Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	Rule	Score	Zero	VT	Player
33121	2022-03-26 19:53	RYJGJHJDGHR.exe 51c7f45ca2d7d26be5e7d6b51aec8e0a Formbook AntiDebug AntiVM .NET EXE PE File PE32 VirusTotal Malware PDB suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted unpack itself	10 Keyword trend analysis Info http://www.southcoast.glass/be4o/?OtZlCp=3/PR1DqoGftECUGlMlqQLygjkfH8q6JiKOV+7DgfT1byhjBN4wPkyxY7U0XcxMUqztWe7oK5&W6=jnKpWl-0k http://www.kaikkistore.com/be4o/?OtZlCp=jq9b4c7GaM45+jAjcNdwzOt+LNN1qoIISHohpyHS4IPClcWh2rh5utbCWAANIM8ZbwbLkAqw&W6=jnKpWl-0k http://www.kingseafoodsydney.com/be4o/?OtZlCp=XvKMJ33ffhWoNT/eGMLLA6DgNlS6//TxCerjEkNPobUmef7akSRqjwxrKXPJLaM84ZJee4xh&W6=jnKpWl-0k http://www.kennycheng.tech/be4o/?OtZlCp=/TihCWUJFsBvOb9P/zij6sYspipbYu/P1fBeeYI9q2iJQnzSETpc+Ai6UFWTdw02WOR1mila&W6=jnKpWl-0k http://www.janhenningsen.com/be4o/?OtZlCp=MXCJfAilxaJs1w9rknsrtNqd5bs2JuRcGlAdtALmHlPTU7nQuBmzU12m+jPv4OsZoZ6Ww26M&W6=jnKpWl-0k http://www.traditionnevertrend.com/be4o/?OtZlCp=V2pw7+z5zZBG4O55swJE3BLqq2nn4BW8tU3lo7+zwRsrcQTMVfEm2TyuCdZS+w8aGawscuC4&W6=jnKpWl-0k http://www.vendasdigitaisonline.com/be4o/?OtZlCp=7cKzimu8mU9aAWv8W1jMoWyo6u+mjltrVmUHpOOuuUdjet6o3ovcBhg45wy83mLq+AvvQsLm&W6=jnKpWl-0k http://www.vaughnediting.com/be4o/?OtZlCp=o5nWsVamRRFj6nmVw0YZzD6T98nAnbLK/jqPG18ZeHpNFmf02WQlwEJPUCFmVJoK3wOZlr5m&W6=jnKpWl-0k http://www.dreamintelligent.com/be4o/?OtZlCp=3gaGgvCAlf1EvIDCkgEISFn1QJRwzcaNyqkp/FIWBtKI+xojZ6IkBOpMMrGw0LC16+ruHxoz&W6=jnKpWl-0k http://www.teleconstructiongroup.com/be4o/?OtZlCp=aVHldBE1aD5B6LWsnnFy+f9DBjZAkDuTTNxl4f2OSlsKSB2TGhbrrBeIgYZv5M5Ln9ymaVaN&W6=jnKpWl-0k	24 Info www.inteligenciaenrefrigeracion.com() www.kaikkistore.com(23.227.38.74) www.southcoast.glass(209.17.116.163) www.kingseafoodsydney.com(2.57.90.16) www.dreamintelligent.com(185.190.39.52) www.sjsndtvitzru.mobi() - mailcious www.istemnetwork.com() www.traditionnevertrend.com(34.102.136.180) www.28682df.com() www.personas1web.com() www.teleconstructiongroup.com(34.102.136.180) www.vaughnediting.com(192.0.78.24) www.kennycheng.tech(198.54.121.137) www.vendasdigitaisonline.com(213.190.6.63) www.janhenningsen.com(217.160.0.98) 209.17.116.163 - mailcious 213.190.6.63 185.190.39.52 34.102.136.180 - mailcious 198.54.121.137 - phishing 2.57.90.16 - mailcious 192.0.78.24 - mailcious 23.227.38.74 - mailcious 217.160.0.98 - mailcious		7.8	M	26	ZeroCERT

