Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Rule	Score	Zero	VT	Player
2641	2024-06-29 15:20	main.exe 338cee4d2b3e4d1a0ce18dd982eefbcd Malicious Library Malicious Packer Antivirus .NET framework(MSIL) UPX PE File .NET EXE PE32 OS Processor Check VirusTotal Malware Check memory Checks debugger unpack itself					2.0	M	56	ZeroCERT

2642	2024-06-29 15:18	qNVQKFyM.exe 78a7612603af19fb92d614af1e769f2a UPX PE File PE64 OS Processor Check VirusTotal Malware crashed					1.6	M	27	ZeroCERT

2643	2024-06-29 15:17	ffucore.dll fc5857b45516cd1decae5dbd68d59924 Generic Malware Malicious Library Malicious Packer UPX PE File DLL PE32 OS Processor Check VirusTotal Malware PDB Checks debugger unpack itself crashed					3.0	M	44	ZeroCERT

2644	2024-06-29 15:16	se.e.e.e.eee.doc 6c502f63642761f32b454d1eedee5ee3 MS_RTF_Obfuscation_Objects RTF File doc Malware download VirusTotal Malware Malicious Traffic buffers extracted exploit crash unpack itself Tofsee Exploit DNS DDNS crashed	3 Keyword trend analysis	5	6 Info ET DROP Spamhaus DROP Listed Traffic Inbound group 3 ET INFO DYNAMIC_DNS Query to a .duckdns .org Domain ET INFO DYNAMIC_DNS Query to .duckdns. Domain ET MALWARE Malicious Base64 Encoded Payload In Image SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) ET INFO DYNAMIC_DNS HTTP Request to a *.duckdns .org Domain	1	5.4	M	36	ZeroCERT

2645	2024-06-29 15:15	Client.exe 76e8d35fe35dce2fb65d0e2fb1be067c Malicious Library Malicious Packer Antivirus .NET framework(MSIL) UPX PE File .NET EXE PE32 OS Processor Check VirusTotal Malware Check memory Checks debugger unpack itself					2.0		51	ZeroCERT

2646	2024-06-29 15:14	Apep_7.3.5.26365.exe 7034f0621dd09fcaced30a72a608d48d EnigmaProtector PE File .NET EXE PE32 VirusTotal Malware Checks debugger unpack itself Detects VMWare sandbox evasion VMware Windows ComputerName Firmware crashed					6.0	M	50	ZeroCERT

2647	2024-06-29 15:13	Photo.scr fd7013ee044ed4547f701d01a982b582 Generic Malware Malicious Library UPX PE File OS Processor Check VirusTotal Malware					0.4		2	ZeroCERT

2648	2024-06-29 15:12	pclient.exe ef95411945330db1907508d38bc373ac Generic Malware Malicious Library UPX PE File PE64 OS Processor Check VirusTotal Malware crashed					1.0		9	ZeroCERT

2649	2024-06-29 15:12	Photo.scr 03364eb9ea6170328d51511d7639ba26 Malicious Library VMProtect PE File PE32 VirusTotal Malware					1.6	M	60	ZeroCERT

2650	2024-06-29 15:11	Photo.scr e9888d464b8bf86b05e22e8beb04d96e Malicious Library VMProtect PE File PE32 VirusTotal Malware					1.6	M	62	ZeroCERT

2651	2024-06-29 15:11	Photo.scr 2a4155ca43741401f44cff063859affb Generic Malware Malicious Library UPX PE File OS Processor Check VirusTotal Malware					0.4		2	ZeroCERT

2652	2024-06-29 01:17	concord a968f4fdf6d959c08ff7098ae4a0a695 Generic Malware Malicious Library Malicious Packer Antivirus UPX PE File PE64 OS Processor Check VirusTotal Malware PDB crashed					1.8		50	guest

2653	2024-06-28 18:38	1. 알티피_엔지니어링본부 사업개발회의 자료.hwp.l... 87dc4c8f67cffc8a9699328face923e2 Generic Malware Antivirus AntiDebug AntiVM HWP MSOffice File Lnk Format GIF Format VirusTotal Malware powershell AutoRuns suspicious privilege Code Injection Check memory Checks debugger Creates shortcut unpack itself Windows utilities powershell.exe wrote suspicious process WriteConsoleW Windows ComputerName Cryptographic key	2 Keyword trend analysis				6.0		23	ZeroCERT

2654	2024-06-28 18:34	pconsnap.dll 8fb5e72a31680189d9a529b49962a0b1 Generic Malware Malicious Library UPX PE File DLL PE64 OS Processor Check VirusTotal Malware					0.8		17	ZeroCERT

2655	2024-06-28 18:30	pconsnap.dll 8fb5e72a31680189d9a529b49962a0b1 Generic Malware Malicious Library UPX PE File DLL PE64 OS Processor Check VirusTotal Malware					0.8		17	ZeroCERT