Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Rule	Score	Zero	VT	Player
1816	2024-07-30 09:44	22per.php.vbs 6c61c7dcca01a5e17a8bc707e1819fd8 Generic Malware Antivirus OS Processor Check Check memory unpack itself WriteConsoleW Windows Cryptographic key					1.0			ZeroCERT

1817	2024-07-30 09:36	event.php 61c5a8e414a47b8cc2c69e1ac4370a35 Generic Malware Malicious Library Malicious Packer UPX PE File PE64 OS Processor Check VirusTotal Malware AutoRuns Checks debugger Windows utilities suspicious process WriteConsoleW Windows ComputerName					3.6		50	ZeroCERT

1818	2024-07-30 09:27	heistheheroofnewthingstogetmeb... f7c34c11bb5d9cdcece78edae0beff42 MS_RTF_Obfuscation_Objects RTF File doc Malware download VirusTotal Malware Malicious Traffic RWX flags setting exploit crash Exploit DNS crashed	2 Keyword trend analysis	2	2	1	4.8	M	40	ZeroCERT

1819	2024-07-30 09:26	btpooxygenthingsrgreattonderst... 432a2f5af4e1bf29730f042f0d39178f MS_RTF_Obfuscation_Objects RTF File doc Malware download VirusTotal Malware Malicious Traffic exploit crash unpack itself Exploit DNS crashed	2 Keyword trend analysis	2	2	1	4.6	M	38	ZeroCERT

1820	2024-07-30 07:54	svchac.exe 60911c2b06b79fb3827c5ee11abc3eca Gen1 Generic Malware Malicious Library ASPack UPX Anti_VM PE File PE64 OS Processor Check DLL ZIP Format Check memory Creates executable files					1.0	M		ZeroCERT

1821	2024-07-30 07:54	zbi.exe 0534ab10184891cd61d262bfd79b7b4c Generic Malware Malicious Library Malicious Packer UPX PE File PE64 OS Processor Check PDB					0.2			ZeroCERT

1822	2024-07-30 07:54	uIZtAux.exe 8d14c4ba7260c61ecde30d97fd3c124a RedLine stealer RedlineStealer Malicious Library .NET framework(MSIL) UPX PE File .NET EXE PE32 OS Processor Check Browser Info Stealer RedLine Malware download FTP Client Info Stealer Malware Microsoft suspicious privilege Check memory Checks debugger buffers extracted unpack itself Collect installed applications installed browsers check Stealer Windows Browser ComputerName DNS Cryptographic key Software crashed		1	6 Info ET DROP Spamhaus DROP Listed Traffic Inbound group 30 ET INFO Microsoft net.tcp Connection Initialization Activity ET MALWARE Redline Stealer TCP CnC Activity ET MALWARE [ANY.RUN] RedLine Stealer/MetaStealer Family Related (MC-NMF Authorization) ET MALWARE Redline Stealer TCP CnC - Id1Response ET MALWARE Redline Stealer/MetaStealer Family Activity (Response)		5.0	M		ZeroCERT

1823	2024-07-30 07:49	build.exe 94ecbd522a17fe53a48486a00f748e64 Lumma Stealer UPX PE File PE32								ZeroCERT

1824	2024-07-30 07:47	PPGcgnyW.exe 670d1014ec5713d005f8ddfefc495a9e AsyncRAT task schedule Downloader Malicious Packer .NET framework(MSIL) UPX Create Service Socket DGA Http API ScreenShot Escalate priviledges Steal credential PWS Sniff Audio HTTP DNS Code injection Internet API FTP KeyLogger P2P AntiDebug AntiVM PE File AutoRuns Code Injection Windows utilities suspicious process AppData folder WriteConsoleW Windows ComputerName					4.0			ZeroCERT

1825	2024-07-30 07:47	svchost.exe 6ddd28445b8fc2485cb72f22d1adc936 Malicious Packer PE File PE32 MZP Format unpack itself Windows utilities suspicious process WriteConsoleW Windows ComputerName					3.0			ZeroCERT

1826	2024-07-29 23:52	main.exe 2d2f169d73a4d73bc16fe22e43d0bd8c Generic Malware Malicious Library UPX PE File PE32 MZP Format OS Processor Check Check memory Checks debugger buffers extracted RWX flags setting unpack itself suspicious process WriteConsoleW Windows Cryptographic key					3.4			guest

1827	2024-07-29 18:18	loveyou.exe 55e6cc81525f58cf81496b1f13f555b3 Malicious Library PE File PE64 Malware download Cobalt Strike Cobalt VirusTotal Malware RWX flags setting unpack itself ComputerName DNS	2 Keyword trend analysis	1	2		3.8		61	ZeroCERT

1828	2024-07-29 17:16	runner.exe d095b91d348e777c95b845c77246022f Generic Malware Malicious Library Malicious Packer UPX PE File PE64 VirusTotal Malware Remote Code Execution crashed					2.0		41	ZeroCERT

1829	2024-07-29 17:16	payload.docm 840a3a122c7e418626500dd39ae492dc VBA_macro Doc XML Downloader Word 2007 file format(docx) ZIP Format VirusTotal Malware exploit crash unpack itself Exploit crashed	2 Keyword trend analysis				2.8		19	ZeroCERT

1830	2024-07-29 17:15	hvnc.ps1 4bee61710cce2761e3a01e0d7cb7da34 Generic Malware Antivirus powershell suspicious privilege Check memory Checks debugger Creates shortcut unpack itself Check virtual network interfaces suspicious process Windows ComputerName Cryptographic key	1 Keyword trend analysis	2			7.2			ZeroCERT