Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	Score	Zero	VT	Player
33106	2022-03-28 11:28	word.exe f1dd01a9e4b959e569250354d74e0423 Malicious Packer Malicious Library Anti_VM UPX PE File PE32 Check memory Checks debugger unpack itself Detects VMWare VMware crashed			2.2			r0d

33107	2022-03-28 11:24	gus 292cd1089347959ad7619d4946195dac Malicious Packer Malicious Library UPX OS Processor Check DLL PE File PE32 VirusTotal Malware Checks debugger RWX flags setting unpack itself sandbox evasion ComputerName RCE DNS		25 Info 188.44.20.25 - mailcious 212.24.98.99 - mailcious 58.227.42.236 - mailcious 185.8.212.130 - mailcious 138.185.72.26 - mailcious 195.201.151.129 - mailcious 103.75.201.2 - mailcious 197.242.150.244 - mailcious 159.8.59.82 - mailcious 216.120.236.62 - mailcious 153.126.146.25 - mailcious 119.193.124.41 - mailcious 5.9.116.246 - mailcious 158.69.222.101 - mailcious 189.232.46.161 - mailcious 164.68.99.3 - mailcious 217.182.25.250 - mailcious 151.106.112.196 - mailcious 107.182.225.142 - mailcious 51.91.76.89 - malware 131.100.24.231 - mailcious 212.237.17.99 - mailcious 45.118.135.203 - mailcious 50.116.54.215 - mailcious 192.99.251.50 - mailcious	5.4	M	13	ZeroCERT

33108	2022-03-28 10:40	Hive Ransomware.exe b578f712997625c0c97ff55b70152bb0 BlackCat Ransomware Generic Malware Malicious Library PE File PE32 VirusTotal Malware WriteConsoleW			1.2		39	guest

33109	2022-03-28 10:37	Word Document.doc 33fff5d2e84bd2fad9c82e6c1d7002be Malicious Packer Malicious Library Anti_VM UPX AntiDebug AntiVM Word 2007 file format(docx) PE File PE32 VirusTotal Malware Code Injection Check memory Checks debugger Creates shortcut Creates executable files unpack itself Detects VMWare VMware crashed			6.8		26	ZeroCERT

33110	2022-03-28 10:36	2022-03-28_0753.xls dcc528535d429e4a47461fd2fc5cdc69 Malicious Packer Malicious Library UPX MSOffice File OS Processor Check DLL PE File PE32 AutoRuns Creates executable files RWX flags setting exploit crash unpack itself Auto service suspicious process AntiVM_Disk sandbox evasion VM Disk Size Check Windows Exploit ComputerName DNS crashed	6 Keyword trend analysis	30 Info church.ktc-center.net(151.236.62.132) - malware 188.44.20.25 - mailcious 212.24.98.99 - mailcious 58.227.42.236 - mailcious 185.8.212.130 - mailcious 5.9.116.246 - mailcious 138.185.72.26 - mailcious 195.201.151.129 - mailcious 103.75.201.2 - mailcious 197.242.150.244 - mailcious 159.8.59.82 - mailcious 216.120.236.62 - mailcious 51.91.7.5 - mailcious 153.126.146.25 - mailcious 119.193.124.41 - mailcious 189.232.46.161 - mailcious 151.236.62.132 - malware 79.172.212.216 - mailcious 158.69.222.101 - mailcious 164.68.99.3 - mailcious 217.182.25.250 - mailcious 151.106.112.196 - mailcious 107.182.225.142 - mailcious 209.126.98.206 - mailcious 51.91.76.89 - malware 131.100.24.231 - mailcious 212.237.17.99 - mailcious 45.118.135.203 - mailcious 50.116.54.215 - mailcious 192.99.251.50 - mailcious	9.0	M		ZeroCERT

33111	2022-03-28 10:28	Word Document.doc 33fff5d2e84bd2fad9c82e6c1d7002be Malicious Packer Malicious Library Anti_VM UPX Word 2007 file format(docx) PE File PE32 VirusTotal Malware unpack itself			2.0		26	ZeroCERT

33112	2022-03-28 10:24	2022-03-28_0753.xls dcc528535d429e4a47461fd2fc5cdc69 PWS[m] ScreenShot KeyLogger AntiDebug AntiVM MSOffice File Code Injection unpack itself			2.0			ZeroCERT

33113	2022-03-28 10:24	Hive Ransomware.exe b578f712997625c0c97ff55b70152bb0 Malicious Library PE File PE32 VirusTotal Malware WriteConsoleW			1.2		39	ZeroCERT

