Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Rule	Score	Zero	VT	Player
42751	2021-08-18 18:34	P7GlorySp.exe 25d7926bab3ac72827a1c1fba9271527 Generic Malware PE File .NET EXE PE32 Browser Info Stealer FTP Client Info Stealer VirusTotal Malware AutoRuns MachineGuid Malicious Traffic Check memory Checks debugger buffers extracted Creates executable files unpack itself Check virtual network interfaces AppData folder Tofsee Windows Browser Cryptographic key Software crashed	8 Keyword trend analysis Info https://iplogger.org/1m32g7 https://allblockchainsolutions.xyz/?k=v3&user=p7_4 https://allblockchainsolutions.xyz/?k=v3&user=p7_5 https://iplogger.org/1XaQy7 https://allblockchainsolutions.xyz/?k=v3&user=p7_6 https://allblockchainsolutions.xyz/?k=v3&user=p7_1 https://allblockchainsolutions.xyz/?k=v3&user=p7_3 https://allblockchainsolutions.xyz/?k=v3&user=p7_2	4	1		7.6		18	ZeroCERT

42752	2021-08-18 18:29	vbs2.html 67ed5f11f9aa46861acce576429764e8 AntiDebug AntiVM MSOffice File Code Injection RWX flags setting exploit crash unpack itself Windows utilities Windows Exploit DNS crashed					3.8			ZeroCERT

42753	2021-08-18 18:28	vbs3.html 17b23462cc955078526a6fde4746fa4a Antivirus AntiDebug AntiVM Malware powershell suspicious privilege MachineGuid Code Injection Malicious Traffic Check memory Checks debugger buffers extracted Creates shortcut Creates executable files RWX flags setting unpack itself Windows utilities powershell.exe wrote Check virtual network interfaces suspicious process Tofsee Windows ComputerName Cryptographic key	1 Keyword trend analysis	2	1	1	10.0	M		ZeroCERT

42754	2021-08-18 18:24	vbs2.html 67ed5f11f9aa46861acce576429764e8 crashed					0.2			ZeroCERT

42755	2021-08-18 18:24	vbs1.html 4b71de199adad75c4855194892a50ad6 Antivirus AntiDebug AntiVM MSOffice File Code Injection RWX flags setting exploit crash unpack itself Windows utilities Tofsee Windows Exploit DNS crashed			2		3.8			ZeroCERT

42756	2021-08-18 16:37	vbs1.html 4b71de199adad75c4855194892a50ad6 Antivirus unpack itself crashed					0.6			ZeroCERT

42757	2021-08-18 16:13	jkfe.exe 5c3ebb5dfa876c0d76ccae99518153d8 Malicious Library VMProtect PE File PE32 DLL OS Processor Check VirusTotal Malware AutoRuns Check memory Creates executable files Windows utilities suspicious process AppData folder Windows DNS		1			4.8		43	ZeroCERT

42758	2021-08-18 12:06	Proformar invioce.exe a311cef429085f54e95b32fd836c56b6 AgentTesla RAT browser info stealer Generic Malware Google Chrome User Data Admin Tool (Sysinternals etc ...) Socket Sniff Audio Escalate priviledges KeyLogger Code injection Internet API Downloader persistence DGA DNS Create Service HTTP FTP ScreenShot H VirusTotal Malware Buffer PE AutoRuns suspicious privilege Code Injection Check memory Checks debugger buffers extracted Creates executable files unpack itself Windows utilities WriteConsoleW Windows Cryptographic key					11.0		26	ZeroCERT

42759	2021-08-18 12:03	0817_7648681625.doc 0673071e945646c58d6bc06d20cd88de VBA_macro MSOffice File GIF Format Malware Malicious Traffic Checks debugger buffers extracted Creates shortcut Creates executable files RWX flags setting unpack itself Check virtual network interfaces IP Check ComputerName	2 Keyword trend analysis	4	1		7.4			ZeroCERT

42760	2021-08-18 12:01	0817_0384716421.doc fde9b8d089fa03841c9981f98ba15abb VBA_macro MSOffice File GIF Format Malware Malicious Traffic Checks debugger buffers extracted Creates shortcut Creates executable files ICMP traffic RWX flags setting unpack itself Check virtual network interfaces IP Check ComputerName	2 Keyword trend analysis	4	1		8.2			ZeroCERT

42761	2021-08-18 12:00	0817_5286872558.doc a87db9de6caf60bbd55e1a8b9805a3a0 VBA_macro MSOffice File unpack itself					1.6			ZeroCERT

42762	2021-08-18 11:44	@aran_welaso20.exe c94fcdb866e1e3a9af205bd27664d492 RAT PWS .NET framework Generic Malware UPX PE File OS Processor Check .NET EXE PE32 VirusTotal Malware Check memory Checks debugger unpack itself Check virtual network interfaces Windows DNS Cryptographic key		1			4.0	M	38	ZeroCERT

42763	2021-08-18 11:41	vbc.exe e52bb3fd16b1b414bfef8462c4091b3b UPX Malicious Library PE File OS Processor Check PE32 VirusTotal Malware PDB unpack itself					2.0	M	25	ZeroCERT

42764	2021-08-18 11:40	jopa.exe 3f472c0afd077919abb0a3ddb2378135 RAT Generic Malware UPX Malicious Packer DGA DNS Socket Create Service Sniff Audio Escalate priviledges KeyLogger Code injection HTTP Internet API FTP ScreenShot Http API Steal credential Downloader P2P AntiDebug AntiVM PE File OS Processor Check .NET EX VirusTotal Malware AutoRuns suspicious privilege MachineGuid Code Injection Malicious Traffic Check memory Checks debugger Creates executable files unpack itself Windows utilities Check virtual network interfaces suspicious process AntiVM_Disk WriteConsoleW VM Disk Size Check Windows ComputerName DNS	1 Keyword trend analysis Info http://149.154.66.50/VideotoPolllongpoll.php?sQuHfXxwcxpHy=FrUvA5S0JtoPG412JaEZ&6zXNIBK3cn=3CTOEwO6F2GBcQR24joPCZUI26&b9d41a25883cf5c0edd5a29d9f32a3ec=a59da15c17ae71b616fadc785a0de37a&6c50d0a269ba1f4bda86396c84f813f0=QNjhTO4Q2NiJWMjRWO1IjYwIjM5ADNzQWMiVWNxUjNxIzMmJmY3QGO&sQuHfXxwcxpHy=FrUvA5S0JtoPG412JaEZ&6zXNIBK3cn=3CTOEwO6F2GBcQR24joPCZUI26 - rule_id: 3676	1		1	9.4	M	45	ZeroCERT

42765	2021-08-18 11:37	wango666.exe a9d35b3546a908c804d177020daefcb0 Gen2 Gen1 RAT Generic Malware UPX Malicious Library Malicious Packer Anti_VM ScreenShot Downloader DNS Socket PDF AntiDebug AntiVM PE File OS Processor Check PE32 .NET DLL DLL PNG Format PE64 JPEG Format Malware download Amadey VirusTotal Malware Code Injection Malicious Traffic Check memory Creates executable files unpack itself AppData folder AntiVM_Disk VM Disk Size Check DNS	2 Keyword trend analysis	1	2		8.0	M	37	ZeroCERT