Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	IDS	Score	Zero	Player
3616	2024-05-29 07:34	svhost.exe bb1529af37bcc44a4d65ee8da4ab05be Malicious Library Antivirus UPX PE File .NET EXE PE32 OS Processor Check suspicious privilege MachineGuid Check memory Checks debugger unpack itself AntiVM_Disk VM Disk Size Check Windows ComputerName Cryptographic key		2.8	M	ZeroCERT

3617	2024-05-28 20:58	remotectl_dumpstate.txt 3dc6e96f5529d63f1633b68f372ef108 ScreenShot AntiDebug AntiVM		0.4		guest

3618	2024-05-28 20:57	remotectl_dumpstate.txt 3dc6e96f5529d63f1633b68f372ef108 ScreenShot AntiDebug AntiVM Check memory unpack itself DNS		1.6		guest

3619	2024-05-28 20:56	._TCC 2.db-wal 45eefdc390273286afcc07d798eb1807 Downloader Create Service Socket DGA Http API ScreenShot Escalate priviledges Steal credential PWS Hijack Network Sniff Audio HTTP DNS Code injection Internet API persistence FTP KeyLogger P2P AntiDebug AntiVM MSOffice File Code Injection RWX flags setting exploit crash unpack itself Windows utilities malicious URLs Tofsee Windows Exploit DNS crashed	2	4.8		guest

3620	2024-05-28 20:55	._TCC 2.db-wal 45eefdc390273286afcc07d798eb1807 AntiDebug AntiVM MSOffice File Code Injection RWX flags setting exploit crash unpack itself Windows utilities Windows Exploit DNS crashed		3.8		guest

3621	2024-05-28 20:55	TCC 2.db-wal af7d177cce594aed5916d443ab6d1833 Downloader Create Service Socket DGA Http API ScreenShot Escalate priviledges Steal credential PWS Hijack Network Sniff Audio HTTP DNS Code injection Internet API persistence FTP KeyLogger P2P AntiDebug AntiVM MSOffice File Code Injection RWX flags setting exploit crash unpack itself Windows utilities malicious URLs Tofsee Windows Exploit DNS crashed	2	4.2		guest

3622	2024-05-28 20:54	TCC 2.db-wal af7d177cce594aed5916d443ab6d1833 Downloader Create Service Socket DGA Http API ScreenShot Escalate priviledges Steal credential PWS Hijack Network Sniff Audio HTTP DNS Code injection Internet API persistence FTP KeyLogger P2P AntiDebug AntiVM MSOffice File Code Injection RWX flags setting exploit crash unpack itself Windows utilities malicious URLs Tofsee Windows Exploit DNS crashed	2	4.8		guest

3623	2024-05-28 20:54	._TCC 2.db-wal 45eefdc390273286afcc07d798eb1807 AntiDebug AntiVM MSOffice File Code Injection RWX flags setting exploit crash unpack itself Windows utilities Windows Exploit DNS crashed		3.8		guest

3624	2024-05-28 20:53	TCC 2.db-wal af7d177cce594aed5916d443ab6d1833 Downloader Create Service Socket DGA Http API ScreenShot Escalate priviledges Steal credential PWS Hijack Network Sniff Audio HTTP DNS Code injection Internet API persistence FTP KeyLogger P2P AntiDebug AntiVM MSOffice File Code Injection RWX flags setting exploit crash unpack itself Windows utilities malicious URLs Tofsee Windows Exploit DNS crashed	2	4.2		guest

3625	2024-05-28 20:52	._TCC 2.db-wal 45eefdc390273286afcc07d798eb1807 AntiDebug AntiVM MSOffice File Code Injection RWX flags setting exploit crash unpack itself Windows utilities Windows Exploit DNS crashed		3.8		guest

3626	2024-05-28 20:52	._TCC 2.db-wal 45eefdc390273286afcc07d798eb1807 Downloader Create Service Socket DGA Http API ScreenShot Escalate priviledges Steal credential PWS Hijack Network Sniff Audio HTTP DNS Code injection Internet API persistence FTP KeyLogger P2P AntiDebug AntiVM MSOffice File Code Injection RWX flags setting exploit crash unpack itself Windows utilities malicious URLs Tofsee Windows Exploit DNS crashed	2	4.8		guest

3627	2024-05-28 20:50	._TCC 2.db-wal 45eefdc390273286afcc07d798eb1807 Downloader Create Service Socket DGA Http API ScreenShot Escalate priviledges Steal credential PWS Hijack Network Sniff Audio HTTP DNS Code injection Internet API persistence FTP KeyLogger P2P AntiDebug AntiVM MSOffice File Code Injection RWX flags setting exploit crash unpack itself Windows utilities malicious URLs Tofsee Windows Exploit DNS crashed	2	4.2		guest

3628	2024-05-28 20:50	._TCC 2.db-wal 45eefdc390273286afcc07d798eb1807 AntiDebug AntiVM MSOffice File Code Injection RWX flags setting exploit crash unpack itself Windows utilities Windows Exploit DNS crashed		3.8		guest

3629	2024-05-28 20:48	TCC 2.db-wal af7d177cce594aed5916d443ab6d1833 AntiDebug AntiVM MSOffice File Code Injection RWX flags setting exploit crash unpack itself Windows utilities Windows Exploit DNS crashed		3.8		guest

3630	2024-05-28 20:47	TCC 2.db-wal af7d177cce594aed5916d443ab6d1833 AntiDebug AntiVM MSOffice File Code Injection RWX flags setting exploit crash unpack itself Windows utilities Windows Exploit DNS crashed		3.8		guest