Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Score	Zero	VT	Player
43621	2024-03-25 09:20	ncr.hta e4fa89413c3b355aaffa71759bae88ea UPX PE File PE32 VirusTotal Malware PDB				1.2	M	32	ZeroCERT

43622	2024-03-25 09:22	1.dll aa7554fb38eb05288f7a74735999e920 PE File DLL PE32 VirusTotal Malware unpack itself crashed				1.8	M	40	ZeroCERT

43623	2024-03-25 09:24	go.exe 4e937db554cf18265ab7f3915db42b2c Malicious Library UPX AntiDebug AntiVM PE File PE32 OS Processor Check MSOffice File VirusTotal Malware Code Injection Check memory Checks debugger buffers extracted RWX flags setting exploit crash unpack itself Windows utilities Tofsee Windows Exploit DNS crashed	8 Keyword trend analysis Info https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Fsignin%3Faction_handle_signin%3Dtrue%26app%3Ddesktop%26hl%3Dko%26next%3Dhttps%253A%252F%252Fwww.youtube.com%252Faccount%26feature%3Dredirect_login&hl=ko&ifkv=ARZ0qKK-VHHnZwpNm7p5uN6Dl_ZvvZmCoYYXn02kHS5p_HaZ7ePY9EYzutDBHK0NXYfixHOOw7mtlw&passive=true&service=youtube&uilel=3&flowName=WebLiteSignIn&flowEntry=ServiceLogin&dsh=S-553555903%3A1711326027463105 https://www.google.com/favicon.ico https://ssl.gstatic.com/images/branding/googlelogo/2x/googlelogo_color_74x24dp.png https://accounts.google.com/_/bscframe https://accounts.google.com/ServiceLogin?service=youtube&uilel=3&passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Fsignin%3Faction_handle_signin%3Dtrue%26app%3Ddesktop%26hl%3Dko%26next%3Dhttps%253A%252F%252Fwww.youtube.com%252Faccount%26feature%3Dredirect_login&hl=ko https://accounts.google.com/generate_204?vBL53Q https://www.youtube.com/account https://accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/signin?action_handle_signin%3Dtrue%26app%3Ddesktop%26hl%3Dko%26next%3Dhttps%253A%252F%252Fwww.youtube.com%252Faccount%26feature%3Dredirect_login&hl=ko&passive=true&service=youtube&uilel=3&ifkv=ARZ0qKKXo7ZF9PtGz47baT8UVWdFT0eYzdn5It88GOwmzA_LWU4tMF7c7RwCmN7IKO4ExzugA_5g9A	8	1	5.6		39	ZeroCERT

43624	2024-03-25 09:25	sweetkissmademehugtoherwihtall... a24cf230bfe65032876ed807459d5608 MS_RTF_Obfuscation_Objects RTF File doc Malware download VirusTotal Malware Malicious Traffic exploit crash unpack itself IP Check Tofsee Windows Exploit DNS crashed	2 Keyword trend analysis	3	8 Info ET INFO External IP Address Lookup Domain (ipify .org) in TLS SNI SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) ET INFO Executable Download from dotted-quad Host ET INFO External IP Lookup Domain (ipify .org) in DNS Lookup ET MALWARE Likely Evil EXE download from dotted Quad by MSXMLHTTP M1 ET POLICY PE EXE or DLL Windows file download HTTP ET MALWARE Likely Evil EXE download from dotted Quad by MSXMLHTTP M2 ET HUNTING SUSPICIOUS Dotted Quad Host MZ Response	5.0	M	37	ZeroCERT

43625	2024-03-25 09:29	crypted_0b9333b7.exe 9c32d6bfff2dc20914a7f67c4b3dab5c Craxs RAT PE File .NET EXE PE32 VirusTotal Malware PDB Check memory Checks debugger unpack itself WriteConsoleW ComputerName DNS		1		3.4	M	32	ZeroCERT

43626	2024-03-25 15:50	03e297f4a0ac3f262ca8ae50f9e14d... 4c033029dd47e1029ff45d550d5811f9 HWP PS PostScript UPX MSOffice File Lnk Format GIF Format PE File PE32 OS Processor Check JPEG Format VirusTotal Malware Checks debugger Creates shortcut Creates executable files unpack itself AppData folder				2.4		17	guest

43627	2024-03-25 15:52	03e297f4a0ac3f262ca8ae50f9e14d... 4c033029dd47e1029ff45d550d5811f9 HWP PS PostScript UPX MSOffice File JPEG Format PE File PE32 OS Processor Check Lnk Format GIF Format VirusTotal Malware Checks debugger Creates shortcut Creates executable files unpack itself AppData folder				2.4		17	guest

43628	2024-03-26 07:19	lumma21.exe 29447b51ed950d6b101a8ff1494814f1 Craxs RAT PE File .NET EXE PE32 VirusTotal Malware PDB Check memory Checks debugger unpack itself WriteConsoleW ComputerName				3.0	M	48	ZeroCERT

43629	2024-03-26 07:19	newaboyo.exe 41685eda86fd0c3580849308a25b4a9d Suspicious_Script_Bin Malicious Library UPX PE File PE32 OS Processor Check Browser Info Stealer VirusTotal Email Client Info Stealer Malware suspicious privilege Check memory Checks debugger unpack itself Browser Email ComputerName crashed				4.4		28	ZeroCERT

43630	2024-03-26 07:21	current.exe 5b1d07424b8ef92435ba7674b23fab9a Malicious Library UPX PE File PE32 OS Processor Check VirusTotal Malware unpack itself Remote Code Execution				2.0		31	ZeroCERT

43631	2024-03-26 07:23	wr.exe e2a072228078e6f3cf5073f4af029913 UPX PE64 PE File VirusTotal Malware suspicious privilege MachineGuid Check memory buffers extracted Creates executable files unpack itself Auto service Check virtual network interfaces suspicious TLD Windows ComputerName Firmware DNS		2	1	9.6		48	ZeroCERT

43632	2024-03-27 07:31	@Base.exe 9437c89a5f9a51a4ff6d6076083fa6c9 Malicious Library UPX PE64 PE File OS Processor Check VirusTotal Malware unpack itself DNS		1		2.4	M	46	ZeroCERT

43633	2024-03-27 07:35	Point.exe 3e56975127f436aa5e8a9b9c7af5eb23 Emotet Generic Malware Malicious Library Malicious Packer Antivirus UPX PE File PE32 OS Processor Check VirusTotal Malware PDB unpack itself Remote Code Execution				1.4		11	ZeroCERT

43634	2024-03-27 07:37	XClient.exe 3149ac1cd2f798f14c82e4eaa81b1853 Antivirus UPX PE File .NET EXE PE32 OS Processor Check VirusTotal Malware suspicious privilege MachineGuid Check memory Checks debugger unpack itself AntiVM_Disk VM Disk Size Check Windows ComputerName Cryptographic key				4.0	M	57	ZeroCERT

43635	2024-03-27 07:37	gfhgdfdg.exe 1d562eaa3e33451a40f60c976c6f4bc0 PE64 PE File VirusTotal Malware MachineGuid Check memory Checks debugger unpack itself Windows ComputerName Cryptographic key crashed				3.2	M	52	ZeroCERT