Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Score	Zero	VT	Player
2101	2025-02-18 17:37	utorrent_installer.exe 66e88723258eb66e6831fa451494efe3 NSIS Malicious Library UPX PE File PE32 DLL ZIP Format VirusTotal Malware suspicious privilege Malicious Traffic Check memory buffers extracted Creates executable files unpack itself Check virtual network interfaces AppData folder AntiVM_Disk sandbox evasion VM Disk Size Check Interception Windows Cryptographic key	7 Keyword trend analysis Info http://i-6000.b-47194.ut.bench.utorrent.com/e?i=6000 http://update.utorrent.com/installstats.php?cl=uTorrent&v=113293402&h=4pR3xYqNmDodIgSS&w=1DB10106&bu=0&pr=0&cmp=0&ocmp=0&showtbexists&pid=2116&cau=0&lunv=0&tbe=0&view=win32 http://utorrent.com/download/langpacks/dl.php?build=47194&ref=client&client=utorrent&sys_l=ko&sel_l=28523&tk=release http://update.utorrent.com/installstats.php?cl=uTorrent&v=113293402&h=4pR3xYqNmDodIgSS&w=1DB10106&bu=0&pr=0&cmp=0&ocmp=0&showwarning&pid=2116&cau=0&lunv=0&view=win32 http://update.utorrent.com/installoffer.php?h=4pR3xYqNmDodIgSS&v=113293402&w=1DB10106&l=ko&c=KR&w64=1&db=ie&cl=uTorrent&tsub=1&svp=4 http://i-21.b-47194.ut.bench.utorrent.com/e?i=21 http://legacy.utorrent.com/scripts/dl.php?build=47194&ref=client&client=utorrent&sys_l=ko&sel_l=28523&tk=release	12 Info utorrent.com(34.201.157.226) router.utorrent.com(82.221.103.244) update.utorrent.com(82.221.103.246) legacy.utorrent.com(67.215.246.34) i-6000.b-47194.ut.bench.utorrent.com(3.211.110.147) router.bittorrent.com(67.215.246.10) i-21.b-47194.ut.bench.utorrent.com(34.232.215.82) 82.221.103.246 44.217.60.159 34.201.157.226 34.232.215.82 67.215.246.34	3	9.0		7	guest

2102	2025-02-18 17:37	utorrent_installer.exe 66e88723258eb66e6831fa451494efe3 NSIS Malicious Library UPX PE File PE32 DLL ZIP Format Malware suspicious privilege Malicious Traffic Check memory buffers extracted Creates executable files unpack itself Check virtual network interfaces AppData folder AntiVM_Disk sandbox evasion VM Disk Size Check Interception Windows Cryptographic key	7 Keyword trend analysis Info http://update.utorrent.com/installoffer.php?h=NCCsadz1MhCI1sDI&v=113293402&w=1DB10106&l=ko&c=KR&w64=1&db=ie&cl=uTorrent&tsub=1&svp=4 http://legacy.utorrent.com/scripts/dl.php?build=47194&ref=client&client=utorrent&sys_l=ko&sel_l=28523&tk=release http://utorrent.com/download/langpacks/dl.php?build=47194&ref=client&client=utorrent&sys_l=ko&sel_l=28523&tk=release http://update.utorrent.com/installstats.php?cl=uTorrent&v=113293402&h=NCCsadz1MhCI1sDI&w=1DB10106&bu=0&pr=0&cmp=0&ocmp=0&showwarning&pid=2104&cau=0&lunv=0&view=win32 http://i-6000.b-47194.ut.bench.utorrent.com/e?i=6000 http://i-21.b-47194.ut.bench.utorrent.com/e?i=21 http://update.utorrent.com/installstats.php?cl=uTorrent&v=113293402&h=NCCsadz1MhCI1sDI&w=1DB10106&bu=0&pr=0&cmp=0&ocmp=0&showtbexists&pid=2104&cau=0&lunv=0&tbe=0&view=win32	11 Info utorrent.com(34.201.157.226) router.utorrent.com(82.221.103.244) update.utorrent.com(82.221.103.245) legacy.utorrent.com(67.215.246.34) i-6000.b-47194.ut.bench.utorrent.com(44.217.60.159) router.bittorrent.com(67.215.246.10) i-21.b-47194.ut.bench.utorrent.com(44.217.60.159) 82.221.103.245 3.211.110.147 34.201.157.226 67.215.246.34	3	9.2			guest

2103	2025-02-18 17:35	5689_4833.exe 230ba53f680cb571ac552e432bcbadec Generic Malware Malicious Library Malicious Packer Downloader UPX PE File PE32 OS Processor Check Buffer PE AutoRuns PDB suspicious privilege Code Injection Check memory Checks debugger buffers extracted Creates executable files unpack itself Windows utilities Windows ComputerName Cryptographic key crashed		1		7.4	M		ZeroCERT

