2686 |
2024-06-27 10:07
|
w624.vbs c2ab43cad589673051ce723bc3b37392 VirusTotal Malware VBScript AutoRuns WMI wscript.exe payload download unpack itself AntiVM_Disk IP Check VM Disk Size Check Windows ComputerName DNS DDNS Dropper |
2
http://ip-api.com/json/
http://chongmei33.publicvm.com:7044/is-ready
|
4
chongmei33.publicvm.com(188.126.90.18) - mailcious
ip-api.com(208.95.112.1) 188.126.90.18
208.95.112.1
|
2
ET POLICY Observed DNS Query to DynDNS Domain (publicvm .com) ET POLICY External IP Lookup ip-api.com
|
|
10.0 |
|
27 |
ZeroCERT
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
2687 |
2024-06-27 10:05
|
ae.e.e.e.eee.doc 681f318b1d7a8a9505e6b3ec626a8988 MS_RTF_Obfuscation_Objects RTF File doc Malware download VirusTotal Malware powershell Malicious Traffic buffers extracted exploit crash unpack itself Exploit Java DNS crashed |
3
http://ia803402.us.archive.org/17/items/new_image_20240625_2128/new_image.jpg
http://93.123.12.248/xampp/Adrp/flowersloverainingbeautifulday.gif
http://66.70.160.254/Users_API/syscore/file_0tq1mssf.to2.txt
|
4
ia803402.us.archive.org(207.241.232.192) - mailcious 93.123.12.248 - mailcious
66.70.160.254 - mailcious
207.241.232.192 - mailcious
|
4
ET MALWARE Malicious Base64 Encoded Payload In Image ET MALWARE Base64 Encoded MZ In Image ET WEB_CLIENT Obfuscated Javascript // ptth ET MALWARE Powershell commands sent B64 2
|
|
5.0 |
M |
35 |
ZeroCERT
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
2688 |
2024-06-27 10:05
|
b.j.c.c.cc.doc 809e5331e9ead88825e560d3077cb6da MS_RTF_Obfuscation_Objects RTF File doc VirusTotal Malware Malicious Traffic buffers extracted RWX flags setting exploit crash Tofsee Exploit DNS crashed |
2
http://91.92.244.199/xampp/bpln/catwalkbeautyalwayshavegreat.gif https://paste.ee/d/5mZQI
|
5
paste.ee(172.67.187.200) - mailcious ia803405.us.archive.org(207.241.232.195) - mailcious 172.67.187.200 - mailcious 91.92.244.199 - mailcious 207.241.232.195 - mailcious
|
3
ET DROP Spamhaus DROP Listed Traffic Inbound group 13 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) ET POLICY Pastebin-style Service (paste .ee) in TLS SNI
|
|
5.0 |
M |
32 |
ZeroCERT
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
2689 |
2024-06-27 04:33
|
https://t.co/J5c3B3lHDS a447b2274aa6e2ebdb080e3def9263db Downloader Create Service Socket DGA Http API ScreenShot Escalate priviledges Steal credential PWS Hijack Network Sniff Audio HTTP DNS Code injection Internet API persistence FTP KeyLogger P2P AntiDebug AntiVM PNG Format MSOffice File JPEG Format Code Injection RWX flags setting exploit crash unpack itself Windows utilities malicious URLs Tofsee Windows Exploit DNS crashed |
|
2
t.co(117.18.232.195) - phishing 117.18.232.195 - phishing
|
2
SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) ET INFO TLS Handshake Failure
|
|
4.2 |
|
|
guest
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
2690 |
2024-06-27 01:29
|
