Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Score	Zero	VT	Player
2116	2025-02-12 13:29	random.exe d5b48bbcf3b20f5f691d863662e92797 Themida UPX PE File PE32 Checks debugger unpack itself Checks Bios Detects VMWare AntiVM_Disk VMware anti-virtualization VM Disk Size Check Windows crashed				5.0	M		ZeroCERT

2117	2025-02-12 13:29	seethebestthingsaroundmeroundm... 6a18fe27192f5107da8d40243b4e9aae MS_RTF_Obfuscation_Objects RTF File doc Vulnerability VirusTotal Malware Malicious Traffic buffers extracted RWX flags setting exploit crash Tofsee Exploit DNS crashed	3 Keyword trend analysis Info http://66.179.210.19/525/sithaa/seethebestthingsaroundmeroundme.hta https://1007.filemail.com/api/file/get?filekey=z1aATExlYNBVuAzGMlsSzgTu_JNutcs5mT-8qKpQqKIphReSqp2jwGds1fw&skipreg=true&pk_vid=342803d1cc4e3b801739205123b5fe9d http://66.179.210.19/525/seethebestthingsaroundme.gIF	3	5 Info SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) ET POLICY Possible HTA Application Download ET INFO Dotted Quad Host HTA Request ET EXPLOIT SUSPICIOUS Possible CVE-2017-0199 IE7/NoCookie/Referer HTA dl ET EXPLOIT MSXMLHTTP Download of HTA (Observed in CVE-2017-0199)	5.0	M	37	ZeroCERT

2118	2025-02-12 13:26	random.exe 3e5d10d82a66f7ac0160f6257f017763 Themida UPX PE File PE32 VirusTotal Malware Checks debugger unpack itself Checks Bios Detects VMWare AntiVM_Disk VMware anti-virtualization VM Disk Size Check Windows crashed				6.2	M	43	ZeroCERT

2119	2025-02-12 13:25	tuSDAYYXLAconstraints.vbs e58bd0d3ae7c79cc75dbc3ef3c3e2e12 VirusTotal Malware crashed				0.8	M	12	ZeroCERT

2120	2025-02-12 13:23	L5shRfh.exe 4b42f7281d23b4eb76b55fb6f1012ce3 task schedule WebCam Malicious Library Socket Escalate priviledges PWS Sniff Audio DNS Code injection KeyLogger AntiDebug AntiVM PE File .NET EXE PE32 VirusTotal Malware Code Injection Check memory Checks debugger buffers extracted unpack itself malicious URLs crashed				8.4	M	47	ZeroCERT

2121	2025-02-12 13:23	random.exe 911e84caf2003fa338e75c94c0a13fa4 Malicious Library ScreenShot AntiDebug AntiVM PE File .NET EXE PE32 VirusTotal Malware Code Injection Check memory Checks debugger buffers extracted unpack itself crashed				7.4	M	59	ZeroCERT

2122	2025-02-12 13:23	random.exe 580d01da779f9d2c14ffa548ea4da16e Themida ILProtector Packer UPX Malicious Library Antivirus DGA Http API ScreenShot HTTP Code injection Internet API KeyLogger Anti_VM AntiDebug AntiVM PE File PE32 .NET EXE GIF Format Lnk Format DLL .NET DLL VirusTotal Malware suspicious privilege Code Injection Malicious Traffic Checks debugger buffers extracted Creates shortcut Creates executable files RWX flags setting unpack itself Checks Bios Detects VMWare AppData folder malicious URLs AntiVM_Disk VMware anti-virtualization VM Disk Size Check Windows DNS crashed	5 Keyword trend analysis	1	3	15.4	M	31	ZeroCERT

2123	2025-02-12 13:22	winlog32.exe 741b73ac32f93409f2eff52fc470acd7 njRAT PE File .NET EXE PE32 GIF Format Lnk Format VirusTotal Malware AutoRuns suspicious privilege Check memory Checks debugger Creates shortcut Creates executable files unpack itself Windows ComputerName DNS		3	1	6.0		56	ZeroCERT

2124	2025-02-12 13:21	random.exe ee72c55264dcaa01e77b2b641941a077 Malicious Library ScreenShot AntiDebug AntiVM PE File .NET EXE PE32 VirusTotal Malware Code Injection Check memory Checks debugger buffers extracted unpack itself crashed				7.4	M	51	ZeroCERT

2125	2025-02-12 13:21	eft.exe 125d8ea6ffb451ccea9aee51d96201f5 njRAT backdoor Generic Malware Malicious Library Antivirus UPX PE File MSOffice File CAB PE32 OS Processor Check OS Name Check DLL VirusTotal Malware PDB suspicious privilege Check memory Checks debugger buffers extracted Creates executable files unpack itself AppData folder AntiVM_Disk VM Disk Size Check human activity check Windows ComputerName RCE Cryptographic key		2		5.8		23	ZeroCERT

2126	2025-02-11 16:10	Rechnung 7710129-2025.pdf dba3a434a1c4836ac64b1eb120d396e8 PDF							guest

2127	2025-02-11 13:30	13Z5sqy.exe db3632ef37d9e27dfa2fd76f320540ca Generic Malware Malicious Library Malicious Packer UPX DGA Http API ScreenShot HTTP Code injection Internet API KeyLogger AntiDebug AntiVM PE File DllRegisterServer dll PE32 OS Processor Check VirusTotal Malware Code Injection buffers extracted malicious URLs				6.0		55	ZeroCERT

2128	2025-02-11 11:15	jonbDes.exe f071beebff0bcff843395dc61a8d53c8 Lumma Stealer PE File PE32 VirusTotal Malware				1.2		57	r0d

2129	2025-02-11 11:04	8KuV.ps1 4be598c4d6b0450f143a5b119dd4862b Generic Malware Antivirus VirusTotal Malware unpack itself WriteConsoleW Windows Cryptographic key				1.2		2	ZeroCERT

2130	2025-02-11 11:03	UN8QxIq.exe 04c35b787b10661350e076a7d9ffa1bc Generic Malware Malicious Library UPX Antivirus PE File PE64 OS Processor Check PowerShell VirusTotal Malware powershell PDB suspicious privilege MachineGuid Check memory Checks debugger Creates shortcut unpack itself powershell.exe wrote suspicious process Tofsee Windows ComputerName Cryptographic key		2	2	4.8	M	9	ZeroCERT