2104	2025-02-18 17:35	9358_8410.exe d1929c259e2f7bf7fe7d028c64ebe5dc Gen1 Malicious Library Malicious Packer UPX PE File PE32 OS Processor Check VirusTotal Malware Buffer PE AutoRuns suspicious privilege Code Injection Check memory Checks debugger buffers extracted Creates executable files unpack itself Windows utilities Windows ComputerName Cryptographic key crashed		1		8.4	M	53	ZeroCERT

2105	2025-02-18 17:35	setup315.msi 45a56a51bffca8d36b068af78dbc6aa6 Generic Malware Malicious Library MSOffice File CAB OS Processor Check VirusTotal Malware suspicious privilege Check memory Checks debugger unpack itself AntiVM_Disk VM Disk Size Check ComputerName	1 Keyword trend analysis	11		3.8	M	30	guest

2106	2025-02-18 17:35	update.exe 2b3324576857269e5bd626110108ee53 Emotet Gen1 Malicious Library UPX Admin Tool (Sysinternals etc ...) .NET framework(MSIL) PE File PE64 CAB DLL PE32 .NET DLL .NET EXE icon AutoRuns PDB Creates executable files unpack itself AppData folder Windows RCE crashed				3.4	M		guest

2107	2025-02-18 17:35	file.rar 0ab5f8eb5996bd78d7b064799ea10106 Escalate priviledges PWS KeyLogger AntiDebug AntiVM suspicious privilege Check memory Checks debugger				1.2			guest

2108	2025-02-18 17:35	csharploader.exe e07d34cf623daeb25f53efd18b53c165 .NET framework(MSIL) Malicious Packer PE File .NET EXE PE32 PDB Check memory Checks debugger unpack itself				1.4			guest

2109	2025-02-18 17:35	download.dat c566012264a41b1782730ff78ad6380c AntiDebug AntiVM Email Client Info Stealer suspicious privilege Checks debugger Creates shortcut unpack itself installed browsers check Browser Email ComputerName				3.4			guest

2110	2025-02-12 13:29	random.exe d5b48bbcf3b20f5f691d863662e92797 Themida UPX PE File PE32 Checks debugger unpack itself Checks Bios Detects VMWare AntiVM_Disk VMware anti-virtualization VM Disk Size Check Windows crashed				5.0	M		ZeroCERT

2111	2025-02-12 13:29	seethebestthingsaroundmeroundm... 6a18fe27192f5107da8d40243b4e9aae MS_RTF_Obfuscation_Objects RTF File doc Vulnerability VirusTotal Malware Malicious Traffic buffers extracted RWX flags setting exploit crash Tofsee Exploit DNS crashed	3 Keyword trend analysis Info http://66.179.210.19/525/sithaa/seethebestthingsaroundmeroundme.hta https://1007.filemail.com/api/file/get?filekey=z1aATExlYNBVuAzGMlsSzgTu_JNutcs5mT-8qKpQqKIphReSqp2jwGds1fw&skipreg=true&pk_vid=342803d1cc4e3b801739205123b5fe9d http://66.179.210.19/525/seethebestthingsaroundme.gIF	3	5 Info SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) ET POLICY Possible HTA Application Download ET INFO Dotted Quad Host HTA Request ET EXPLOIT SUSPICIOUS Possible CVE-2017-0199 IE7/NoCookie/Referer HTA dl ET EXPLOIT MSXMLHTTP Download of HTA (Observed in CVE-2017-0199)	5.0	M	37	ZeroCERT

2112	2025-02-12 13:26	random.exe 3e5d10d82a66f7ac0160f6257f017763 Themida UPX PE File PE32 VirusTotal Malware Checks debugger unpack itself Checks Bios Detects VMWare AntiVM_Disk VMware anti-virtualization VM Disk Size Check Windows crashed				6.2	M	43	ZeroCERT

2113	2025-02-12 13:25	tuSDAYYXLAconstraints.vbs e58bd0d3ae7c79cc75dbc3ef3c3e2e12 VirusTotal Malware crashed				0.8	M	12	ZeroCERT

2114	2025-02-12 13:23	L5shRfh.exe 4b42f7281d23b4eb76b55fb6f1012ce3 task schedule WebCam Malicious Library Socket Escalate priviledges PWS Sniff Audio DNS Code injection KeyLogger AntiDebug AntiVM PE File .NET EXE PE32 VirusTotal Malware Code Injection Check memory Checks debugger buffers extracted unpack itself malicious URLs crashed				8.4	M	47	ZeroCERT

2115	2025-02-12 13:23	random.exe 911e84caf2003fa338e75c94c0a13fa4 Malicious Library ScreenShot AntiDebug AntiVM PE File .NET EXE PE32 VirusTotal Malware Code Injection Check memory Checks debugger buffers extracted unpack itself crashed				7.4	M	59	ZeroCERT