%c4%90%e1%bb%81%20C%c6%b0%c6%a... 826864ae301ac28e4a146cfd90ec473e VBA_macro ZIP Format Word 2007 file format(docx) VirusTotal Malware Malicious Traffic unpack itself DNS |
1
http://45.77.9.151/443.dll - rule_id: 940
|
1
|
1
ET INFO Dotted Quad Host DLL Request
|
1
http://45.77.9.151/443.dll
|
5.6 |
M |
32 |
guest
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
2691 |
2024-06-26 19:19
|
expressvpn_windows_12.82.0.89_... 295d21696b6f6a24ef966b9e2018d5d4 North Korea Generic Malware Malicious Library UPX Malicious Packer Admin Tool (Sysinternals etc ...) .NET framework(MSIL) Antivirus Anti_VM PE File PE32 CAB OS Processor Check DLL .NET DLL PNG Format PE64 .NET EXE VirusTotal Malware PDB Check memory Creates executable files Ransomware crashed |
|
|
|
|
3.2 |
|
1 |
guest
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
2692 |
2024-06-26 10:58
|
IMG001.exe d59e32eefe00e9bf9e0f5dafe68903fb NSIS Malicious Library UPX VMProtect PE File PE32 PE64 DLL ftp GIF Format Lnk Format ZIP Format VirusTotal Malware AutoRuns suspicious privilege Check memory Checks debugger WMI Creates shortcut Creates executable files ICMP traffic unpack itself Windows utilities suspicious process AppData folder suspicious TLD WriteConsoleW Windows ComputerName DNS |
|
703
stafftest.ru() - mailcious 79.53.216.7 58.133.18.4 196.97.217.3 36.253.163.5 216.172.247.2 52.192.39.0 9.44.144.0 73.55.58.4 223.200.60.6 194.140.101.4 102.45.108.7 116.79.123.3 2.164.27.1 125.99.183.1 151.17.47.2 55.172.89.4 77.165.118.6 78.145.131.5 54.6.184.4 13.185.59.6 101.98.205.0 31.202.191.4 150.34.234.3 195.68.142.4 152.37.21.6 106.70.168.2 16.243.68.6 81.185.246.2 108.13.45.0 137.6.100.6 150.47.158.1 68.61.74.0 215.172.174.7 112.214.247.4 210.148.110.4 140.77.99.3 91.54.98.2 66.8.244.6 102.49.154.7 40.120.249.3 210.38.160.5 40.130.40.5 171.244.51.7 145.157.209.2 36.79.163.5 223.15.187.7 211.203.15.0 158.85.177.2 181.202.215.5 189.232.197.4 210.128.101.4 180.69.46.7 173.93.240.4 150.169.42.2 210.25.42.3 103.244.146.1 181.76.181.1 90.145.78.4 49.133.25.5 137.148.121.1 215.28.41.5 41.111.40.2 204.10.111.1 126.96.238.5 185.21.112.5 37.218.113.7 163.206.85.3 73.253.76.6 216.99.70.3 51.211.125.2 197.202.247.5 57.127.153.4 3.27.20.0 111.223.14.2 74.52.61.5 40.192.53.0 104.182.225.7 116.203.17.7 47.72.208.0 120.27.154.1 135.208.216.0 71.153.118.1 9.80.230.6 152.227.8.3 100.187.100.2 216.211.81.2 145.221.150.2 132.39.69.7 169.167.211.1 89.113.95.4 84.130.161.4 156.81.158.7 156.31.244.6 15.173.45.7 219.91.167.3 124.50.35.5 145.120.34.1 85.126.26.3 69.191.103.7 182.188.85.7 48.87.231.5 64.224.251.0 15.177.51.6 108.40.84.3 18.46.212.4 81.140.110.0 170.176.225.1 75.203.25.3 50.166.90.5 184.172.153.7 21.214.246.7 200.187.112.5 170.196.40.1 88.21.61.2 135.191.15.4 100.158.111.7 221.241.66.4 117.31.48.6 11.70.253.6 22.194.27.1 150.87.156.5 63.178.129.3 204.104.82.6 215.55.30.3 110.167.84.6 83.252.113.0 217.212.59.6 171.173.55.4 73.67.251.7 34.170.22.4 66.243.13.3 79.223.168.2 174.33.85.2 9.213.219.4 104.127.135.1 185.15.108.3 99.106.69.6 24.10.226.2 41.254.97.1 59.31.179.1 89.119.94.3 