Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Score	VT	Player
3391	2024-06-07 23:46	oa-importcert.cmd 4d3f949bda6999f920d5338e785f75f2 Generic Malware Downloader task schedule Antivirus Create Service Socket DGA Http API ScreenShot Escalate priviledges Steal credential PWS Sniff Audio HTTP SMTP DNS Code injection Internet API persistence FTP KeyLogger P2P Hijack Network AntiDebug AntiVM powershell suspicious privilege Check memory Checks debugger Creates shortcut unpack itself Windows utilities powershell.exe wrote suspicious process malicious URLs WriteConsoleW Windows ComputerName Cryptographic key				5.0		guest

3392	2024-06-07 23:39	OpenAudit-nmap-NetzScan.cmd 62678f71bb1fb7f0803191f69ed73acc task schedule Downloader Create Service Socket DGA Http API ScreenShot Escalate priviledges Steal credential PWS Sniff Audio HTTP DNS Code injection Internet API FTP KeyLogger P2P AntiDebug AntiVM WriteConsoleW				0.6		guest

3393	2024-06-07 23:38	makecert2.cmd dc399dc9986b37e8e48fc2a61f9cfcac Downloader Create Service Socket DGA Http API ScreenShot Escalate priviledges Steal credential PWS Sniff Audio HTTP DNS Code injection Internet API FTP KeyLogger P2P Hijack Network AntiDebug AntiVM Windows utilities WriteConsoleW Windows				1.0		guest

3394	2024-06-07 23:33	oa-importcert.cmd 4d3f949bda6999f920d5338e785f75f2 Generic Malware Downloader task schedule Antivirus Create Service Socket DGA Http API ScreenShot Escalate priviledges Steal credential PWS Sniff Audio HTTP DNS Code injection Internet API FTP KeyLogger P2P Hijack Network SMTP persistence AntiDebug AntiVM powershell suspicious privilege Check memory Checks debugger Creates shortcut unpack itself Windows utilities powershell.exe wrote suspicious process malicious URLs WriteConsoleW Windows ComputerName Cryptographic key				5.0		guest

3395	2024-06-07 23:30	apache_uninstallservice-win10.... 9c1c5aa0b87f0183713f5904656a1ef8 task schedule Downloader Create Service Socket DGA Http API ScreenShot Escalate priviledges Steal credential PWS Sniff Audio HTTP DNS Code injection Internet API FTP KeyLogger P2P AntiDebug AntiVM Windows utilities WriteConsoleW Windows				1.0		guest

3396	2024-06-07 23:29	makecert2.cmd dc399dc9986b37e8e48fc2a61f9cfcac Downloader Create Service Socket DGA Http API ScreenShot Escalate priviledges Steal credential PWS Sniff Audio HTTP DNS Code injection Internet API FTP KeyLogger P2P Hijack Network AntiDebug AntiVM Windows utilities WriteConsoleW Windows				1.0		guest

3397	2024-06-07 23:22	apache_uninstallservice-win10.... 9c1c5aa0b87f0183713f5904656a1ef8 Downloader Create Service Socket DGA Http API ScreenShot Escalate priviledges Steal credential PWS Sniff Audio HTTP DNS Code injection Internet API FTP KeyLogger P2P AntiDebug AntiVM Windows utilities WriteConsoleW Windows				1.0		guest

3398	2024-06-07 23:22	apache_installservice-win10.cm... 5c308e4bc6c970a6b3fa3db951b6ac1e task schedule Downloader Create Service Socket DGA Http API ScreenShot Escalate priviledges Steal credential PWS Sniff Audio HTTP DNS Code injection Internet API FTP KeyLogger P2P Hijack Network AntiDebug AntiVM Windows utilities WriteConsoleW Windows				1.0		guest

