Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Rule	Score	Zero	VT	Player
2671	2024-06-27 17:17	부가가치세 수정신고 안내(부가가치세사무처리규정).hwp... 6eee6fa92a270b1f32390eec50512eea Generic Malware Malicious Library Antivirus HWP PS PostScript AntiDebug AntiVM GIF Format Lnk Format PE File PE32 CAB JPEG Format MSOffice File Malware download VirusTotal Malware Campaign powershell suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger Creates shortcut Creates executable files unpack itself Windows utilities suspicious process WriteConsoleW Konni Windows ComputerName Cryptographic key	2 Keyword trend analysis	2	1	1	9.0		17	ZeroCERT

2672	2024-06-27 17:12	build2.exe 335a64e110185d35bcfbc3ef86a382e9 Client SW User Data Stealer LokiBot ftp Client info stealer Generic Malware Malicious Library UPX Http API PWS Code injection AntiDebug AntiVM PE File PE32 OS Processor Check FTP Client Info Stealer VirusTotal Malware Telegram MachineGuid Code Injection Malicious Traffic Check memory Checks debugger buffers extracted WMI unpack itself Windows utilities Collect installed applications suspicious process AppData folder malicious URLs sandbox evasion WriteConsoleW anti-virtualization installed browsers check Tofsee Windows Browser ComputerName DNS Software	2 Keyword trend analysis	5	3		15.8	M	59	ZeroCERT

2673	2024-06-27 13:25	Result_2024-0617.pdf.jse 20e2de2d794dfff774b71b6dd2294a96 Client SW User Data Stealer browser info stealer Generic Malware Suspicious_Script_Bin Hide_EXE Google Chrome User Data Downloader Antivirus Malicious Library Malicious Packer UPX Create Service Socket DGA Http API ScreenShot Escalate priviledges Steal cr Browser Info Stealer VirusTotal Malware United States powershell AutoRuns suspicious privilege Code Injection Check memory Checks debugger Creates shortcut exploit crash unpack itself Windows utilities suspicious process malicious URLs WriteConsoleW installed browsers check Windows Exploit Browser ComputerName Cryptographic key crashed	1 Keyword trend analysis	1	1		13.0		24	ZeroCERT

2674	2024-06-27 10:27	hv.exe 6a1db4f73db4ed058c8cd7e04dfa7cc3 Malicious Library Malicious Packer Admin Tool (Sysinternals etc ...) .NET framework(MSIL) UPX PWS AntiDebug AntiVM PE File .NET EXE PE32 DLL OS Processor Check VirusTotal Malware Buffer PE PDB Code Injection Malicious Traffic Check memory Checks debugger buffers extracted Creates executable files unpack itself Windows utilities Check virtual network interfaces AppData folder Tofsee Windows ComputerName DNS Cryptographic key crashed	1 Keyword trend analysis	3	1	1	12.6	M	54	ZeroCERT

2675	2024-06-27 10:24	ama.exe 04055601abbd16ec6cc9e02450c19381 Generic Malware Malicious Library Malicious Packer UPX PE File PE32 OS Processor Check VirusTotal Malware AutoRuns unpack itself AppData folder AntiVM_Disk VM Disk Size Check Windows					3.4	M	63	ZeroCERT

2676	2024-06-27 10:22	3.exe 84c6c6c2620a690c0cc77fc438396837 Malicious Library UPX PE File PE32 OS Processor Check VirusTotal Malware					1.2	M	26	ZeroCERT

2677	2024-06-27 10:20	O3B6wY7ZkFhh.exe 9b297a1485665aef1a926f7cd322c932 Generic Malware Malicious Library Malicious Packer UPX PE File PE64 DllRegisterServer dll OS Processor Check VirusTotal Malware crashed					1.4	M	27	ZeroCERT

2678	2024-06-27 10:18	cp.exe 97256cf11c9109c24fde65395fef1306 Generic Malware Malicious Library Malicious Packer UPX PE File PE32 OS Processor Check VirusTotal Malware AutoRuns unpack itself AppData folder AntiVM_Disk VM Disk Size Check Windows					3.4	M	59	ZeroCERT

2679	2024-06-27 10:16	payload.bin 48cc44c908f2b564daf679a93a7259b6 AntiDebug AntiVM ELF VirusTotal Email Client Info Stealer Malware suspicious privilege Checks debugger Creates shortcut unpack itself installed browsers check Browser Email ComputerName					4.4	M	39	ZeroCERT

2680	2024-06-27 10:16	a.p.l.n.doc 6e11c40fcc227fab4b32f8c3b275b57c MS_RTF_Obfuscation_Objects RTF File doc VirusTotal Malware Malicious Traffic buffers extracted RWX flags setting exploit crash Tofsee Exploit DNS crashed	2 Keyword trend analysis	3	3		5.0	M	38	ZeroCERT

2681	2024-06-27 10:14	ma.exe a3fb2b623f4490ae1979fea68cfe36d6 Downloader Malicious Library Malicious Packer UPX Create Service Socket DGA Http API ScreenShot Escalate priviledges Steal credential PWS Sniff Audio HTTP DNS Code injection Internet API FTP KeyLogger P2P AntiDebug AntiVM PE File PE64 VirusTotal Malware AutoRuns suspicious privilege MachineGuid Code Injection Check memory Checks debugger Creates executable files RWX flags setting unpack itself Windows utilities suspicious process malicious URLs WriteConsoleW Windows ComputerName Remote Code Execution crashed					9.4		61	ZeroCERT

2682	2024-06-27 10:12	Software.exe ae2b1b79c7579bb64b1640303f88c05f Themida Packer Malicious Library UPX AntiDebug AntiVM PE File .NET EXE PE32 DLL OS Processor Check VirusTotal Malware Buffer PE Code Injection Check memory Checks debugger buffers extracted Creates executable files unpack itself Checks Bios Detects VMWare AppData folder VMware anti-virtualization Windows Firmware Cryptographic key crashed					12.0		59	ZeroCERT

2683	2024-06-27 10:11	vi.exe baa9e1a92bab85279dca0aed641f1fa9 Malicious Library Antivirus UPX PE File PE32 OS Processor Check VirusTotal Malware Malicious Traffic Tofsee crashed	1 Keyword trend analysis	4	1		3.4	M	52	ZeroCERT

2684	2024-06-27 10:09	kn.n.n.n.nnnn.doC 2af6dfccbd42b4b421436d545211a3be MS_RTF_Obfuscation_Objects RTF File doc VirusTotal Malware buffers extracted exploit crash unpack itself Exploit DNS crashed		2			5.6		37	ZeroCERT

2685	2024-06-27 10:09	sc.exe e86471da9e0244d1d5e29b15fc9feb80 Generic Malware Malicious Library Downloader Antivirus UPX PE File PE64 OS Processor Check Browser Info Stealer VirusTotal Malware AutoRuns PDB Windows Browser					2.6	M	60	ZeroCERT