| No | Date | Request | Urls | Hosts | IDS | Rule | Score | Zero | VT | Player | Etc | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| 4021 | 2020-12-29 17:29 |
Q76T.dll bf6a524f5543cde20b6fb911edb2a467unpack itself crashed |
1.4 | guest | ||||||||||||||||||||
|
|
||||||||||||||||||||||||
| 4022 | 2020-12-29 17:31 |
Q76T.dll bf6a524f5543cde20b6fb911edb2a467 |
0.4 | guest | ||||||||||||||||||||
|
|
||||||||||||||||||||||||
| 4023 | 2020-12-29 17:48 |
Q76T.dll bf6a524f5543cde20b6fb911edb2a467 |
0.4 | guest | ||||||||||||||||||||
|
|
||||||||||||||||||||||||
| 4024 | 2020-12-29 17:50 |
Q76T.dll bf6a524f5543cde20b6fb911edb2a467Check memory unpack itself crashed |
1.6 | guest | ||||||||||||||||||||
|
|
||||||||||||||||||||||||
| 4025 | 2020-12-29 17:51 |
Q76T.dll bf6a524f5543cde20b6fb911edb2a467 |
0.4 | guest | ||||||||||||||||||||
|
|
||||||||||||||||||||||||
| 4026 | 2020-12-29 17:54 |
Q76T.dll bf6a524f5543cde20b6fb911edb2a467 |
0.4 | guest | ||||||||||||||||||||
|
|
||||||||||||||||||||||||
| 4027 | 2020-12-29 17:57 |
Q76T.dll bf6a524f5543cde20b6fb911edb2a467 |
0.4 | guest | ||||||||||||||||||||
|
|
||||||||||||||||||||||||
| 4028 | 2020-12-29 17:59 |
Q76T.dll bf6a524f5543cde20b6fb911edb2a467 |
0.4 | guest | ||||||||||||||||||||
|
|
||||||||||||||||||||||||
| 4029 | 2020-12-29 18:00 |
Q76T.dll bf6a524f5543cde20b6fb911edb2a467Check memory unpack itself crashed |
1.6 | guest | ||||||||||||||||||||
|
|
||||||||||||||||||||||||
| 4030 | 2020-12-29 18:17 |
nefile.exe 57a9c6d1f80eec2792d26d5903a9228bVirusTotal Malware unpack itself |
3.2 | M | 48 | ZeroCERT | ||||||||||||||||||
|
|
||||||||||||||||||||||||
| 4031 | 2020-12-29 18:18 |
Possies.exe 875c308ab4aefeea743c5fbfd3f47124Browser Info Stealer VirusTotal Malware Cryptocurrency wallets Cryptocurrency suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted WMI unpack itself Windows utilities Collect installed applications Check virtual network interfaces suspicious process malicious URLs suspicious TLD installed browsers check Tofsee Ransomware Windows Browser ComputerName DNS Cryptographic key crashed |
3
|
9 | 1 | 15.4 | M | 47 | ZeroCERT | |||||||||||||||
|
|
||||||||||||||||||||||||
| 4032 | 2020-12-29 18:21 |
regasm.exe 0d2bf4e66cc8a76ee90cfc9023d0b56aVirusTotal Malware suspicious privilege Check memory Checks debugger unpack itself |
2.6 | M | 22 | ZeroCERT | ||||||||||||||||||
|
|
||||||||||||||||||||||||
| 4033 | 2020-12-29 18:23 |
S9LhKc0v.dll c2ddb410e5e39387f1961582486144b7VirusTotal Malware unpack itself |
1.2 | 6 | ZeroCERT | |||||||||||||||||||
|
|
||||||||||||||||||||||||
| 4034 | 2020-12-29 18:25 |
tufile.exe 1f42a1843ea522e84229ec95fe12f0b0VirusTotal Malware unpack itself |
3.0 | 21 | ZeroCERT | |||||||||||||||||||
|
|
||||||||||||||||||||||||
| 4035 | 2020-12-30 09:19 |
S9LhKc0v.dll c2ddb410e5e39387f1961582486144b7VirusTotal Malware Report Checks debugger buffers extracted RWX flags setting unpack itself malicious URLs sandbox evasion Windows Advertising ComputerName DNS Cryptographic key |
3 | 2 | 6.2 | M | 6 | guest | ||||||||||||||||
|
|
||||||||||||||||||||||||