Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Score	Zero	VT	Player
43921	2024-04-18 07:12	task.exe cb2487ebc8a23756a66be03075e5b70d Generic Malware Malicious Library UPX PE File PE32 OS Processor Check VirusTotal Malware PDB				1.8		40	ZeroCERT

43922	2024-04-18 07:12	SetualMajority.exe 7f4b9d9122a6706404ccfb99742c6dbe NSIS Malicious Library UPX PE File PE32 VirusTotal Malware				1.4		20	ZeroCERT

43923	2024-04-18 08:34	wetrytosexwithhertrulyfromtheh... 28f01b474be6aeb345aaca18388a3ad6 MS_RTF_Obfuscation_Objects RTF File doc VirusTotal Malware				1.4	M	36	ZeroCERT

43924	2024-04-18 08:34	xobizx.scr 6cfb9d303aacc366473e5d7846ed6140 Malicious Library .NET framework(MSIL) PE File .NET EXE PE32 VirusTotal Malware				1.6	M	53	ZeroCERT

43925	2024-04-18 08:34	needfreshlovequotestotakeyouin... c7d0967e4b8c8a0a1309e97d549b828d MS_RTF_Obfuscation_Objects RTF File doc VirusTotal Malware				1.2	M	25	ZeroCERT

43926	2024-04-18 08:35	iamwithyoubecauseiloveyoualotw... 96bd8f3d1b8badd184f3b8de29a26ab5 MS_RTF_Obfuscation_Objects RTF File doc VirusTotal Malware				1.4	M	34	ZeroCERT

43927	2024-04-18 08:35	3.hta 1813054fd92c59be0214e8f908d31155 VirusTotal Malware				0.8		24	ZeroCERT

43928	2024-04-18 08:35	m4V7uvgzXDHblwp.scr 9777327e5dc768314f8083deb0e3a000 Malicious Library .NET framework(MSIL) PE File .NET EXE PE32 VirusTotal Malware				1.6	M	50	ZeroCERT

43929	2024-04-18 08:35	2.hta a76519720925437e61593d697c22d2c3 VirusTotal Malware				0.8		24	ZeroCERT

43930	2024-04-18 08:35	.hta 9f587ac1e364bc4b89ea9991c780b09a							ZeroCERT

43931	2024-04-18 08:35	setup294.exe 348bc324b2b38117df5faaa4e699b7c8 Generic Malware Malicious Library UPX PE File PE32 OS Processor Check PDB Remote Code Execution				0.6			ZeroCERT

43932	2024-04-18 12:25	cliente.url 361301f6ad56d5f44ed70afcbf223df0 AntiDebug AntiVM URL Format MSOffice File VirusTotal Malware Code Injection RWX flags setting exploit crash unpack itself Windows utilities Tofsee Windows Exploit DNS crashed		1	2	6.4		32	guest

43933	2024-04-18 16:33	xobizx.doc 8ccdf88e1aabc883233a2893675f2035 MS_RTF_Obfuscation_Objects RTF File doc VirusTotal Malware RWX flags setting exploit crash suspicious TLD Tofsee Exploit DNS crashed	1 Keyword trend analysis	2	5 Info ET DNS Query to a *.top domain - Likely Hostile ET HUNTING Suspicious Domain Request for Possible COVID-19 Domain M1 ET HUNTING Suspicious TLS SNI Request for Possible COVID-19 Domain M1 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) ET HUNTING Possible COVID-19 Domain in SSL Certificate M2	3.8	M	28	ZeroCERT

43934	2024-04-18 16:35	install_new.exe ba7445dd6438c2097c1c5b2ce173c064 Gen1 Generic Malware Malicious Library UPX PE File PE32 PE64 OS Processor Check VirusTotal Malware AutoRuns Check memory Checks debugger Creates executable files unpack itself Windows utilities AppData folder AntiVM_Disk WriteConsoleW anti-virtualization VM Disk Size Check Windows DNS		1		6.6	M	29	ZeroCERT

43935	2024-04-18 16:38	avp.msi 4d81be09c23e02fab7364e508c21c111 Generic Malware Malicious Library Malicious Packer UPX MSOffice File CAB OS Processor Check PE File DLL PE32 Malware download VirusTotal Malware suspicious privilege Malicious Traffic Check memory Checks debugger unpack itself AppData folder AntiVM_Disk IP Check VM Disk Size Check Tofsee ComputerName DNS	2 Keyword trend analysis	3	6 Info ET INFO External IP Lookup Domain (ipify .org) in DNS Lookup ET INFO External IP Address Lookup Domain (ipify .org) in TLS SNI SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) ET INFO TLS Handshake Failure ET MALWARE Win32/SSLoad Registration Activity (POST) ET MALWARE Win32/SSLoad Tasking Request (POST)	4.8	M	4	ZeroCERT