Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Score	Zero	VT	Player
4111	2024-05-11 19:49	bin.dll ab3fff8fb136f2cbd1a5c150c57cf297 Malicious Packer UPX PE64 PE File DLL OS Processor Check VirusTotal Malware PDB				1.4	M	47	ZeroCERT

4112	2024-05-11 19:47	hjv.exe 36166d066eca6b22121c54d5ced2b51c Malicious Library UPX PE File DllRegisterServer dll PE32 MZP Format VirusTotal Malware unpack itself Detects VMWare VMware Tofsee Interception crashed		2	1	3.4	M	48	ZeroCERT

4113	2024-05-11 19:47	arquivo.msi 8fcb7d96688206baa33e4093593351f9 Generic Malware Malicious Library MSOffice File CAB OS Processor Check VirusTotal Malware suspicious privilege Check memory Checks debugger unpack itself AntiVM_Disk VM Disk Size Check ComputerName				2.6	M	24	ZeroCERT

4114	2024-05-11 19:45	AsyncClient.exe 503d8173c0d8d38e05dead2de759a1d4 AsyncRAT Malicious Library Malicious Packer .NET framework(MSIL) UPX PE File .NET EXE PE32 OS Processor Check VirusTotal Malware				1.2	M	59	ZeroCERT

4115	2024-05-11 19:44	file300un.exe d2f812118c89341715fbff0ba9530396 Generic Malware Malicious Library Malicious Packer UPX PE64 PE File OS Processor Check VirusTotal Malware Check memory				1.8	M	30	ZeroCERT

4116	2024-05-11 19:44	sharozx.scr 53a01fab9569531fc1003d2c311c3be5 LokiBot Malicious Library .NET framework(MSIL) UPX Socket PWS DNS AntiDebug AntiVM PE File .NET EXE PE32 Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware Buffer PE suspicious privilege MachineGuid Code Injection Check memory Checks debugger buffers extracted ICMP traffic unpack itself malicious URLs AntiVM_Disk VM Disk Size Check installed browsers check Browser Email ComputerName DNS Software		13		15.8	M	49	ZeroCERT

4117	2024-05-11 19:43	beautifulrpearoundhavesuchabea... ddf0d6abbedc2008fd46d6c9d5f17bef MS_RTF_Obfuscation_Objects RTF File doc VirusTotal Malware exploit crash unpack itself Tofsee Exploit DNS DDNS crashed	2 Keyword trend analysis	4	4	3.6	M	39	ZeroCERT

4118	2024-05-11 19:41	htm.exe de5fb4cb77c429a6169efedcb8900930 Client SW User Data Stealer Backdoor RemcosRAT browser info stealer Google Chrome User Data Downloader Malicious Library UPX Create Service Socket ScreenShot Escalate priviledges PWS Sniff Audio DNS Internet API KeyLogger AntiDebug AntiVM PE File .NET EXE Browser Info Stealer Malware download Remcos VirusTotal Malware PDB MachineGuid Code Injection Malicious Traffic Check memory Checks debugger buffers extracted unpack itself Check virtual network interfaces WriteConsoleW Tofsee Windows Browser DNS DDNS keylogger	2 Keyword trend analysis	4	6 Info ET INFO DYNAMIC_DNS Query to a .duckdns .org Domain ET INFO DYNAMIC_DNS Query to .duckdns. Domain ET DROP Spamhaus DROP Listed Traffic Inbound group 17 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) ET MALWARE Remcos 3.x Unencrypted Checkin ET MALWARE Remcos 3.x Unencrypted Server Response	9.4	M	46	ZeroCERT

4119	2024-05-11 19:38	Isetup2.exe 731ff38afbc5a664f5a458e222d91f84 Generic Malware Malicious Library Malicious Packer UPX PE64 PE File OS Processor Check VirusTotal Malware Check memory				1.6	M	29	ZeroCERT

4120	2024-05-11 19:38	wfopkrgoplq.exe 6a267a91de66ab6c8fbdf4cbaa1e27e9 Process Kill Generic Malware Suspicious_Script_Bin Malicious Library FindFirstVolume CryptGenKey UPX PE File Device_File_Check PE32 OS Processor Check Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware suspicious privilege Check memory Checks debugger unpack itself Browser Email ComputerName Software crashed				5.4		40	ZeroCERT

4121	2024-05-11 19:36	sweetgirllovedflowerseverywher... da7d7321a3f4c635422b6e04de990c23 MS_RTF_Obfuscation_Objects RTF File doc Malware download VirusTotal Malware Malicious Traffic buffers extracted exploit crash unpack itself Tofsee Windows Exploit DNS crashed Downloader	1 Keyword trend analysis	3	8 Info ET DROP Spamhaus DROP Listed Traffic Inbound group 17 ET INFO Executable Download from dotted-quad Host ET MALWARE Terse alphanumeric executable downloader high likelihood of being hostile ET MALWARE Likely Evil EXE download from dotted Quad by MSXMLHTTP M1 ET POLICY PE EXE or DLL Windows file download HTTP ET MALWARE Likely Evil EXE download from dotted Quad by MSXMLHTTP M2 ET HUNTING SUSPICIOUS Dotted Quad Host MZ Response SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	5.0	M	35	ZeroCERT

4122	2024-05-11 19:36	update.exe 1cedab2d08b660685f82d3a7c591bb47 Generic Malware Malicious Library UPX PE File PE32 OS Processor Check VirusTotal Malware				1.8	M	33	ZeroCERT

4123	2024-05-11 19:34	beautifulgirlkeeptellingmeiwas... 07a9cf0368cad4b17cde67a7a60122a6 MS_RTF_Obfuscation_Objects RTF File doc VirusTotal Malware Malicious Traffic buffers extracted RWX flags setting exploit crash Tofsee Exploit DNS crashed	2 Keyword trend analysis	3	2	4.6	M	36	ZeroCERT

4124	2024-05-11 19:34	xsharonzx.scr 9de9a50ec8399bcbea1697aed7f6b093 LokiBot Malicious Library .NET framework(MSIL) UPX Socket PWS DNS AntiDebug AntiVM PE File .NET EXE PE32 Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware Buffer PE suspicious privilege MachineGuid Code Injection Check memory Checks debugger buffers extracted unpack itself malicious URLs installed browsers check Browser Email ComputerName DNS Software	1 Keyword trend analysis	1		14.0		47	ZeroCERT

4125	2024-05-11 19:34	Photo.scr 8caa858a427dda38bced89183ad90530 Generic Malware Malicious Library UPX PE File OS Processor Check VirusTotal Malware				0.4	M	5	ZeroCERT