3399	2024-06-07 23:22	apache_installservice-win10.cm... 5c308e4bc6c970a6b3fa3db951b6ac1e Downloader task schedule Create Service Socket DGA Http API ScreenShot Escalate priviledges Steal credential PWS Sniff Audio HTTP DNS Code injection Internet API FTP KeyLogger P2P Hijack Network AntiDebug AntiVM Windows utilities WriteConsoleW Windows				1.0		guest

3400	2024-06-07 17:59	wpd.jpg.exe 1bfe19a314dd31d6adda302f177c3b7c Gen1 Generic Malware task schedule Downloader UPX Malicious Library Create Service Socket DGA Http API ScreenShot Escalate priviledges Steal credential PWS Hijack Network Sniff Audio HTTP DNS Code injection Internet API persistence FTP KeyLogger P2P AntiD Malware SMB Traffic Potential Scan suspicious privilege Malicious Traffic Check memory buffers extracted WMI Creates executable files RWX flags setting unpack itself Windows utilities suspicious process AppData folder malicious URLs WriteConsoleW Ransomware Windows ComputerName Remote Code Execution DNS crashed	6 Keyword trend analysis	2	2	11.6		guest

3401	2024-06-07 17:58	wpd.jpg.exe 1bfe19a314dd31d6adda302f177c3b7c Gen1 Generic Malware Downloader task schedule UPX Malicious Library Create Service Socket DGA Http API ScreenShot Escalate priviledges Steal credential PWS Sniff Audio HTTP DNS Code injection Internet API FTP KeyLogger P2P Hijack Network persistence AntiD Malware SMB Traffic Potential Scan suspicious privilege Malicious Traffic Check memory buffers extracted WMI Creates executable files unpack itself Windows utilities suspicious process AppData folder malicious URLs WriteConsoleW Windows ComputerName Remote Code Execution DNS crashed	6 Keyword trend analysis	2	2	10.6		guest

3402	2024-06-07 17:58	wpd.jpg.exe 1bfe19a314dd31d6adda302f177c3b7c Gen1 Generic Malware Downloader task schedule UPX Malicious Library Create Service Socket DGA Http API ScreenShot Escalate priviledges Steal credential PWS Sniff Audio HTTP DNS Code injection Internet API FTP KeyLogger P2P Hijack Network persistence AntiD Malware SMB Traffic Potential Scan suspicious privilege Malicious Traffic Check memory buffers extracted WMI Creates executable files RWX flags setting unpack itself Windows utilities suspicious process AppData folder malicious URLs WriteConsoleW Windows ComputerName Remote Code Execution DNS crashed	6 Keyword trend analysis	2	2	11.0	46	guest

3403	2024-06-07 17:53	csrs.exe ed43f6043f51fba6b2a8a4062256154d Gen1 Generic Malware Downloader Malicious Library UPX Create Service Socket DGA Http API ScreenShot Escalate priviledges Steal credential PWS Sniff Audio HTTP DNS Code injection Internet API persistence FTP KeyLogger P2P AntiDebug AntiVM PE File PE32 OS P Creates executable files unpack itself AppData folder malicious URLs WriteConsoleW				3.4		guest

3404	2024-06-07 17:52	csrs.exe ed43f6043f51fba6b2a8a4062256154d Gen1 Generic Malware Downloader Malicious Library UPX Create Service Socket DGA Http API ScreenShot Escalate priviledges Steal credential PWS Sniff Audio HTTP DNS Code injection Internet API FTP KeyLogger P2P persistence AntiDebug AntiVM PE File PE32 OS P Creates executable files unpack itself AppData folder malicious URLs WriteConsoleW				3.4	51	guest

3405	2024-06-07 17:52	csrs.exe ed43f6043f51fba6b2a8a4062256154d Gen1 Generic Malware Downloader Malicious Library UPX Create Service Socket DGA Http API ScreenShot Escalate priviledges Steal credential PWS Sniff Audio HTTP DNS Code injection Internet API FTP KeyLogger P2P persistence AntiDebug AntiVM PE File PE32 OS P Creates executable files unpack itself AppData folder malicious URLs WriteConsoleW				3.4		guest