205.148.208.7 188.181.91.4 200.144.167.0 85.250.69.2 219.253.131.3 186.22.155.5 126.231.111.1 166.37.126.3 29.8.10.5 157.215.206.5 70.89.190.5 3.165.47.3 184.130.205.6 80.21.83.6 44.163.71.0 178.112.45.2 53.21.121.7 173.144.51.1 109.255.202.7 74.175.245.3 167.147.129.6 162.103.195.7 22.128.65.5 67.203.26.6 145.71.93.6 43.7.126.1 52.9.11.6 190.89.23.5 17.139.210.4 20.58.129.7 40.124.85.0 146.247.42.3 46.120.176.7 150.174.221.2 78.173.108.2 15.79.232.1 194.238.53.4 140.249.136.7 26.209.94.6 14.56.20.4 203.206.127.3 167.226.44.3 8.117.77.6 46.95.68.6 76.154.104.4 158.219.127.0 198.137.71.2 21.242.14.2 80.183.13.7 215.120.179.7 202.114.1.5 54.44.64.5 12.209.32.2 194.109.201.6 51.162.38.4 205.248.152.7 162.151.65.1 220.134.66.2 145.106.68.0 43.54.104.5 121.226.5.0 65.98.77.1 40.152.54.0 199.133.163.4 61.116.102.2 51.161.32.3 217.160.225.4 26.249.238.4 192.40.90.1 88.42.175.6 97.188.3.7 4.191.68.7 189.168.240.3 113.14.170.5 207.84.206.5 44.202.71.4 7.115.242.5 132.216.37.0 9.96.12.0 14.94.55.3 94.237.243.4 180.112.249.6 113.113.218.3 129.143.220.5 138.18.138.2 107.8.69.1 86.154.30.4 175.247.84.5 167.102.223.3 180.31.112.7 118.228.153.1 39.77.224.2 215.172.65.2 175.87.163.1 48.25.10.7 212.241.155.5 5.23.144.7 25.225.35.1 177.232.150.6 65.44.92.7 52.186.162.2 68.125.68.2 177.119.12.1 167.177.24.2 114.213.150.1 215.53.151.2 171.51.48.0 206.68.42.5 139.127.193.1 28.86.16.1 77.249.89.1 111.219.91.1 94.138.45.5 213.132.185.4 137.19.153.7 81.64.137.7 216.192.82.0 159.131.6.5 88.192.237.7 88.67.109.4 33.66.3.1 177.163.61.2 112.52.114.2 216.139.23.3 48.142.186.7 146.164.3.6 14.139.238.3 174.11.152.3 14.59.153.2 131.30.153.2 58.118.167.5 145.105.72.6 169.213.178.2 137.27.69.0 143.151.202.1 201.229.174.1 204.253.19.5 104.228.42.4 146.41.228.1 180.213.185.1 95.75.107.2 162.157.48.0 16.50.247.5 214.176.33.3 57.240.19.4 16.47.221.2 65.156.214.3 59.33.136.7 57.211.178.7 75.82.156.6 69.56.4.6 193.124.5.0 119.120.5.1 63.20.1.2 204.142.151.6 62.232.77.0 144.118.84.0 113.219.23.2 207.144.147.7 97.240.86.6 9.113.123.4 181.225.220.5 36.67.217.6 137.70.134.5 96.27.133.0 174.219.175.3 194.218.5.5 114.131.124.0 152.209.124.3 63.88.236.6 106.21.59.2 146.154.239.4 152.228.98.7 198.130.230.5 56.11.199.3 34.203.64.3 22.6.251.7 212.78.5.1 123.243.226.5 38.11.73.3 89.16.65.2 60.14.202.0 211.79.142.7 100.203.165.1 75.168.236.3 84.211.230.7 169.151.168.2 7.48.125.6 55.164.210.7 219.16.227.3 60.111.191.4 114.183.161.5 156.175.191.7 5.196.187.6 32.9.31.6 169.182.148.0 175.203.223.4 219.59.35.2 98.200.236.6 29.231.57.0 18.97.141.4 45.226.163.6 138.5.28.0 196.113.219.5 94.10.130.0 109.65.245.6 64.79.145.6 200.137.230.6 190.93.195.5 178.49.102.5 25.14.214.0 101.167.207.2 173.100.23.4 34.74.38.2 195.54.200.0 133.17.35.1 220.245.129.7 34.192.45.1 97.61.171.0 184.183.119.3 209.196.206.5 151.194.231.2 21.107.146.4 43.147.153.7 96.234.178.2 158.191.118.5 138.2.219.3 143.68.195.4 209.62.194.3 48.182.125.6 15.88.247.3 104.32.211.6 157.232.68.7 131.121.162.7 133.198.127.1 122.119.0.6 41.40.17.6 86.34.120.1 