Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Score	Zero	VT	Player
44611	2024-05-28 10:41	applovin_ic_mediation_google_a... ff54c34a0fa234371f279e4311127ab9 AntiDebug AntiVM MSOffice File Code Injection RWX flags setting exploit crash unpack itself Windows utilities Windows Exploit DNS crashed				3.8			guest

44612	2024-05-28 10:42	applovin_ic_mediation_hyprmx.x... 5fc61f1420c97bc4ed8c5c31f7c5abe7 Downloader Create Service Socket DGA Http API ScreenShot Escalate priviledges Steal credential PWS Hijack Network Sniff Audio HTTP DNS Code injection Internet API persistence FTP KeyLogger P2P AntiDebug AntiVM MSOffice File Code Injection RWX flags setting exploit crash unpack itself Windows utilities malicious URLs Tofsee Windows Exploit DNS crashed			2	4.2			guest

44613	2024-05-28 10:42	applovin_ic_mediation_google_a... ff54c34a0fa234371f279e4311127ab9 Downloader Create Service Socket DGA Http API ScreenShot Escalate priviledges Steal credential PWS Hijack Network Sniff Audio HTTP DNS Code injection Internet API persistence FTP KeyLogger P2P AntiDebug AntiVM MSOffice File Code Injection RWX flags setting exploit crash unpack itself Windows utilities malicious URLs Tofsee Windows Exploit DNS crashed			2	4.8			guest

44614	2024-05-28 10:43	applovin_ic_mediation_hyprmx.x... 5fc61f1420c97bc4ed8c5c31f7c5abe7 AntiDebug AntiVM MSOffice File Code Injection RWX flags setting exploit crash unpack itself Windows utilities Windows Exploit DNS crashed				3.8			guest

44615	2024-05-28 10:44	makesfx.exe 7dbc37ba03b1ba21469c517315f69cd7 Malicious Library UPX PE File PE32 MZP Format VirusTotal Malware Check memory unpack itself Remote Code Execution DNS crashed				2.2		3	guest

44616	2024-05-28 10:45	applovin_ic_mediation_inmobi.x... 3587f4e12056e3bad710ecc16cf29283 Downloader Create Service Socket DGA Http API ScreenShot Escalate priviledges Steal credential PWS Hijack Network Sniff Audio HTTP DNS Code injection Internet API persistence FTP KeyLogger P2P AntiDebug AntiVM MSOffice File Code Injection RWX flags setting exploit crash unpack itself Windows utilities malicious URLs Tofsee Windows Exploit DNS crashed			2	4.8			guest

44617	2024-05-28 10:45	GGWS_UPLOAD.exe cbaa1a61c93704f1540e48a8dd9bac14 RedLine Infostealer UltraVNC Generic Malware Malicious Library UPX PE File PE32 OS Processor Check VirusTotal Malware PDB suspicious privilege Check memory Checks debugger unpack itself Windows Cryptographic key crashed				3.4	M	51	ZeroCERT

44618	2024-05-28 10:49	go.exe 02a0c991ae4070f754f0d46ee1cacf68 Generic Malware Malicious Library UPX AntiDebug AntiVM PE File PE32 OS Processor Check MSOffice File VirusTotal Malware Code Injection Check memory Checks debugger buffers extracted RWX flags setting exploit crash unpack itself Windows utilities Tofsee Windows Exploit DNS crashed	8 Keyword trend analysis Info https://accounts.google.com/generate_204?Bd_bhQ https://www.google.com/favicon.ico https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Faccounts.google.com%2F&followup=https%3A%2F%2Faccounts.google.com%2F&ifkv=AaSxoQxJSQfRgSvbcN4CCAR5Cv1vi0mtSDJubDwaCZfi3oDyh2K0IRbr6QdURxYZZ9aKOSzITZzYCw&passive=1209600&flowName=WebLiteSignIn&flowEntry=ServiceLogin&dsh=S-1526235381%3A1716860687656877 https://accounts.google.com/ServiceLogin?passive=1209600&continue=https%3A%2F%2Faccounts.google.com%2F&followup=https%3A%2F%2Faccounts.google.com%2F https://accounts.google.com/_/bscframe https://accounts.google.com/ https://accounts.google.com/InteractiveLogin?continue=https://accounts.google.com/&followup=https://accounts.google.com/&passive=1209600&ifkv=AaSxoQyfq-7cY1XYRwY0ShX6ZV4VcZueKcLnzJPsI6p6tZOYS9WyJYiRxxUn4zwmOnW_RmvTApfUTA https://ssl.gstatic.com/images/branding/googlelogo/2x/googlelogo_color_74x24dp.png	6	1	6.2	M	38	ZeroCERT

44619	2024-05-28 10:49	wsiopohwqsd.exe a7e106df2ca7b17bd39ec582d19522a0 Process Kill Generic Malware Suspicious_Script_Bin Malicious Library FindFirstVolume CryptGenKey UPX PE File Device_File_Check PE32 OS Processor Check Browser Info Stealer VirusTotal Email Client Info Stealer Malware suspicious privilege Malicious Traffic Check memory Checks debugger unpack itself Check virtual network interfaces IP Check Browser Email ComputerName crashed	1 Keyword trend analysis	2	1	7.0	M	53	ZeroCERT

44620	2024-05-28 10:51	venom.exe 195032debcdcfbd4e56986070144a475 Malicious Packer PE File PE32 VirusTotal Malware unpack itself DNS		1		3.6	M	67	ZeroCERT

44621	2024-05-28 10:53	STHealthUp.exe e78473bca17b8e1e7353570719b5ad0c RedLine Infostealer UltraVNC Generic Malware Malicious Library UPX PE File PE32 OS Processor Check VirusTotal Malware PDB suspicious privilege Check memory Checks debugger unpack itself Windows Cryptographic key crashed				3.4	M	46	ZeroCERT

44622	2024-05-28 10:56	STHealthUpload.exe 26c7da49199c31fcfe179cee64b89116 RedLine Infostealer UltraVNC Generic Malware Malicious Library UPX PE File PE32 OS Processor Check VirusTotal Malware PDB suspicious privilege Check memory Checks debugger unpack itself Windows Cryptographic key crashed				3.4	M	48	ZeroCERT

44623	2024-05-28 10:58	server.exe cea282b7b4912cbab23179d043cde05d Malicious Library VMProtect PE64 PE File VirusTotal Malware unpack itself crashed				2.8	M	46	ZeroCERT

44624	2024-05-28 11:01	AppGate2103v15.exe f0587649682207064554a2372966435d Generic Malware UPX PE64 PE File OS Processor Check VirusTotal Malware heapspray unpack itself Windows Remote Code Execution crashed				4.4	M	51	ZeroCERT

44625	2024-05-28 11:02	tsaplQyj.exe bcdda917607e4c698f148d10466c3b80 Process Kill Generic Malware Suspicious_Script_Bin Malicious Library FindFirstVolume CryptGenKey UPX PE File Device_File_Check PE32 OS Processor Check Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware suspicious privilege Check memory Checks debugger unpack itself Browser Email ComputerName Software crashed				5.4	M	57	ZeroCERT