Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Rule	Score	Zero	VT	Player
44656	2021-06-16 10:11	Exports promotion highlits may... f23dd9acbf28f324b290b970fbc40b30 VBA_macro OS Processor Check MSOffice File VirusTotal Malware Check memory unpack itself					2.8		38	ZeroCERT

44657	2021-06-16 10:07	document-37-1849.xls c41a21a821bcdea1d3ab26ebef055eed MSOffice File VirusTotal Malware Creates executable files unpack itself Windows utilities suspicious process WriteConsoleW Windows	1 Keyword trend analysis	2			7.2		30	ZeroCERT

44658	2021-06-16 10:04	Winvoke.exe f4d46629ca15313b94992f3798718df7 Lazarus Generic Malware PE64 PE File OS Processor Check GIF Format VirusTotal Malware AutoRuns Malicious Traffic Check memory Creates shortcut Creates executable files unpack itself AntiVM_Disk VM Disk Size Check Windows ComputerName	2 Keyword trend analysis	4		2	5.6	M	49	r0d

44659	2021-06-16 09:53	AZ2066 Elektronische Zustellun... 1d82ffe508e8ba642b676645b2d99e79 VirusTotal Malware VBScript Malicious Traffic Check memory Checks debugger WMI wscript.exe payload download unpack itself Windows utilities suspicious process suspicious TLD WriteConsoleW IP Check Tofsee Windows ComputerName DNS crashed Dropper	2 Keyword trend analysis	6	3		10.0		26	ZeroCERT

44660	2021-06-16 09:45	updatetes.exe a4f1f7fe9de324bf060f44976d1e0d17 Malicious Packer Malicious Library PE File OS Processor Check PE32 VirusTotal Malware PDB unpack itself Windows crashed					3.4	M	47	r0d

44661	2021-06-16 09:22	Winvoke.exe f4d46629ca15313b94992f3798718df7 PE64 PE File OS Processor Check GIF Format Malware download VirusTotal Malware AutoRuns Malicious Traffic Check memory Creates shortcut Creates executable files unpack itself Windows ComputerName DNS		4	1		5.8	M	49	ZeroCERT

44662	2021-06-16 09:18	결의대회초안.doc d5e974a3386fc99d2932756ca165a451 Convert Image File VBA_macro MSOffice File PNG Format Vulnerability VirusTotal Malware unpack itself					3.8		36	ZeroCERT

44663	2021-06-16 09:18	생활비지급.doc 71759cca8c700646b4976b19b9abd6fe Convert Image File VBA_macro MSOffice File PNG Format JPEG Format Vulnerability VirusTotal Malware unpack itself DNS					4.4		37	ZeroCERT

44664	2021-06-16 09:15	shttp3.exe 50aaf6913329c08eb8be0560cb5a2434 PE File PE32 VirusTotal Malware Creates shortcut unpack itself DNS					3.4	M	40	ZeroCERT

44665	2021-06-16 09:14	JoSetp.exe ed59308f9e2b59ec4195a99788cee8ee Gen1 AsyncRAT backdoor PWS .NET framework BitCoin AntiDebug AntiVM PE File .NET EXE PE32 DLL OS Processor Check Browser Info Stealer FTP Client Info Stealer VirusTotal Malware Cryptocurrency wallets Cryptocurrency AutoRuns suspicious privilege MachineGuid Code Injection Malicious Traffic Check memory Checks debugger buffers extracted WMI Creates executable files unpack itself Collect installed applications Check virtual network interfaces AppData folder malicious URLs installed browsers check Tofsee Ransomware Windows Browser ComputerName DNS Cryptographic key Software crashed	13 Keyword trend analysis Info http://xalemiaind.xyz/ https://videoconvert-download12.xyz/api.php https://videoconvert-download12.xyz/ https://api.ip.sb/geoip https://iplogger.org/1vyFz7 https://iplogger.org/1p6br7 https://videoconvert-download12.xyz/api.php?getusers https://topnewsdesign.xyz/?user=bj2 - rule_id: 1776 https://topnewsdesign.xyz/?user=bj3 - rule_id: 1776 https://topnewsdesign.xyz/?user=bj1 - rule_id: 1776 https://topnewsdesign.xyz/?user=bj6 - rule_id: 1776 https://topnewsdesign.xyz/?user=bj4 - rule_id: 1776 https://topnewsdesign.xyz/?user=bj5 - rule_id: 1776	10	1	6	18.4	M	24	ZeroCERT

44666	2021-06-16 09:11	app.exe 4da006c3ae2c486c41f3007a2b7f4782 NPKI PE File OS Processor Check PE32 VirusTotal Malware PDB unpack itself Windows DNS crashed					3.2	M	22	ZeroCERT

44667	2021-06-16 09:08	Expense.exe b127f3a9da9a84ab311eeff6917b7bd6 PWS Loki[b] Loki[m] AgentTesla AsyncRAT backdoor .NET framework DNS KeyLogger ScreenShot DGA Socket Create Service Sniff Audio HTTP Escalate priviledges FTP Code injection Http API Internet API Steal credential Downloader P2P AntiDebug AntiVM PE F VirusTotal Malware PDB suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted WMI unpack itself Windows utilities Check virtual network interfaces suspicious process AppData folder WriteConsoleW Windows ComputerName DNS Cryptographic key DDNS crashed	1 Keyword trend analysis	3	1		13.8	M	23	ZeroCERT

44668	2021-06-16 09:06	serv.exe 6272467a49ad2e4de00757fcfd0366fe AsyncRAT backdoor PWS .NET framework Generic Malware Admin Tool (Sysinternals Devolutions inc) Malicious Library SMTP AntiDebug AntiVM PE File .NET EXE PE32 VirusTotal Malware Buffer PE PDB suspicious privilege Code Injection Check memory Checks debugger buffers extracted RWX flags setting unpack itself Windows DNS Cryptographic key crashed keylogger					10.8		21	ZeroCERT

44669	2021-06-16 09:06	Canaliculi.exe d5598c9448076b1dc59cb57d56a264f4 PE File OS Processor Check PE32 VirusTotal Malware PDB unpack itself Windows DNS crashed		1			3.2		24	ZeroCERT

44670	2021-06-16 09:04	updatetes.exe a4f1f7fe9de324bf060f44976d1e0d17 PE File OS Processor Check PE32 VirusTotal Malware PDB unpack itself Windows DNS crashed					4.0		43	ZeroCERT