrDCyiNvLzH9nF8gI7xGL7lOe-nKKFo9iQQnL4198JYKM2Q	10	2	4.6			guest

17974	2023-05-09 04:33	chatverlauf jasmin.txt ca29b214d1a9a341e9d3c82b3f5f490b ScreenShot AntiDebug AntiVM Check memory unpack itself				1.0			guest

17975	2023-05-09 04:27	chatverlauf jasmin.txt ca29b214d1a9a341e9d3c82b3f5f490b ScreenShot AntiDebug AntiVM Check memory unpack itself				1.0			guest

17976	2023-05-09 04:09	http://www.google.com/profiles... 6e60b54e0ac99fe2b9faa077d9baf921 Downloader Create Service DGA Socket DNS Hijack Network Code injection HTTP PWS[m] Sniff Audio Steal credential Http API P2P Internet API Escalate priviledges persistence FTP KeyLogger ScreenShot AntiDebug AntiVM MSOffice File icon VirusTotal Malware Code Injection RWX flags setting exploit crash unpack itself Windows utilities malicious URLs Tofsee Windows Exploit DNS crashed	11 Keyword trend analysis Info http://www.google.com/profiles/102128379777508964956 https://www.google.com/favicon.ico https://profiles.google.com/browser-not-supported/?ref=/102128379777508964956 https://accounts.google.com/generate_204?ee2UkA https://accounts.google.com/InteractiveLogin?continue=https://currents.google.com/me?ref%3D/102128379777508964956&followup=https://currents.google.com/me?ref%3D/102128379777508964956&osid=1&passive=1209600&ifkv=Af_xneGVcbOk0Nhfyj2NKYaIAnzkb7gUppfu0TPAjyHkohCrsTfMkgCX32rJzI5KhDkoUDs2SWFT https://profiles.google.com/102128379777508964956 https://accounts.google.com/_/bscframe https://currents.google.com/me?ref=/102128379777508964956 https://accounts.google.com/v3/signin/identifier?dsh=S-637261996%3A1683572655179640&continue=https%3A%2F%2Fcurrents.google.com%2Fme%3Fref%3D%2F102128379777508964956&followup=https%3A%2F%2Fcurrents.google.com%2Fme%3Fref%3D%2F102128379777508964956&ifkv=Af_xneHjjeQYjRdZ-yaWeK6goPHI_WhTjsXXe3kJtqye_wo_vUwIl8j5T4X0Z5FxsutEpo5NIJHo&osid=1&passive=1209600&flowName=WebLiteSignIn&flowEntry=ServiceLogin https://ssl.gstatic.com/images/branding/googlelogo/2x/googlelogo_color_74x24dp.png https://accounts.google.com/ServiceLogin?passive=1209600&osid=1&continue=https://currents.google.com/me?ref%3D/102128379777508964956&followup=https://currents.google.com/me?ref%3D/102128379777508964956	10	2	4.6			guest

17977	2023-05-09 03:37	chat.db-shm 87152bb0f7d1d6bdaf6f98e1dc85e487 AntiDebug AntiVM Email Client Info Stealer suspicious privilege Checks debugger Creates shortcut unpack itself installed browsers check Browser Email ComputerName				3.4			guest

17978	2023-05-09 03:11	chatverlauf jasmin.txt ca29b214d1a9a341e9d3c82b3f5f490b ScreenShot AntiDebug AntiVM Check memory unpack itself				1.0			guest

17979	2023-05-09 03:06	chatverlauf jasmin.txt ca29b214d1a9a341e9d3c82b3f5f490b ScreenShot AntiDebug AntiVM Check memory unpack itself				1.0			guest

17980	2023-05-08 17:29	SCMB.exe e2631ced981a70bc47c46067b5d6ad89 PE64 PE File VirusTotal Cryptocurrency Miner Malware DNS CoinMiner		2	1	1.4		35	ZeroCERT

17981	2023-05-08 17:25	bebra.exe a93224e1873d5a5e442d0b552f0ae998 Generic Malware UPX Malicious Packer Malicious Library OS Processor Check PE64 PE File VirusTotal Malware crashed				1.4	M	49	ZeroCERT

17982	2023-05-08 17:22	%23%23%23%23%23%23%23%23%23%23... 0efad3b94fa6bb52c515f7979966f841 MS_RTF_Obfuscation_Objects RTF File doc Malware download VirusTotal Malware Malicious Traffic buffers extracted RWX flags setting exploit crash Exploit DNS crashed Downloader	1 Keyword trend analysis	1	3	5.0		32	ZeroCERT

17983	2023-05-08 17:20	%23%23%23%23%23%23%23%23%23%23... 7716369fd03f65e70b83a472f0c88258 MS_RTF_Obfuscation_Objects RTF File doc Malware download VirusTotal Malware Malicious Traffic buffers extracted RWX flags setting exploit crash Exploit DNS crashed Downloader	1 Keyword trend analysis	1	3	5.0		32	ZeroCERT

17984	2023-05-08 14:29	vbc.exe 2742755e3fef9f876e7b23f37b653ee6 Formbook .NET EXE PE32 PE File VirusTotal Malware PDB Check memory Checks debugger unpack itself				2.6		43	guest

17985	2023-05-08 14:28	vbc.exe 2742755e3fef9f876e7b23f37b653ee6 Formbook AntiDebug AntiVM .NET EXE PE32 PE File VirusTotal Malware PDB suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself				7.8		43	guest