Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Score	Zero	VT	Player
2806	2024-06-20 16:48	DamnedSetup.exe c431df16a0810e27345aa37df100a114 Gen1 NSIS Generic Malware Malicious Library UPX Antivirus Malicious Packer Obsidium protector Admin Tool (Sysinternals etc ...) Javascript_Blob Anti_VM PE File PE32 DLL OS Processor Check ftp PE64 VirusTotal Malware suspicious privilege Check memory Creates executable files unpack itself AppData folder Ransom Message Ransomware				4.8		1	ZeroCERT

2807	2024-06-20 16:42	info.zip cbcb58ffe45c202c11bcf2070496aed6 ZIP Format Malware download VirusTotal Malware suspicious TLD Downloader	1 Keyword trend analysis	3	1	2.0	M	55	ZeroCERT

2808	2024-06-20 09:31	Photo.scr e3bcf6c6f4d21e8a1e2789e981366973 Generic Malware Malicious Library UPX PE File OS Processor Check VirusTotal Malware DNS		1		1.0		2	ZeroCERT

2809	2024-06-20 09:31	AV.scr e3bcf6c6f4d21e8a1e2789e981366973 Generic Malware Malicious Library UPX PE File OS Processor Check VirusTotal Malware				0.4		2	ZeroCERT

2810	2024-06-20 09:30	Video.scr e3bcf6c6f4d21e8a1e2789e981366973 Generic Malware Malicious Library UPX PE File OS Processor Check VirusTotal Malware				0.4		2	ZeroCERT

2811	2024-06-20 09:28	UHH.txt.exe 72ffddcd4adf890a663396aaf31affc4 AgentTesla Malicious Library Malicious Packer UPX PE File OS Memory Check .NET EXE PE32 OS Name Check OS Processor Check Browser Info Stealer FTP Client Info Stealer Email Client Info Stealer Malware suspicious privilege Malicious Traffic Check memory Checks debugger buffers extracted unpack itself Check virtual network interfaces IP Check Tofsee Windows Browser Email ComputerName DNS Software crashed keylogger	2 Keyword trend analysis	4	4	7.0			ZeroCERT

2812	2024-06-20 09:28	IP%E8%87%AA%E5%8A%A8%E6%8B%A8%... ed95ed22864405ca79a7910d5c2a527d Generic Malware Malicious Library ASPack UPX PE File DllRegisterServer dll PE32 OS Processor Check VirusTotal Malware Check memory unpack itself Remote Code Execution				2.2	M	26	ZeroCERT

2813	2024-06-20 09:27	llb.doc 3a8df96db2b8e159c2a4d2652f1cf454 MS_RTF_Obfuscation_Objects RTF File doc FormBook Malware download VirusTotal Malware Malicious Traffic buffers extracted RWX flags setting exploit crash Windows Exploit DNS crashed	9 Keyword trend analysis Info http://www.hissmjkl.com/zadz/ http://www.hissmjkl.com/zadz/?pY=GqmOaWdq+kX/yRvyAZZwseYDvaTL8crr23pe6qvcgIhSte46GY4DIQa7ks3RQ77EfqOrO6E9ud6ta6vwJbbEPWpMvqhVaL5TSjftDGWhiRc7xSx2vvQWLWjMkFGYeWU0dOjwkWc=&q7iu=YOnhTm3GvPBMIU http://www.seemorebooks.com/pi58/?pY=YYtcvmaEEn+7nyfxzWgh1us0l/woYfyMnrlu6Rjt4og+6FeMZ1IdpKDPKj+aPF1uuIq0gCsO4nwJKFBr1ceHHaYtBG7ACxwv7Iz3EuX+x6xrPs5Ey6eaPYfJ6s7i8ry1ERDc11U=&q7iu=YOnhTm3GvPBMIU http://www.seemorebooks.com/pi58/ http://www.go2super.app/wgnm/ http://www.go2super.app/wgnm/?pY=Fa4WWJW4OAk9quC/liQ5qPCm6cq5UHInoPdIisE1PBrL79EG4mQIKlmV9v0gNsYws5soHWC75TgVD8ScXJuz3zKnezho/eF1xa+ohUcEmn2mEAmZPvlgVqrPRDgE59rzl73KHjo=&q7iu=YOnhTm3GvPBMIU http://www.sqlite.org/2017/sqlite-dll-win32-x86-3190000.zip http://192.210.150.54/800/service.exe http://synergyinnovationsgroup.com/rTenPEVaZZd63.bin	11 Info www.noblessewine.com() synergyinnovationsgroup.com(199.217.106.226) - mailcious www.hissmjkl.com(104.21.26.154) www.seemorebooks.com(66.228.55.6) www.go2super.app(15.197.148.33) 199.217.106.226 - mailcious 15.197.148.33 - mailcious 172.67.137.15 66.228.55.6 192.210.150.54 - malware 45.33.6.223	6 Info ET MALWARE FormBook CnC Checkin (GET) M5 ET INFO Executable Download from dotted-quad Host ET MALWARE Likely Evil EXE download from dotted Quad by MSXMLHTTP M1 ET POLICY PE EXE or DLL Windows file download HTTP ET MALWARE Likely Evil EXE download from dotted Quad by MSXMLHTTP M2 ET HUNTING SUSPICIOUS Dotted Quad Host MZ Response	5.0	M	38	ZeroCERT

2814	2024-06-20 09:26	bma.doc 0ebecab201093cd3733b0ee652381ee1 MS_RTF_Obfuscation_Objects RTF File doc Malware download VirusTotal Malware Malicious Traffic exploit crash unpack itself Windows Exploit DNS crashed	2 Keyword trend analysis	3	5 Info ET INFO Executable Download from dotted-quad Host ET MALWARE Likely Evil EXE download from dotted Quad by MSXMLHTTP M1 ET POLICY PE EXE or DLL Windows file download HTTP ET MALWARE Likely Evil EXE download from dotted Quad by MSXMLHTTP M2 ET HUNTING SUSPICIOUS Dotted Quad Host MZ Response	4.2	M	36	ZeroCERT

2815	2024-06-20 09:26	Photo.scr e16c628c4b2be310f75780fdeef94a75 PE File PE32 VirusTotal Malware				0.6		3	ZeroCERT

2816	2024-06-19 21:44	Printsvc.exe f5ccac795e79c40d64e7e5a73c741785 UPX PE File PE64 OS Processor Check VirusTotal Malware unpack itself				1.0		13	guest

2817	2024-06-19 19:03	svrhost.exe f5ccac795e79c40d64e7e5a73c741785 UPX PE File PE64 OS Processor Check VirusTotal Malware unpack itself				1.0		13	guest

2818	2024-06-19 18:52	Printsvc.exe f5ccac795e79c40d64e7e5a73c741785 UPX PE File PE64 OS Processor Check VirusTotal Malware unpack itself				1.0		13	guest

2819	2024-06-19 18:32	svrhost.exe f5ccac795e79c40d64e7e5a73c741785 UPX PE File PE64 OS Processor Check VirusTotal Malware unpack itself				1.0		13	guest

2820	2024-06-19 18:17	Printsvc.exe f5ccac795e79c40d64e7e5a73c741785 UPX PE File PE64 OS Processor Check VirusTotal Malware unpack itself				1.0		13	guest