33122	2022-03-26 19:50	Akt_sverki_Consultant.docx e959fa8191ca2e4dd99932e149668ade Word 2007 file format(docx) Vulnerability unpack itself				1.8			ZeroCERT

33123	2022-03-26 19:43	vbc.exe d1f43ac76f92fdf3238b77b69f535570 Malicious Library PE File PE32 VirusTotal Malware PDB unpack itself RCE				2.2	M	31	ZeroCERT

33124	2022-03-26 19:21	vbc.exe 46ed02de5213530c183cc769b063b923 PWS[m] PWS .NET framework AntiDebug AntiVM .NET EXE PE File PE32 VirusTotal Malware Code Injection Malicious Traffic Check memory Checks debugger buffers extracted unpack itself ComputerName	1 Keyword trend analysis	2		8.8		33	ZeroCERT

33125	2022-03-26 19:19	vbc.exe d1f43ac76f92fdf3238b77b69f535570 Malicious Library PE File PE32 VirusTotal Malware PDB unpack itself RCE				2.2		31	ZeroCERT

33126	2022-03-26 19:19	vbc.exe ca2463e6f591f3e77106b8d232e9af84 Malicious Library PE File PE32 VirusTotal Malware PDB unpack itself RCE				2.4		42	ZeroCERT

33127	2022-03-26 19:18	rundll322.exe a5dd94434c702493d4577e966134b303 PE File PE32 PDB				0.6			ZeroCERT

33128	2022-03-26 19:16	987.txt 2002616fcecde9aa2408e9156fae2ec6 Malicious Library UPX DLL PE File PE32 VirusTotal Malware PDB Checks debugger unpack itself				2.0		4	ZeroCERT

33129	2022-03-26 19:16	321.exe d4bdfa2ef2919d1b53e25d1be16442f9 Malicious Library UPX OS Processor Check PE File PE32 VirusTotal Malware PDB				1.0		3	ZeroCERT

33130	2022-03-26 19:10	DopSog_Consultant.docx 0ead98011c8d777fd2772d41ab990111 Word 2007 file format(docx) RWX flags setting exploit crash Exploit crashed				1.8	M		ZeroCERT

33131	2022-03-26 19:05	K3362p2954.doc 2549fdb48c76b7dacf0dc369e4c7e8db VBA_macro Generic Malware Malicious Library Admin Tool (Sysinternals etc ...) UPX MSOffice File OS Processor Check DLL PE File PE32 VirusTotal Malware Checks debugger RWX flags setting unpack itself AppData folder				4.6		23	ZeroCERT

33132	2022-03-26 10:28	tf.exe 9dc7f56d0bb5d7543d0ea4a644110623 Malicious Library UPX OS Processor Check PE File PE32 VirusTotal Malware PDB MachineGuid				1.0		10	ZeroCERT

33133	2022-03-26 10:28	DopSog_Consultant.docx 0ead98011c8d777fd2772d41ab990111 Word 2007 file format(docx) Vulnerability unpack itself				1.8			ZeroCERT

33134	2022-03-26 10:26	227.exe fe7f17e5fdda188c776954aa3e73d26c PWS[m] RedLine stealer[m] Malicious Library UPX Socket DNS Escalate priviledges ScreenShot KeyLogger AntiDebug AntiVM PE File PE32 PE64 Browser Info Stealer FTP Client Info Stealer VirusTotal Malware Buffer PE AutoRuns suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted WMI Creates executable files unpack itself Disables Windows Security Collect installed applications Check virtual network interfaces malicious URLs sandbox evasion installed browsers check Windows Browser ComputerName DNS Cryptographic key Software crashed	2 Keyword trend analysis	4	2	19.6	M	28	ZeroCERT

33135	2022-03-26 10:23	231.exe 784226e524808ea1abe83bb7d2c02787 PWS[m] RedLine stealer[m] AntiDebug AntiVM PE File PE32 Browser Info Stealer FTP Client Info Stealer VirusTotal Malware Buffer PE suspicious privilege Code Injection Check memory Checks debugger buffers extracted WMI unpack itself Collect installed applications installed browsers check Windows Browser ComputerName DNS Cryptographic key Software crashed		1		12.0	M	23	ZeroCERT