185.25.140.5 77.168.2.3 130.212.184.4 137.184.109.7 32.228.73.5 153.225.252.0 176.149.246.4 109.240.241.7 117.113.51.7 151.47.145.2 150.136.211.5 177.250.135.6 56.231.200.3 101.140.174.3 12.4.101.5 114.155.228.5 191.68.97.6 85.148.116.6 109.98.160.4 153.194.191.4 56.136.159.2 166.182.145.6 21.130.90.2 109.87.170.7 83.152.6.0 4.81.106.0 61.234.43.5 149.0.208.3 148.37.71.6 39.12.232.2 135.197.181.0 162.251.243.7 139.18.150.5 50.80.142.1 82.211.253.1 33.78.204.0 3.16.116.2 222.232.100.2 119.93.148.0 45.216.149.5 147.74.98.1 85.209.93.1 141.148.60.6 61.10.64.5 110.57.169.4 65.190.30.3 218.248.202.7 97.84.139.0 9.145.149.1 75.207.225.0 197.106.116.5 78.199.25.0 46.201.141.3 199.75.140.3 139.190.37.1 128.224.196.4 70.90.21.3 84.116.249.6 209.31.187.4 101.65.120.0 129.203.48.4 206.254.103.1 40.193.229.5 76.255.123.0 134.31.13.4 164.88.250.0 73.151.228.6 214.251.23.7 196.141.69.7 71.29.183.7 92.35.213.0 129.71.55.3 6.51.184.6 114.213.212.0 121.186.69.3 8.197.30.3 109.186.209.1 185.91.19.2 17.109.8.6 53.160.52.2 49.0.212.5 18.146.186.3 25.128.41.5 202.59.35.4 75.242.104.3 201.245.94.1 154.226.148.7 110.64.184.1 81.200.217.2 13.168.3.0 185.197.149.6 1.235.75.4 189.52.3.7 139.142.159.7 114.125.254.6 17.182.117.1 180.248.6.2 78.133.232.4 172.161.221.6 144.92.227.0 208.253.169.4 106.136.223.4 169.115.110.2 23.55.106.6 121.112.234.2 95.2.116.5 185.97.187.2 93.14.25.3 216.127.98.7 173.232.201.6 57.104.168.1 33.119.36.2 153.193.41.0 67.174.34.2 43.159.223.2 38.181.18.5 166.220.31.2 171.209.1.7 202.113.42.4 187.108.49.3 101.178.251.3 128.109.131.4 59.87.121.1 140.185.140.4 64.51.26.0 19.209.196.2 207.117.43.7 93.146.72.1 168.42.29.6 207.179.116.0 223.69.210.1 49.20.107.3 183.189.137.5 37.49.234.7 55.178.230.0 218.206.174.1 186.203.37.6 6.20.34.4 33.54.151.3 13.115.48.6 32.8.245.7 73.197.191.2 78.247.252.3 102.227.222.6 52.118.120.7 190.27.64.4 161.134.141.7 173.5.217.6 67.214.97.4 183.192.41.0 213.230.228.1 64.90.149.0 135.38.78.5 51.123.82.0 94.60.195.3 200.110.149.4 87.161.73.5 35.51.45.2 194.142.212.6 199.167.240.3 27.4.181.2 2.251.198.4 4.215.46.4 142.63.234.5 87.222.118.7 56.54.184.4 194.170.76.7 12.243.176.0 73.129.33.1 123.174.249.7 40.119.209.6 128.244.87.1 216.32.181.0 110.90.74.2 65.187.123.7 13.38.143.1 81.66.137.5 202.194.33.0 183.246.186.0 48.51.29.1 81.18.82.4 206.77.241.5 165.158.187.0 124.230.76.1 220.242.99.1 221.119.80.2 87.6.225.4 192.10.113.1 32.73.213.2 88.137.104.0 158.248.239.4 200.81.217.3 13.202.40.0 106.239.186.3 165.232.202.3 97.139.222.0 119.96.84.1 27.13.30.1 44.48.220.3 137.226.200.7 57.86.146.1 178.98.40.6 105.55.141.0 48.77.253.2 212.73.146.6 126.150.49.3 158.92.83.1 82.95.187.4 89.75.216.1 170.188.69.7 146.42.149.7 114.140.131.1 75.232.121.4 80.153.39.7 72.15.230.1 96.159.186.1 30.183.23.0 189.197.61.0 204.20.227.7 204.222.28.7 218.245.253.2 109.139.133.0 23.221.228.5 91.191.166.0 180.141.42.6 57.103.211.5 53.197.74.5 84.156.62.1 131.90.97.2 48.176.108.3 75.204.81.6 78.187.80.6 158.55.212.6 45.199.114.5 151.40.43.2 196.185.125.3 