Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Score	Zero	VT	Player
3061	2024-06-12 10:11	sevendaytounderstamndhowmuchsw... c272b9af2086b381b4e4fc7328897cf4 MS_RTF_Obfuscation_Objects RTF File doc VirusTotal Malware Malicious Traffic buffers extracted RWX flags setting exploit crash Tofsee Exploit DNS crashed	2 Keyword trend analysis	3	2	4.6	M	37	ZeroCERT

3062	2024-06-12 10:09	entirethingscleantogetlionsisa... 1ea13f7866b6cdb3407f6c7e72857b99 MS_RTF_Obfuscation_Objects RTF File doc VirusTotal Malware Malicious Traffic RWX flags setting exploit crash Tofsee Exploit DNS crashed	2 Keyword trend analysis	3	2	4.2	M	33	ZeroCERT

3063	2024-06-12 10:06	lionsareveryinterstingcharacte... fe30d755f7243a16d47bf6f37b929cd2 MS_RTF_Obfuscation_Objects RTF File doc VirusTotal Malware RWX flags setting exploit crash Exploit crashed				2.8	M	36	ZeroCERT

3064	2024-06-12 09:56	wizeninglYZn.ps1 e9c90b339939ce08b126a6f4e5a5cd5a Generic Malware Antivirus VirusTotal Malware Check memory Checks debugger unpack itself WriteConsoleW Windows ComputerName Cryptographic key crashed	1 Keyword trend analysis			3.0		26	ZeroCERT

3065	2024-06-12 09:56	noncontrabandsVB1.ps1 183df9ec9ef6dbd453bcee91c8939534 Generic Malware Antivirus VirusTotal Malware Check memory Checks debugger unpack itself WriteConsoleW Windows ComputerName Cryptographic key crashed	1 Keyword trend analysis			3.0		21	ZeroCERT

3066	2024-06-12 07:38	kenzo.exe fe7e4a096f69688dc594ef1fe7a776fd Malicious Packer PE32 PE File ZIP Format Browser Info Stealer Malware download FTP Client Info Stealer Email Client Info Stealer Malware Cryptocurrency wallets Cryptocurrency AutoRuns MachineGuid Check memory buffers extracted unpack itself Windows utilities Collect installed applications suspicious process AntiVM_Disk sandbox evasion WriteConsoleW anti-virtualization IP Check VM Disk Size Check installed browsers check Tofsee Ransomware Windows Browser RisePro Email ComputerName DNS Software crashed	1 Keyword trend analysis	5	9 Info ET DROP Spamhaus DROP Listed Traffic Inbound group 23 ET MALWARE RisePro TCP Heartbeat Packet ET MALWARE [ANY.RUN] RisePro TCP (Token) ET MALWARE [ANY.RUN] RisePro TCP (Activity) ET MALWARE [ANY.RUN] RisePro TCP (External IP) SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) ET POLICY Possible External IP Lookup Domain Observed in SNI (ipinfo. io) ET MALWARE [ANY.RUN] RisePro TCP (Exfiltration) ET MALWARE RisePro CnC Activity (Inbound)	12.2			ZeroCERT

3067	2024-06-12 07:36	seo_cr1.exe b2d33941295f236bebee0d3c389a8549 Generic Malware UPX Malicious Library PE32 PE File OS Processor Check Malware download VirusTotal Malware Malicious Traffic Checks debugger WMI Creates executable files unpack itself Windows utilities suspicious process DarkGate Windows TA577 ComputerName crashed	1 Keyword trend analysis	2	1	5.6	M	27	ZeroCERT

3068	2024-06-12 07:35	spiralitykSzkj.exe d3d4f9479544722b50d57432447b57b0 Generic Malware ASPack Malicious Library UPX PE32 PE File OS Processor Check VirusTotal Malware Cryptocurrency wallets Cryptocurrency Check memory unpack itself ComputerName				3.2		60	ZeroCERT

3069	2024-06-12 07:34	LukeJazz.exe 0478c21bf8ef83cce4eb19b620165ff7 Generic Malware Suspicious_Script_Bin Malicious Library UPX PE32 PE File OS Processor Check VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger WMI Creates executable files Windows utilities suspicious process AppData folder sandbox evasion WriteConsoleW Windows ComputerName				6.0	M	25	ZeroCERT

3070	2024-06-12 07:33	twapcdhuj20shds2WOP90sdhy.exe 49771fd313935046468ff48e9a97f287 Process Kill Generic Malware Suspicious_Script_Bin Malicious Library FindFirstVolume CryptGenKey UPX Device_File_Check PE32 PE File OS Processor Check Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware suspicious privilege Check memory Checks debugger unpack itself Browser Email ComputerName Software crashed				5.0	M	27	ZeroCERT

3071	2024-06-12 04:31	Deezer_8.0.13.2_apkallpure.xyz... 3ce3566b042ee2f6cc406085985a8590 Generic Malware ZIP Format							guest

3072	2024-06-12 04:31	Deezer_8.0.13.2_apkallpure.xyz... 3ce3566b042ee2f6cc406085985a8590 Generic Malware ZIP Format							guest

3073	2024-06-12 03:36	oimompecagnajdejgnnjijobebaeig... 17c227679ab0ed29eae2192843b1802f AntiDebug AntiVM Email Client Info Stealer suspicious privilege Checks debugger Creates shortcut unpack itself installed browsers check Browser Email ComputerName				3.4			guest

3074	2024-06-11 15:03	2024년 북한인권 민간단체 전략활동 지원사업 신청서.... cfffb45df8f05d1cb5d9d95fd5a83e9e Generic Malware Antivirus AntiDebug AntiVM Lnk Format CAB GIF Format PowerShell VirusTotal Malware powershell suspicious privilege Code Injection Check memory Checks debugger Creates shortcut unpack itself Windows utilities powershell.exe wrote suspicious process WriteConsoleW Windows ComputerName Cryptographic key				6.4		24	ZeroCERT

3075	2024-06-11 15:00	2024년 북한인권 민간단체 전략활동 지원 사업 예산편... ebb764dc8aa586deaaae8aa56b82bb15 Generic Malware Antivirus AntiDebug AntiVM Lnk Format HWP MSOffice File CAB GIF Format PowerShell VirusTotal Malware powershell suspicious privilege Code Injection Check memory Checks debugger Creates shortcut unpack itself Windows utilities powershell.exe wrote suspicious process WriteConsoleW Windows ComputerName Cryptographic key				6.4		24	ZeroCERT