Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Score	Zero	VT	Player
44776	2024-05-31 10:11	go.exe f75b6c59b0a588f5aa42cf6fb6539043 Generic Malware Malicious Library UPX AntiDebug AntiVM PE File PE32 OS Processor Check MSOffice File VirusTotal Malware Code Injection Check memory Checks debugger buffers extracted RWX flags setting exploit crash unpack itself Windows utilities Tofsee Windows Exploit DNS crashed	8 Keyword trend analysis Info https://www.google.com/favicon.ico https://accounts.google.com/ServiceLogin?passive=1209600&continue=https%3A%2F%2Faccounts.google.com%2F&followup=https%3A%2F%2Faccounts.google.com%2F https://accounts.google.com/_/bscframe https://accounts.google.com/InteractiveLogin?continue=https://accounts.google.com/&followup=https://accounts.google.com/&passive=1209600&ifkv=AS5LTATxuwqLZF9W2tFRur6AAMjZZzegu8Uc9os5rTDCz-9FnJwJL3FGcBzstw6VI25gRxWQu3d2 https://accounts.google.com/ https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Faccounts.google.com%2F&followup=https%3A%2F%2Faccounts.google.com%2F&ifkv=AS5LTATIuOIgU7xXcTyyt-anRuWxkZ-hYvm4dSbo_mTWrEXVznOG9dCvO1ODC_oLu9z02jksJVaYdQ&passive=1209600&flowName=WebLiteSignIn&flowEntry=ServiceLogin&dsh=S-1928505857%3A1717117655314845 https://accounts.google.com/generate_204?eli_sQ https://ssl.gstatic.com/images/branding/googlelogo/2x/googlelogo_color_74x24dp.png	6	1	5.4	M	21	ZeroCERT

44777	2024-05-31 10:12	bind_tcp_uuid.hta bce1078c57268ef42732dc651d2049c9 Generic Malware Antivirus PowerShell VirusTotal Malware powershell suspicious privilege Check memory Checks debugger Creates shortcut RWX flags setting unpack itself powershell.exe wrote suspicious process Windows ComputerName Cryptographic key				6.0	M	38	ZeroCERT

44778	2024-05-31 10:14	reverse_http.msi c16d8d4e2bcfb175ad690580b3502218 Generic Malware MSOffice File suspicious privilege Check memory Checks debugger unpack itself AntiVM_Disk VM Disk Size Check ComputerName DNS		1		4.0	M		ZeroCERT

44779	2024-05-31 10:15	dl.php 27818a4fe57d322127c3311959c5af69 Generic Malware Malicious Library UPX PE File PE32 OS Processor Check VirusTotal Malware unpack itself				2.2	M	37	ZeroCERT

44780	2024-05-31 10:16	bind_tcp.hta 248aa4289e3739f172987f89212e4093 Generic Malware Antivirus PowerShell VirusTotal Malware powershell suspicious privilege Check memory Checks debugger Creates shortcut RWX flags setting unpack itself powershell.exe wrote suspicious process Windows ComputerName Cryptographic key				6.0	M	36	ZeroCERT

44781	2024-05-31 10:17	reverse_tcp_uuid.hta b177937631436154e4bbf6f577e127ed Generic Malware Antivirus PowerShell VirusTotal Malware powershell suspicious privilege Check memory Checks debugger Creates shortcut RWX flags setting unpack itself suspicious process Windows ComputerName DNS Cryptographic key		1		7.4	M	37	ZeroCERT

44782	2024-05-31 10:17	A.I_1003H.exe 3d5fa6d9aa8cf0087e59296463598c2e Gen1 PWS/Dexter Emotet Generic Malware PhysicalDrive Malicious Library UPX Malicious Packer Admin Tool (Sysinternals etc ...) Antivirus Anti_VM PE File PE32 DLL OS Processor Check PE64 DllRegisterServer dll MSOffice File MZP Format CAB VirusTotal Malware PDB suspicious privilege Check memory Creates executable files unpack itself Windows utilities AppData folder WriteConsoleW Ransomware Windows ComputerName				7.0	M	54	ZeroCERT

44783	2024-05-31 10:19	33333.exe 208bd37e8ead92ed1b933239fb3c7079 Generic Malware Malicious Library UPX PE File PE32 OS Processor Check VirusTotal Malware PDB unpack itself crashed				2.4	M	38	ZeroCERT

44784	2024-05-31 10:21	random.exe 85d6cf6654492780b26bb9ed64ae24ab UPX PE File PE32 Malware download VirusTotal Malware AutoRuns MachineGuid Checks debugger unpack itself Windows utilities Checks Bios Detects VMWare suspicious process WriteConsoleW VMware anti-virtualization IP Check Tofsee Windows RisePro ComputerName DNS crashed	2 Keyword trend analysis	7	5	10.8	M	41	ZeroCERT

44785	2024-05-31 10:23	entryofkingboraisreallygreatan... 754bde2b5da33419817a557609fa13c0 MS_RTF_Obfuscation_Objects RTF File doc VirusTotal Malware Malicious Traffic RWX flags setting exploit crash Tofsee Exploit DNS crashed	3 Keyword trend analysis	6	2	4.2	M	32	ZeroCERT

44786	2024-05-31 10:25	NimDllLoader.exe 8960bb93e3796d6fdd8d637d54bc2d24 UPX PE64 PE File VirusTotal Malware Check memory				0.8	M	15	ZeroCERT

44787	2024-05-31 10:28	gps_1688.exe c2c6ca7a9dea1fc9708b57d3ae1d9bc7 Generic Malware Malicious Library UPX PE File PE32 OS Processor Check VirusTotal Malware PDB Check memory RWX flags setting				1.8	M	7	ZeroCERT

44788	2024-05-31 10:30	dl.php 983a597328f06950181c7ede2c4b474d Generic Malware Malicious Library UPX PE File PE32 OS Processor Check VirusTotal Malware unpack itself				2.4	M	40	ZeroCERT

44789	2024-05-31 22:58	Roland VersaWorks Dual.msi 6be37bd461f512d0aee5d9551fdfb7b3 Gen1 Emotet Generic Malware Malicious Library ASPack Malicious Packer UPX ScreenShot Anti_VM AntiDebug AntiVM MSOffice File DllRegisterServer dll ftp CAB OS Processor Check PE64 PE File DLL PE32 VirusTotal Malware AutoRuns suspicious privilege MachineGuid Code Injection Check memory Checks debugger Creates shortcut Creates executable files unpack itself Windows utilities Auto service AppData folder AntiVM_Disk Firewall state off VM Disk Size Check Windows ComputerName Trojan				8.6		3	guest

44790	2024-06-01 08:31	setup.exe 89052e2c020f8f6f5287e10d134f0bd1 Generic Malware Malicious Library Antivirus AntiDebug AntiVM PE File PE32 PowerShell VirusTotal Malware powershell suspicious privilege Code Injection Check memory Checks debugger WMI Creates shortcut Creates executable files RWX flags setting unpack itself Windows utilities Disables Windows Security Checks Bios powershell.exe wrote suspicious process WriteConsoleW anti-virtualization Windows ComputerName Cryptographic key				12.0		36	ZeroCERT