Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Score	Zero	VT	Player
41476	2021-09-16 09:52	3r.jpeg 3eb3bb1d54b8be3ca1c573e82c5ae51e Check memory Checks debugger RWX flags setting unpack itself crashed				1.4			ZeroCERT

41477	2021-09-16 09:52	vbc.exe 451e4cd68c69c2c8b8fc93ad02e8754a Generic Malware UPX PE File PE32 VirusTotal Malware Check memory RWX flags setting unpack itself anti-virtualization RCE				2.8	M	33	r0d

41478	2021-09-16 09:46	5c4c5071-b74e-4e6e-aac5-9ed910... 63ed9cef97bf98e68d2bca42cf16c475 RAT Generic Malware PE File .NET DLL DLL PE32 VirusTotal Malware				1.2		48	ZeroCERT

41479	2021-09-16 09:45	RQF _1000281534.jar 5655fa13d9f8c7758b78b1998836f17e NPKI Malicious Packer Malicious Library PE File DLL PE32 OS Processor Check Malware download NetWireRC VirusTotal Email Client Info Stealer Malware AutoRuns Check memory Checks debugger buffers extracted WMI Creates executable files RWX flags setting unpack itself Windows utilities Check virtual network interfaces suspicious process AppData folder WriteConsoleW IP Check Windows Java Email ComputerName DNS crashed	1 Keyword trend analysis	9	3	9.2		23	ZeroCERT

41480	2021-09-16 09:41	0915_2365641049347.doc 94ba9bb8b4894a227f110589304f283e VBA_macro Generic Malware MSOffice File GIF Format Malware Malicious Traffic Checks debugger buffers extracted Creates shortcut Creates executable files RWX flags setting unpack itself Check virtual network interfaces IP Check ComputerName	2 Keyword trend analysis	4	1	7.4	M		ZeroCERT

41481	2021-09-16 09:41	Лист вих. на 10.2021.docx c7b9240f44af3ad5e22451618729d874 Word 2007 file format(docx) VirusTotal Malware unpack itself suspicious TLD	3 Keyword trend analysis	2		2.4		2	ZeroCERT

41482	2021-09-16 09:37	0915_2121773768090.doc 83455cd4a96481efdff25ce44ff31d28 VBA_macro Generic Malware MSOffice File GIF Format Malware Malicious Traffic Checks debugger buffers extracted Creates shortcut Creates executable files RWX flags setting unpack itself Check virtual network interfaces IP Check ComputerName	2 Keyword trend analysis	4	1	7.4	M		ZeroCERT

41483	2021-09-16 09:36	Contract.xll c38250c448e02d1bd98d7a315a4d38b8 Generic Malware Malicious Library PE64 PE File OS Processor Check DLL VirusTotal Malware RCE				1.4		17	ZeroCERT

41484	2021-09-16 09:34	ivME2bfWY3mj4M7.exe 857aff9992a47764185c61da2493c753 North Korea RAT PWS .NET framework Generic Malware Antivirus DNS KeyLogger AntiDebug AntiVM PE File .NET EXE PE32 VirusTotal Malware powershell Buffer PE suspicious privilege Code Injection Check memory Checks debugger buffers extracted Creates shortcut unpack itself powershell.exe wrote suspicious process WriteConsoleW Windows ComputerName DNS Cryptographic key DDNS		2	1	11.6		28	ZeroCERT

41485	2021-09-16 09:34	0915_1865054706334.doc ea11da40146b88037069a3bafdd2ba3e VBA_macro Generic Malware MSOffice File GIF Format Malware Malicious Traffic Checks debugger buffers extracted Creates shortcut Creates executable files RWX flags setting unpack itself Check virtual network interfaces suspicious TLD IP Check ComputerName	2 Keyword trend analysis	4	1	7.8	M		ZeroCERT

41486	2021-09-16 09:10	bin-cryp.exe 9284392fd96b31b3de8d8f664de3f0e4 RAT Generic Malware AntiDebug AntiVM PE File .NET EXE PE32 FormBook Malware download VirusTotal Malware AutoRuns suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted unpack itself Windows utilities Check virtual network interfaces suspicious process WriteConsoleW Windows ComputerName crashed	3 Keyword trend analysis Info http://www.onlinerebatemall.com/o4ms/?u6A4=gFQ+ciLkE5Z1S7D9OhG/KANV+JSdTQrsf9AAR45hxpePRgM4urIE8jUlJhoPIjq1GNDHwPLL&9rQl7P=xPJtLXbP http://www.volumoffer.com/o4ms/?u6A4=h0qubclW2kzKBq61RQIUyfrMkUsqN2VMbcGCSm/T8IcZhsXNFa3gOU612ICt26A+KJvdm553&9rQl7P=xPJtLXbP http://www.koastedco.com/o4ms/?u6A4=kpfZVFpFCoA1Iph0OeOo01hbJYenSCEdsAy0dmrvmyLfsJYleCVwDmASjPeXLBEKHgvpoIKI&9rQl7P=xPJtLXbP	8	1	11.4	M	25	ZeroCERT

41487	2021-09-16 09:08	vbc.exe 451e4cd68c69c2c8b8fc93ad02e8754a UPX PE File PE32 VirusTotal Malware Check memory RWX flags setting unpack itself anti-virtualization RCE				2.8	M	33	ZeroCERT