104.1.38.5 201.80.75.6 140.31.210.2 158.206.112.1 172.51.44.3 84.118.125.2 7.216.137.4 213.98.138.1 220.155.111.0 222.29.201.4 221.130.232.4 173.188.187.3 221.17.48.3 151.244.48.5 7.8.94.0 15.190.69.5 19.233.176.1 96.180.117.2 29.101.254.6 222.244.5.7 136.124.180.6 2.163.95.0 206.107.48.3 93.249.27.3 141.226.234.5 141.82.93.3 92.77.131.0 152.189.196.3 167.125.44.2 27.142.224.5 16.140.135.5 118.47.212.4 32.76.205.0 158.172.227.7 140.74.104.0 29.21.227.3 43.16.210.5 106.181.76.3 87.119.93.1 158.155.154.4 156.232.249.2 22.64.78.4 159.188.230.0 168.29.72.5 51.3.142.0 148.120.102.3 126.115.92.2 201.174.206.0 218.92.196.2 63.49.119.2 216.188.55.5 213.185.177.7 134.112.69.7 156.82.46.0 24.9.254.4 151.54.205.3 172.117.173.2 179.130.246.5 76.119.154.0 66.3.211.0 165.141.253.0 27.76.84.5 95.224.75.2 55.54.26.0 144.132.68.3 77.136.111.4 89.73.62.6 47.68.179.2 24.30.79.3 28.18.112.1 210.27.243.5 96.211.44.3 161.159.30.6 163.157.114.3 34.100.142.7 24.41.139.3 113.173.174.4 56.90.214.4 160.27.178.0 199.14.46.7 17.192.94.1 157.78.175.4 198.24.171.7 166.176.155.2 60.228.239.3 109.106.145.5 18.6.109.6
|
1
SURICATA Applayer Detect protocol only one direction
|
|
12.8 |
M |
63 |
ZeroCERT
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
2693 |
2024-06-26 10:36
|
av_downloader1.1.exe 759f5a6e3daa4972d43bd4a5edbdeb11 Generic Malware Malicious Library Malicious Packer UPX Antivirus AntiDebug AntiVM PE File PE32 MSOffice File PNG Format JPEG Format VirusTotal Malware powershell AutoRuns suspicious privilege MachineGuid Code Injection Check memory Checks debugger buffers extracted Creates shortcut Creates executable files RWX flags setting exploit crash unpack itself Windows utilities Disables Windows Security powershell.exe wrote suspicious process Tofsee Windows Exploit ComputerName DNS Cryptographic key crashed |
|
2
www.pornhub.com(66.254.114.41) - mailcious 66.254.114.41 - mailcious
|
1
SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)
|
|
12.4 |
M |
57 |
ZeroCERT
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
2694 |
2024-06-26 10:19
|
csrss.exe 8afc7110cee6735ab8101a03907c5cf5 Malicious Library PE File PE64 VirusTotal Malware Check memory Checks debugger unpack itself Windows Cryptographic key crashed |
|
|
|
|
2.4 |
M |
49 |
ZeroCERT
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
2695 |
2024-06-26 10:19
|
gajkl684 9f9c9c61fc7151ec7b8207f05254c0f5 Linux.Trojan.Mirai AntiDebug AntiVM ELF VirusTotal Email Client Info Stealer Malware Code Injection Check memory Checks debugger unpack itself installed browsers check Browser Email |
|
|
|
|
4.2 |
M |
39 |
ZeroCERT
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
2696 |
2024-06-26 10:18
|
a.f.f.f.f.fff.doc 6476133e6fcd5bb5fad7d39d1d214a6a MS_RTF_Obfuscation_Objects RTF File doc VirusTotal Malware Malicious Traffic buffers extracted RWX flags setting exploit crash Tofsee Exploit DNS crashed |
2
http://93.123.12.248/xampp/Apln/yellowflowerisrareandbeautyfolwer.gif https://paste.ee/d/5ApcC
|
5
