Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Score	Zero	VT	Player
44506	2024-05-28 08:57	applovin_exo_edit_mode_logo.xm... ae7a03fae5a74e7a34963cad7e012a47 AntiDebug AntiVM MSOffice File Code Injection RWX flags setting exploit crash unpack itself Windows utilities Windows Exploit DNS crashed				3.8			guest

44507	2024-05-28 09:32	applovin_exo_edit_mode_logo.xm... ae7a03fae5a74e7a34963cad7e012a47 AntiDebug AntiVM MSOffice File Code Injection RWX flags setting exploit crash unpack itself Windows utilities Windows Exploit DNS crashed				3.8			guest

44508	2024-05-28 09:32	applovin_exo_ic_audiotrack.xml e1b5ef9041ed0efcfa6414254aade698 AntiDebug AntiVM MSOffice File Code Injection RWX flags setting exploit crash unpack itself Windows utilities Windows Exploit DNS crashed				3.8			guest

44509	2024-05-28 09:32	applovin_exo_ic_check.xml 73928838d0c864ea6c4b14e8b0df2e1c AntiDebug AntiVM MSOffice File Code Injection RWX flags setting exploit crash unpack itself Windows utilities Windows Exploit DNS crashed				3.8			guest

44510	2024-05-28 09:32	asdf.exe 851b09408fb8c6d26d4bba579cc8a8ab AntiDebug AntiVM MSOffice File Code Injection ICMP traffic RWX flags setting exploit crash unpack itself Windows utilities Tofsee Windows Exploit DNS crashed		14 Info camo.githubusercontent.com(185.199.109.133) fonts.googleapis.com(142.250.196.106) widget.uservoice.com(104.17.27.92) www.google-analytics.com(142.250.206.238) 142.251.222.202 104.17.29.92 142.250.204.142 104.17.30.92 142.251.222.206 104.17.27.92 104.17.28.92 104.17.31.92 185.199.108.133 - mailcious 172.217.27.42	2	6.2	M		ZeroCERT

44511	2024-05-28 09:32	STHealthClient.exe 70ab645e72548443cea20ffd8005dc1a RedLine Infostealer UltraVNC Generic Malware Malicious Library UPX PE File PE32 OS Processor Check VirusTotal Malware PDB suspicious privilege Check memory Checks debugger buffers extracted Creates executable files ICMP traffic unpack itself Check virtual network interfaces AppData folder Windows DNS Cryptographic key crashed	2 Keyword trend analysis	1	4	7.6	M	41	ZeroCERT

44512	2024-05-28 09:32	AndroidManifest.xml 39019dd6cb0ef9e87abeb7791490255d Downloader Create Service Socket DGA Http API ScreenShot Escalate priviledges Steal credential PWS Hijack Network Sniff Audio HTTP DNS Code injection Internet API persistence FTP KeyLogger P2P AntiDebug AntiVM MSOffice File Code Injection RWX flags setting exploit crash unpack itself Windows utilities malicious URLs Tofsee Windows Exploit DNS crashed			2	4.8			guest

44513	2024-05-28 09:32	applovin_exo_ic_audiotrack.xml e1b5ef9041ed0efcfa6414254aade698 Downloader Create Service Socket DGA Http API ScreenShot Escalate priviledges Steal credential PWS Hijack Network Sniff Audio HTTP DNS Code injection Internet API persistence FTP KeyLogger P2P AntiDebug AntiVM MSOffice File Code Injection RWX flags setting exploit crash unpack itself Windows utilities malicious URLs Tofsee Windows Exploit DNS crashed			2	4.8			guest

44514	2024-05-28 09:33	win-test.exe eb5d27678207ba63921c0b18a655bf3f Metasploit Generic Malware PE64 PE File VirusTotal Malware DNS crashed		1		3.6	M	66	ZeroCERT

44515	2024-05-28 09:33	applovin_exo_ic_chevron_left.x... 4a64cd89e0cc0d4715746c2f3b2103da AntiDebug AntiVM MSOffice File Code Injection RWX flags setting exploit crash unpack itself Windows utilities Windows Exploit DNS crashed				3.8			guest

44516	2024-05-28 09:34	applovin_exo_ic_check.xml 73928838d0c864ea6c4b14e8b0df2e1c Downloader Create Service Socket DGA Http API ScreenShot Escalate priviledges Steal credential PWS Hijack Network Sniff Audio HTTP DNS Code injection Internet API persistence FTP KeyLogger P2P AntiDebug AntiVM MSOffice File Code Injection RWX flags setting exploit crash unpack itself Windows utilities malicious URLs Tofsee Windows Exploit DNS crashed			2	4.8			guest

44517	2024-05-28 09:38	1.jpg d8ca3d5e5f0f8d22cb7230d2bc1d1050 Generic Malware Malicious Library UPX PE File PE32 OS Processor Check VirusTotal Malware unpack itself Remote Code Execution				2.4	M	38	ZeroCERT

44518	2024-05-28 09:38	applovin_exo_ic_chevron_left.x... 4a64cd89e0cc0d4715746c2f3b2103da AntiDebug AntiVM MSOffice File Code Injection RWX flags setting exploit crash unpack itself Windows utilities Windows Exploit DNS crashed				3.8			guest

44519	2024-05-28 09:38	applovin_exo_ic_chevron_right.... 951d5966a09fd7686a0d7f3eabe66d44 AntiDebug AntiVM MSOffice File Code Injection RWX flags setting exploit crash unpack itself Windows utilities Windows Exploit DNS crashed				3.8			guest

44520	2024-05-28 09:39	rtx.exe af18d6dfe58e07bb76c7701a2c320ce7 Generic Malware Malicious Library UPX AntiDebug AntiVM PE File PE32 OS Processor Check VirusTotal Malware Buffer PE AutoRuns Code Injection Check memory Checks debugger buffers extracted Creates executable files ICMP traffic unpack itself Check virtual network interfaces sandbox evasion Windows Tor ComputerName Remote Code Execution DNS		14	8 Info ET TOR Known Tor Relay/Router (Not Exit) Node Traffic group 278 ET TOR Known Tor Relay/Router (Not Exit) Node Traffic group 144 ET TOR Known Tor Relay/Router (Not Exit) Node Traffic group 307 ET POLICY TLS possible TOR SSL traffic ET TOR Known Tor Relay/Router (Not Exit) Node Traffic group 287 ET TOR Known Tor Relay/Router (Not Exit) Node Traffic group 149 ET TOR Known Tor Relay/Router (Not Exit) Node Traffic group 139 ET TOR Known Tor Relay/Router (Not Exit) Node Traffic group 741	13.8	M	61	ZeroCERT