41488	2021-09-16 09:07	Enquiry_633772886png.exe 3e59fa59bd61e4fd87d179b719b21862 RAT Generic Malware AntiDebug AntiVM PE File .NET EXE PE32 VirusTotal Malware Buffer PE suspicious privilege Code Injection Check memory Checks debugger buffers extracted WMI RWX flags setting unpack itself Check virtual network interfaces ComputerName crashed				9.4	M	15	ZeroCERT

41489	2021-09-16 09:06	vbc.exe 4399c694e88f3f32d22d91c6c4a173ed UPX PE File PE32 VirusTotal Malware Check memory RWX flags setting unpack itself anti-virtualization RCE				4.2	M	37	ZeroCERT

41490	2021-09-16 09:04	qwerty123123.html 31c4efdb18099a92f2f4c6cd82a05263 Antivirus AntiDebug AntiVM MSOffice File PNG Format Code Injection Creates executable files RWX flags setting exploit crash unpack itself Windows utilities Tofsee Windows Exploit DNS crashed	31 Keyword trend analysis Info https://resources.blogblog.com/blogblog/data/1kt/simple/gradients_light.png https://www.blogger.com/static/v1/jsbin/403901366-ieretrofit.js https://www.google.com/css/maia.css https://fonts.googleapis.com/css?family=Open+Sans:300 https://www.blogger.com/blogin.g?blogspotURL=https://johonathahogyaabagebarhomeintum.blogspot.com/p/qwerty123123.html&type=blog https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmWUlfBBc-.woff https://www.google-analytics.com/analytics.js https://www.blogger.com/comment-iframe-bg.g?bgresponse=js_disabled&iemode=9&page=1&bgint=lrBN8HXfW_IYqUwtlpmBqJlzkN0vwBgYV_uLsPG37u0 https://www.blogger.com/dyn-css/authorization.css?targetBlogID=8965474558532949541&zx=71c606ab-b45e-40a8-94e8-2127ee2c3eba https://resources.blogblog.com/img/anon36.png https://accounts.google.com/ServiceLogin?continue=https://www.blogger.com/blogin.g?blogspotURL%3Dhttps://johonathahogyaabagebarhomeintum.blogspot.com/p/qwerty123123.html%26type%3Dblog%26bpli%3D1&followup=https://www.blogger.com/blogin.g?blogspotURL%3Dhttps://johonathahogyaabagebarhomeintum.blogspot.com/p/qwerty123123.html%26type%3Dblog%26bpli%3D1&passive=true&go=true https://www.blogger.com/static/v1/v-css/281434096-static_pages.css https://resources.blogblog.com/img/blank.gif https://www.google.com/js/bg/lrBN8HXfW_IYqUwtlpmBqJlzkN0vwBgYV_uLsPG37u0.js https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxM.woff https://www.blogger.com/static/v1/jsbin/1621653182-comment_from_post_iframe.js https://www.blogger.com/static/v1/widgets/1667664774-css_bundle_v2.css https://resources.blogblog.com/blogblog/data/1kt/simple/body_gradient_tile_light.png https://www.gstatic.com/images/branding/googlelogo/svg/googlelogo_clr_74x24px.svg https://fonts.googleapis.com/css?lang=ko&family=Product+Sans\|Roboto:400,700 https://www.blogger.com/img/blogger-logotype-color-black-1x.png https://www.blogger.com/comment-iframe.g?blogID=8965474558532949541&pageID=8191441499381901671&blogspotRpcToken=7334942 https://www.blogger.com/static/v1/jsbin/3101730221-analytics_autotrack.js https://www.blogger.com/static/v1/jsbin/2520659415-cmt__en_gb.js https://fonts.gstatic.com/s/opensans/v23/mem5YaGs126MiZpBA-UN_r8OUuhv.woff https://www.blogger.com/static/v1/v-css/2621646369-cmtfp.css https://www.blogger.com/blogin.g?blogspotURL=https%3A%2F%2Fjohonathahogyaabagebarhomeintum.blogspot.com%2Fp%2Fqwerty123123.html&type=blog&bpli=1 https://accounts.google.com/ServiceLogin?continue=https://www.blogger.com/comment-iframe.g?blogID%3D8965474558532949541%26pageID%3D8191441499381901671%26blogspotRpcToken%3D7334942%26bpli%3D1&followup=https://www.blogger.com/comment-iframe.g?blogID%3D8965474558532949541%26pageID%3D8191441499381901671%26blogspotRpcToken%3D7334942%26bpli%3D1&passive=true&go=true https://www.blogger.com/static/v1/widgets/4164007864-widgets.js https://resources.blogblog.com/img/icon18_edit_allbkg.gif https://www.blogger.com/comment-iframe.g?blogID=8965474558532949541&pageID=8191441499381901671&blogspotRpcToken=7334942&bpli=1	16 Info resources.blogblog.com(216.58.220.137) www.google.com(172.217.27.68) www.gstatic.com(216.58.220.131) fonts.googleapis.com(172.217.31.170) accounts.google.com(172.217.26.13) www.google-analytics.com(142.250.196.110) fonts.gstatic.com(172.217.25.67) www.blogger.com(216.58.220.137) 216.58.200.78 216.58.200.77 172.217.31.233 172.217.174.201 172.217.24.68 142.250.199.67 142.250.66.67 142.250.199.74	2	4.2			ZeroCERT