paste.ee(172.67.187.200) - mailcious ia803405.us.archive.org(207.241.232.195) - mailcious 104.21.84.67 - malware 93.123.12.248 - mailcious 207.241.232.195 - mailcious
|
2
SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) ET POLICY Pastebin-style Service (paste .ee) in TLS SNI
|
|
5.0 |
M |
36 |
ZeroCERT
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
2697 |
2024-06-26 10:16
|
1.exe c3d9c95936f7b124d354c10642c8d976 Malicious Library UPX PE File PE32 OS Processor Check VirusTotal Malware |
|
|
|
|
1.4 |
M |
34 |
ZeroCERT
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
2698 |
2024-06-26 10:16
|
build.exe 71b44c9a55f3b40681f6a5524ca9821d [m] Generic Malware Generic Malware Suspicious_Script_Bin task schedule Malicious Library UPX Socket DGA Http API ScreenShot PWS DNS Internet API AntiDebug AntiVM PE File PE32 OS Processor Check Malware download Dridex VirusTotal Malware Microsoft AutoRuns Code Injection Checks debugger buffers extracted Creates executable files ICMP traffic unpack itself Windows utilities AppData folder malicious URLs WriteConsoleW Tofsee Windows ComputerName Remote Code Execution DNS |
3
http://defgyma.com/dl/build2.exe http://cajgtus.com/test2/get.php?pid=06280D9CD13939E9B7E95CDCAA6A83CC&first=true https://api.2ip.ua/geo.json
|
6
defgyma.com(190.159.138.51) - malware api.2ip.ua(172.67.139.220) cajgtus.com(189.195.132.134) - malware 104.21.65.24 93.118.137.82 201.191.99.134
|
9
ET USER_AGENTS Suspicious User Agent (Microsoft Internet Explorer) ET MALWARE Win32/Filecoder.STOP Variant Request for Public Key ET MALWARE Win32/Filecoder.STOP Variant Public Key Download ET MALWARE Potential Dridex.Maldoc Minimal Executable Request ET MALWARE Win32/Vodkagats Loader Requesting Payload ET INFO Observed External IP Lookup Domain (api .2ip .ua in TLS SNI) SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) ET POLICY PE EXE or DLL Windows file download HTTP ET POLICY External IP Address Lookup DNS Query (2ip .ua)
|
|
13.2 |
M |
47 |
ZeroCERT
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
2699 |
2024-06-26 10:14
|
d63e9e90-db3d-42c6-a687-45470b... aaa77d6928d24c74d686805fba1929a7 Generic Malware Malicious Packer Malicious Library UPX PE File .NET EXE PE32 DLL OS Processor Check VirusTotal Malware Check memory Checks debugger Creates executable files unpack itself AppData folder crashed |
|
|
|
|
3.4 |
M |
61 |
ZeroCERT
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
2700 |
2024-06-26 10:14
|
info.vbe e9ffdb716af3d355b25096a8ed4de8ef AntiDebug AntiVM Malware download VirusTotal Malware Code Injection unpack itself suspicious TLD WriteConsoleW Downloader |
1
http://www.testswork.ru/tmp2.exe - rule_id: 40474
|
3
testswork.ru(82.97.240.167) - mailcious www.testswork.ru(82.97.240.167) - mailcious 82.97.240.167 - mailcious
|
1
ET MALWARE Terse alphanumeric executable downloader high likelihood of being hostile
|
1
http://www.testswork.ru/tmp2.exe
|
5.6 |
M |
34 |
ZeroCERT
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|