Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Rule	Score	Zero	VT	Player
41506	2021-09-15 10:13	0914_4534346255302.doc db8169d3473f0079a1850b2d5d5f7861 VBA_macro Generic Malware MSOffice File unpack itself					1.6			guest

41507	2021-09-15 10:13	0914_718257604903.doc 7cbc4c74870212cf418af8417001c23b VBA_macro Generic Malware MSOffice File GIF Format VirusTotal Malware Malicious Traffic Checks debugger buffers extracted Creates shortcut Creates executable files RWX flags setting unpack itself Check virtual network interfaces suspicious TLD IP Check ComputerName	2 Keyword trend analysis	4	1		8.2	M	8	guest

41508	2021-09-15 09:57	diagram-171.doc bfa9d4b7bcf5820e663d338e9921d1f8 VBA_macro Generic Malware MSOffice File unpack itself	5 Keyword trend analysis	5			1.2			guest

41509	2021-09-15 09:57	diagram-170.doc 62f8ccb8d886cf7762527c6492723f45 VBA_macro Generic Malware MSOffice File RWX flags setting unpack itself	5 Keyword trend analysis	5			1.6			guest

41510	2021-09-15 09:50	angelzx.exe 9bdcd248d7d3333d2ea92620b44c427e RAT PWS .NET framework Generic Malware SMTP KeyLogger AntiDebug AntiVM PE File .NET EXE PE32 VirusTotal Malware PDB suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself Windows ComputerName DNS crashed		1			10.6	M	26	ZeroCERT

41511	2021-09-15 09:48	123456.exe 80875b1e913ff7c71ce5e32810f9ddda RAT PWS .NET framework Generic Malware Malicious Packer PE File OS Processor Check .NET EXE PE32 VirusTotal Malware AutoRuns PDB suspicious privilege MachineGuid Malicious Traffic Check memory Checks debugger Creates executable files unpack itself Windows utilities Check virtual network interfaces suspicious process AppData folder AntiVM_Disk suspicious TLD WriteConsoleW VM Disk Size Check Tofsee Windows ComputerName DNS	4 Keyword trend analysis	5	2	3	9.4	M	43	ZeroCERT

41512	2021-09-15 09:45	ashleyzx.exe 25bed2de415ddf039da98d134f99c226 RAT PWS .NET framework Generic Malware AntiDebug AntiVM PE File .NET EXE PE32 FormBook Malware download VirusTotal Malware suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted ICMP traffic unpack itself	2 Keyword trend analysis	5	1		9.0	M	37	ZeroCERT

41513	2021-09-15 09:44	win32.exe f0f4b5aa6183bbc5265f26e47aaeb579 RAT PWS .NET framework Generic Malware AntiDebug AntiVM PE File .NET EXE PE32 VirusTotal Malware PDB suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself ComputerName		1			8.2	M	22	ZeroCERT

41514	2021-09-15 09:43	raccon.exe dea12cd62b3999b22534da85f839e6c3 Malicious Library PE File OS Processor Check PE32 VirusTotal Malware PDB unpack itself RCE					2.0	M	28	ZeroCERT

41515	2021-09-15 09:42	vmnet.exe e07ce1ac09be171289b93538009c471c RAT Generic Malware Antivirus PE64 PE File VirusTotal Malware powershell suspicious privilege MachineGuid Check memory Checks debugger WMI Creates shortcut ICMP traffic unpack itself powershell.exe wrote suspicious process WriteConsoleW Windows ComputerName Cryptographic key		4			6.4	M	39	ZeroCERT

41516	2021-09-15 09:41	bluezx.exe 021ffe1bcf154accf3b947f301c9b676 RAT PWS .NET framework Generic Malware SMTP KeyLogger AntiDebug AntiVM PE File .NET EXE PE32 Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware PDB suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted unpack itself Windows utilities Check virtual network interfaces suspicious process WriteConsoleW IP Check Tofsee Windows Browser Email ComputerName DNS Cryptographic key DDNS Software crashed	2 Keyword trend analysis	5	3		17.0	M	28	ZeroCERT

41517	2021-09-15 09:40	testen.exe e4a200fc3da152d2b8c48f6e19b8ec97 RAT PWS .NET framework BitCoin Generic Malware AntiDebug AntiVM PE File .NET EXE PE32 VirusTotal Malware Code Injection Check memory Checks debugger buffers extracted ICMP traffic unpack itself Check virtual network interfaces Windows Cryptographic key					9.2	M	40	ZeroCERT

41518	2021-09-15 09:39	Invoice1.docx 9021afcfefe0fd391eacd306de705448 Word 2007 file format(docx) Vulnerability VirusTotal Malware unpack itself	3 Keyword trend analysis	2			3.0	M	23	ZeroCERT

41519	2021-09-15 09:37	loadetc.exe 2bd18b0ce7aa8dfaee0e922090aae138 AntiDebug AntiVM PE File PE32 Malware download VirusTotal Malware AutoRuns PDB Code Injection Malicious Traffic Check memory Creates executable files Windows utilities suspicious process WriteConsoleW Windows DNS Downloader	1 Keyword trend analysis	2	5 Info ET DROP Spamhaus DROP Listed Traffic Inbound group 25 ET INFO Executable Download from dotted-quad Host ET MALWARE Terse alphanumeric executable downloader high likelihood of being hostile ET POLICY PE EXE or DLL Windows file download HTTP ET HUNTING SUSPICIOUS Dotted Quad Host MZ Response		8.2	M	38	ZeroCERT

41520	2021-09-15 09:36	StubMonoDLL.exe f613cc950434bbccd7e48e584d60989a RAT Generic Malware Malicious Packer Malicious Library PE File OS Processor Check .NET EXE PE32 VirusTotal Malware suspicious privilege Check memory Checks debugger unpack itself sandbox evasion Browser crashed					3.0	M	20	ZeroCERT