33114	2022-03-28 10:22	gADHL9UXSFUTN 66aedf72963e5a1e7ba976be93bff0e3 Malicious Packer Malicious Library UPX OS Processor Check DLL PE File PE32 VirusTotal Malware Checks debugger RWX flags setting unpack itself sandbox evasion ComputerName RCE DNS		31 Info 196.218.30.83 - mailcious 188.44.20.25 - mailcious 212.24.98.99 - mailcious 58.227.42.236 - mailcious 185.8.212.130 - mailcious 209.126.98.206 - mailcious 5.9.116.246 - mailcious 138.185.72.26 - mailcious 195.201.151.129 - mailcious 103.75.201.2 - mailcious 197.242.150.244 - mailcious 159.8.59.82 - mailcious 216.120.236.62 51.91.7.5 - mailcious 153.126.146.25 - mailcious 119.193.124.41 - mailcious 45.118.135.203 - mailcious 189.232.46.161 79.172.212.216 - mailcious 158.69.222.101 - mailcious 164.68.99.3 - mailcious 217.182.25.250 - mailcious 151.106.112.196 - mailcious 107.182.225.142 - mailcious 51.91.76.89 - malware 131.100.24.231 - mailcious 72.15.201.15 - mailcious 212.237.17.99 - mailcious 173.212.193.249 - mailcious 50.116.54.215 - mailcious 192.99.251.50 - mailcious	5.8		11	ZeroCERT

33115	2022-03-28 10:18	root.exe 1d27d894f404b2f4b040aa4cfe991e91 Generic Malware Malicious Library PE File PE32 VirusTotal Malware PDB unpack itself			1.8	M	27	ZeroCERT

33116	2022-03-28 09:12	6OuzyjPS e009a6373254827762f62c057e075674 Malicious Packer Malicious Library UPX OS Processor Check DLL PE File PE32 VirusTotal Malware Checks debugger RWX flags setting unpack itself sandbox evasion ComputerName RCE DNS		24 Info 131.100.24.231 - mailcious 212.24.98.99 - mailcious 58.227.42.236 - mailcious 185.8.212.130 - mailcious 138.185.72.26 - mailcious 195.201.151.129 - mailcious 103.75.201.2 - mailcious 197.242.150.244 - mailcious 216.120.236.62 153.126.146.25 - mailcious 119.193.124.41 - mailcious 5.9.116.246 - mailcious 158.69.222.101 - mailcious 189.232.46.161 164.68.99.3 - mailcious 217.182.25.250 - mailcious 107.182.225.142 - mailcious 159.8.59.82 - mailcious 51.91.76.89 - malware 188.44.20.25 - mailcious 212.237.17.99 - mailcious 45.118.135.203 - mailcious 50.116.54.215 - mailcious 192.99.251.50 - mailcious	5.4		10	ZeroCERT

33117	2022-03-28 09:12	aObJD8vpKaJRLKgoX6i 9de560ea7997a21a8e715fed48a3cc6c Malicious Packer Malicious Library UPX OS Processor Check DLL PE File PE32 VirusTotal Malware Checks debugger RWX flags setting unpack itself sandbox evasion ComputerName RCE DNS		24 Info 131.100.24.231 - mailcious 212.24.98.99 - mailcious 58.227.42.236 - mailcious 185.8.212.130 - mailcious 138.185.72.26 - mailcious 195.201.151.129 - mailcious 103.75.201.2 - mailcious 197.242.150.244 - mailcious 216.120.236.62 212.237.17.99 - mailcious 119.193.124.41 - mailcious 5.9.116.246 - mailcious 158.69.222.101 - mailcious 189.232.46.161 164.68.99.3 - mailcious 217.182.25.250 - mailcious 107.182.225.142 - mailcious 159.8.59.82 - mailcious 51.91.76.89 - malware 188.44.20.25 - mailcious 153.126.146.25 - mailcious 45.118.135.203 - mailcious 50.116.54.215 - mailcious 192.99.251.50 - mailcious	5.4		11	ZeroCERT

33118	2022-03-27 19:05	client.exe e83d86c5a054223284e4de94215afd60 RAT PWS .NET framework Malicious Packer UPX OS Processor Check .NET EXE PE File PE32 VirusTotal Malware			1.2		51	ZeroCERT

33119	2022-03-27 19:03	6249_1648232874_813.exe 62a653a677842182b2918370fb8e3cdc Obsidium protector UPX .NET EXE PE File PE32 Browser Info Stealer FTP Client Info Stealer VirusTotal Malware suspicious privilege Malicious Traffic Check memory Checks debugger buffers extracted WMI RWX flags setting unpack itself Collect installed applications Check virtual network interfaces sandbox evasion installed browsers check Windows Browser ComputerName RCE DNS Cryptographic key Software crashed	1 Keyword trend analysis	3	12.0		32	ZeroCERT

33120	2022-03-26 19:59	FvyLs 1037a2aa02e01276046ce7d8c341e525 Malicious Packer Malicious Library UPX OS Processor Check DLL PE File PE32 VirusTotal Malware Checks debugger RWX flags setting unpack itself sandbox evasion ComputerName RCE DNS		17 Info 1.234.2.232 - mailcious 217.182.25.250 - mailcious 151.106.112.196 - mailcious 107.182.225.142 - mailcious 51.91.7.5 - mailcious 188.44.20.25 - mailcious 70.36.102.35 - mailcious 131.100.24.231 - mailcious 153.126.146.25 - mailcious 92.240.254.110 - mailcious 176.56.128.118 - mailcious 119.193.124.41 - mailcious 173.212.193.249 - mailcious 51.91.76.89 - malware 51.254.140.238 - mailcious 45.142.114.231 - mailcious 46.55.222.11 - mailcious	5.6	M	43	ZeroCERT