Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Rule	Score	Zero	VT	Player
3226	2025-01-22 17:11	coinbase.exe 77620fa13ab93f172c7c8d99d92c9fa2 Malicious Library Malicious Packer Antivirus .NET framework(MSIL) UPX PE File .NET EXE PE32 OS Processor Check VirusTotal Malware Check memory Checks debugger unpack itself					2.0	M	61	ZeroCERT

3227	2025-01-22 17:09	04a_Contents.xhtml 801df41841b48c958e1b726340b8bfa0 Downloader Create Service Socket DGA Http API ScreenShot Escalate priviledges Steal credential PWS Hijack Network Sniff Audio HTTP DNS Code injection Internet API persistence FTP KeyLogger P2P AntiDebug AntiVM MSOffice File Code Injection RWX flags setting unpack itself Windows utilities malicious URLs Tofsee Windows DNS			2		4.2			guest

3228	2025-01-22 17:09	04_Copyright.xhtml 25cf14928854d27258b5d1e2a9e9a6a9 Downloader Create Service Socket DGA Http API ScreenShot Escalate priviledges Steal credential PWS Hijack Network Sniff Audio HTTP DNS Code injection Internet API persistence FTP KeyLogger P2P AntiDebug AntiVM MSOffice File Code Injection RWX flags setting unpack itself Windows utilities malicious URLs Tofsee Windows DNS			2		4.2			guest

3229	2025-01-22 17:08	cred64.dll 478cf1466756aec3b32c8cc61fc5c6c6 Generic Malware Malicious Library UPX Antivirus PE File DLL PE64 OS Processor Check Browser Info Stealer FTP Client Info Stealer VirusTotal Malware Cryptocurrency wallets Cryptocurrency powershell PDB suspicious privilege MachineGuid Malicious Traffic Check memory Checks debugger Creates shortcut unpack itself Windows utilities powershell.exe wrote suspicious process sandbox evasion installed browsers check Windows Browser ComputerName DNS Cryptographic key Software	1 Keyword trend analysis	1	1		9.8	M	54	ZeroCERT

3230	2025-01-22 17:07	03_Review.xhtml 3914ff27af290f8886acc66ecaaded4b Downloader Create Service Socket DGA Http API ScreenShot Escalate priviledges Steal credential PWS Hijack Network Sniff Audio HTTP DNS Code injection Internet API persistence FTP KeyLogger P2P AntiDebug AntiVM MSOffice File Code Injection RWX flags setting unpack itself Windows utilities malicious URLs Tofsee Windows DNS			2		4.2			guest

3231	2025-01-22 17:07	02_Title.xhtml 870b746d33d0f2504ae798df05f3a06a Downloader Create Service Socket DGA Http API ScreenShot Escalate priviledges Steal credential PWS Hijack Network Sniff Audio HTTP DNS Code injection Internet API persistence FTP KeyLogger P2P AntiDebug AntiVM MSOffice File Code Injection RWX flags setting unpack itself Windows utilities malicious URLs Tofsee Windows DNS			2		4.2			guest

3232	2025-01-22 17:06	cred.dll fd8df0fc2168cb8c7959afaffa4d8031 Generic Malware Malicious Library UPX Antivirus PE File DLL PE32 OS Processor Check Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware Cryptocurrency wallets Cryptocurrency powershell suspicious privilege MachineGuid Malicious Traffic Check memory Checks debugger Creates shortcut unpack itself Windows utilities powershell.exe wrote suspicious process sandbox evasion installed browsers check Windows Browser Email ComputerName DNS Cryptographic key Software	1 Keyword trend analysis	1	1		10.0	M	57	ZeroCERT

3233	2025-01-22 17:04	00_Cover.xhtml 7409a8ce4a30859580edcd4ecaa3d36e Downloader Create Service Socket DGA Http API ScreenShot Escalate priviledges Steal credential PWS Hijack Network Sniff Audio HTTP DNS Code injection Internet API persistence FTP KeyLogger P2P AntiDebug AntiVM MSOffice File Code Injection RWX flags setting unpack itself Windows utilities malicious URLs Tofsee Windows DNS			2		4.2			guest

3234	2025-01-22 17:04	01_Frontmatter.xhtml f628e7acafea6b3500827b62c44a5ffb Downloader Create Service Socket DGA Http API ScreenShot Escalate priviledges Steal credential PWS Hijack Network Sniff Audio HTTP DNS Code injection Internet API persistence FTP KeyLogger P2P AntiDebug AntiVM MSOffice File Code Injection RWX flags setting unpack itself Windows utilities malicious URLs Tofsee Windows DNS			2		4.2			guest

3235	2025-01-22 17:03	Crypted.Exe 6be3a630099930af4aa9dc65e98ec3d8 XWorm WebCam Malicious Library .NET framework(MSIL) KeyLogger AntiDebug AntiVM PE File .NET EXE PE32 VirusTotal Malware Telegram PDB suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself Check virtual network interfaces AntiVM_Disk VM Disk Size Check Tofsee Windows ComputerName DNS keylogger		2	4		9.8	M	58	ZeroCERT

3236	2025-01-20 04:20	strings_output.txt 0d7e00f4e189261b7936769f8cb54fad Generic Malware Malicious Library ASPack ftp DllRegisterServer dll OS Processor Check crashed					0.2			guest

3237	2025-01-18 16:38	svc.exe e2b9936f5b41295ba4ca23afae692813 Browser Login Data Stealer Gen1 Generic Malware Malicious Library UPX Malicious Packer Antivirus ASPack Anti_VM PE File PE64 OS Processor Check DLL ZIP Format JPEG Format Browser Info Stealer Emotet Malware download VirusTotal Malware Cryptocurrency wallets Cryptocurrency Buffer PE AutoRuns MachineGuid Code Injection Malicious Traffic Check memory Checks debugger buffers extracted WMI Creates executable files unpack itself sandbox evasion Windows Browser ComputerName DNS Downloader	3 Keyword trend analysis	1	5 Info ET INFO Executable Download from dotted-quad Host ET MALWARE Terse alphanumeric executable downloader high likelihood of being hostile ET POLICY PE EXE or DLL Windows file download HTTP ET HUNTING SUSPICIOUS Dotted Quad Host MZ Response ET HUNTING Suspicious Windows Executable WriteProcessMemory	2	12.0	M	30	ZeroCERT

3238	2025-01-18 16:35	RemittanceForms.exe bb46d23bfca17013584e23f35e67c5fe njRAT backdoor Generic Malware Malicious Library Antivirus UPX PE File MSOffice File CAB PE32 OS Name Check OS Processor Check DLL VirusTotal Malware PDB suspicious privilege Check memory Checks debugger buffers extracted Creates executable files unpack itself AppData folder AntiVM_Disk VM Disk Size Check Windows ComputerName RCE Cryptographic key crashed		2			5.6		20	ZeroCERT

3239	2025-01-18 16:34	Aristois-Free.jar 4cad86ed173ff0dad198582d86bf62b6 ZIP Format VirusTotal Malware Check memory heapspray unpack itself Java					2.0		5	ZeroCERT

3240	2025-01-18 10:19	setup641.msi 25d6e100040e7f51f490b07da56d0482 Generic Malware Malicious Library MSOffice File CAB OS Processor Check VirusTotal Malware suspicious privilege Check memory Checks debugger unpack itself AntiVM_Disk VM Disk Size Check ComputerName	1 Keyword trend analysis	2			2.4		12	ZeroCERT