Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Score	Zero	VT	Player
3601	2024-05-30 09:44	LearningGame3.exe 0afac2447128ef47a4e2797fc6adc811 Malicious Library UPX PE File .NET EXE PE32 VirusTotal Malware MachineGuid Check memory Checks debugger unpack itself				2.0	M	31	ZeroCERT

3602	2024-05-30 07:34	DelHosts.exe b0283aa6cc06b0880a1681f2c9802f05 UPX PE File PE32 VirusTotal Malware Check memory Checks debugger				2.6	M	52	ZeroCERT

3603	2024-05-30 07:32	fscan.exe cf903e4a1629aa0582fd0363b5786676 UPX PE64 PE File VirusTotal Malware DNS crashed		1		2.8	M	45	ZeroCERT

3604	2024-05-30 07:30	s2.exe 995710596451478545b9113bfd75a219 HermeticWiper PhysicalDrive Generic Malware Malicious Library Malicious Packer Antivirus UPX PE File DllRegisterServer dll PE32 OS Processor Check VirusTotal Malware PDB RWX flags setting unpack itself DNS		1		3.6	M	33	ZeroCERT

3605	2024-05-30 07:27	clearkhdyy.exe 0f5b0b4c5369dca6775d7adbae0d1ca3 Generic Malware UPX PE File PE32 VirusTotal Malware Checks debugger				2.6	M	42	ZeroCERT

3606	2024-05-29 10:05	lioniskingandtigerisalsotrying... e1f38ac4318814b4f2006f9311702fbb MS_RTF_Obfuscation_Objects RTF File doc Malware download VirusTotal Malware Malicious Traffic RWX flags setting exploit crash IP Check Tofsee Windows Exploit DNS crashed	2 Keyword trend analysis	3	9 Info ET INFO Executable Download from dotted-quad Host ET HUNTING Suspicious csrss.exe in URI ET INFO External IP Lookup Domain (ipify .org) in DNS Lookup ET MALWARE Likely Evil EXE download from dotted Quad by MSXMLHTTP M1 ET POLICY PE EXE or DLL Windows file download HTTP ET MALWARE Likely Evil EXE download from dotted Quad by MSXMLHTTP M2 ET HUNTING SUSPICIOUS Dotted Quad Host MZ Response ET INFO External IP Address Lookup Domain (ipify .org) in TLS SNI SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	4.6	M	36	ZeroCERT

3607	2024-05-29 10:03	lioniskingandtigerisalsotrying... 313f69e46a9dbc05f6a77d87b4170be8 MS_RTF_Obfuscation_Objects RTF File doc Malware download VirusTotal Malware Malicious Traffic RWX flags setting exploit crash IP Check Tofsee Windows Exploit DNS crashed	3 Keyword trend analysis	5	9 Info ET INFO Executable Download from dotted-quad Host ET HUNTING Suspicious csrss.exe in URI ET INFO External IP Lookup Domain (ipify .org) in DNS Lookup ET MALWARE Likely Evil EXE download from dotted Quad by MSXMLHTTP M1 ET INFO External IP Address Lookup Domain (ipify .org) in TLS SNI SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) ET POLICY PE EXE or DLL Windows file download HTTP ET MALWARE Likely Evil EXE download from dotted Quad by MSXMLHTTP M2 ET HUNTING SUSPICIOUS Dotted Quad Host MZ Response	4.6	M	34	ZeroCERT

3608	2024-05-29 07:45	csrss.exe 54799fee84c11edd9e0b221612bf2631 AgentTesla Malicious Library PWS SMTP KeyLogger AntiDebug AntiVM PE64 PE File Browser Info Stealer FTP Client Info Stealer Email Client Info Stealer Buffer PE suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself Check virtual network interfaces IP Check Tofsee Windows Browser Email ComputerName DNS Cryptographic key Software crashed keylogger	1 Keyword trend analysis	2	3	11.2			ZeroCERT

3609	2024-05-29 07:43	csrss.exe 592f4e7b67ef1b268f799dd2464b62ab AgentTesla Malicious Library PWS SMTP KeyLogger AntiDebug AntiVM PE64 PE File Browser Info Stealer FTP Client Info Stealer Email Client Info Stealer Buffer PE AutoRuns suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself Check virtual network interfaces IP Check Tofsee Windows Browser Email ComputerName DNS Cryptographic key Software crashed	2 Keyword trend analysis	4	3	11.2			ZeroCERT

3610	2024-05-29 07:40	3.exe 70097b5b96f1a0bffc073f26cb4bdc42 Generic Malware Malicious Library UPX PE File PE32 OS Processor Check unpack itself				1.2	M		ZeroCERT

3611	2024-05-29 07:38	UpdateTool_858.exe d8f99e1587679eac41a5a3954e974613 Generic Malware Malicious Library UPX PE File PE32 OS Processor Check PDB Check memory RWX flags setting unpack itself				1.8	M		ZeroCERT

3612	2024-05-29 07:38	crypted_c360a5b7.exe e10f94c9f1f1bb7724a9f0d7186f657e Generic Malware Malicious Library UPX PE File PE32 OS Processor Check unpack itself crashed				1.2	M		ZeroCERT

3613	2024-05-29 07:36	lordga.exe 2a302c859a9ad3a02c688e9f812221be Malicious Library VMProtect PE File PE32 unpack itself				1.4	M		ZeroCERT

3614	2024-05-29 07:36	ZinTask.exe dba7abdb1d2ada8cb51d1c258b1b3531 Generic Malware Malicious Library UPX PE File PE32 OS Processor Check unpack itself crashed				1.2	M		ZeroCERT

3615	2024-05-29 07:34	cccc.exe 9cc841f6d5cf6841524a926e9f8f35fa Generic Malware Malicious Packer Malicious Library UPX PE File .NET EXE PE32 DLL OS Processor Check Check memory Checks debugger Creates executable files unpack itself AppData folder				2.2	M		ZeroCERT