Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Score	Zero	VT	Player
44911	2021-06-02 09:30	n.dot 5a7858fdfd59904990a6a5f019c80b80 RTF File doc AntiDebug AntiVM Malware download VirusTotal Malware MachineGuid Check memory exploit crash unpack itself Windows Exploit DNS DDNS crashed Downloader	1 Keyword trend analysis	4	3	5.6	M	27	ZeroCERT

44912	2021-06-02 09:27	freeold.exe 5108b268343f682e45b04f1af1dab2e3 Malicious Library AntiDebug AntiVM PE File .NET EXE PE32 VirusTotal Malware PDB suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself malicious URLs Windows Cryptographic key				8.4		47	ZeroCERT

44913	2021-06-02 09:25	PO_20880536,pdf.7z a98deab6a48941d96e070a75fcbc56d5 Escalate priviledges KeyLogger AntiDebug AntiVM VirusTotal Malware suspicious privilege Check memory Checks debugger unpack itself DNS		1		2.8	M	19	ZeroCERT

44914	2021-06-02 09:25	cc200.exe 2d3ca3ef781f7ae9d4db875d2f106bd1 AsyncRAT backdoor PWS .NET framework Anti_VM Malicious Library AntiDebug AntiVM PE File .NET EXE PE32 VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself Windows Cryptographic key				7.4	M	20	ZeroCERT

44915	2021-06-02 09:23	MAERSK INVOICE, BL, & AWB.doc 4f9bf95254ac818ee13e8c4915a23aa0 RTF File doc VirusTotal Malware Malicious Traffic buffers extracted exploit crash unpack itself Tofsee Windows Exploit DNS crashed	2 Keyword trend analysis	4	4	5.2	M	21	ZeroCERT

44916	2021-06-02 09:23	bug.xlsx 7fd41119cd2f2bd6fe13aa60eafd534d MSOffice File Malware download VirusTotal Malware Malicious Traffic exploit crash unpack itself Exploit DNS crashed Downloader	1 Keyword trend analysis	1	2	3.8		19	ZeroCERT

44917	2021-06-02 09:21	cc200-077.exe ffb41067c3ba0fcfbcdefea7ad536443 AsyncRAT backdoor PWS .NET framework Malicious Library PE File .NET EXE PE32 VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger unpack itself Windows DNS Cryptographic key				6.0		35	ZeroCERT

44918	2021-06-02 09:20	po8703.exe ec901f509871709b2038cfa53a72f577 AsyncRAT backdoor PE File .NET EXE PE32 VirusTotal Malware Check memory Checks debugger unpack itself				2.2		39	ZeroCERT

44919	2021-06-02 07:52	EHH.exe 979555d563632cad528a128a3af233bb PE File PE32 VirusTotal Malware RWX flags setting unpack itself DNS crashed				2.2	M	16	ZeroCERT

44920	2021-06-02 07:50	FNH.exe 616f7519c2af317844666eab115e219f PE File PE32 VirusTotal Malware RWX flags setting unpack itself DNS crashed				2.2		15	ZeroCERT

44921	2021-06-01 17:41	svch.exe e5e99249a71ae209175217256edd30c0 Antivirus Malicious Packer Escalate priviledges KeyLogger ScreenShot Downloader persistence AntiDebug AntiVM PE File PE32 VirusTotal Malware				1.0		19	ZeroCERT

44922	2021-06-01 17:25	s.dot 4480323dc216794cef3823395edc4b41 RTF File doc AntiDebug AntiVM Malware download Malware MachineGuid Malicious Traffic exploit crash unpack itself Windows Exploit DNS crashed	1 Keyword trend analysis	1	5 Info ET INFO Executable Download from dotted-quad Host ET MALWARE Likely Evil EXE download from dotted Quad by MSXMLHTTP M1 ET POLICY PE EXE or DLL Windows file download HTTP ET MALWARE Likely Evil EXE download from dotted Quad by MSXMLHTTP M2 ET HUNTING SUSPICIOUS Dotted Quad Host MZ Response	3.8			ZeroCERT

44923	2021-06-01 17:21	app.dll 3d38578600e828c447707199822dacd4 Gen1 Gen2 PE File DLL OS Processor Check PE32 VirusTotal Malware PDB MachineGuid unpack itself ComputerName DNS				2.2		15	ZeroCERT

44924	2021-06-01 17:20	info_10621.xlsb 4567910e5ab113f08eb7edd48152074b Gen1 Gen2 PE File DLL OS Processor Check PE32 VirusTotal Malware MachineGuid Check memory Checks debugger WMI unpack itself Windows utilities suspicious process WriteConsoleW Tofsee Windows ComputerName crashed	2 Keyword trend analysis Info http://authd.feronok.com/Y_2Bxq_2FCq_2/F7MtFfN9/OaOiUxVKaMBar_2Bwadu9JI/5f2JIT1R6z/wqyp5OYH26_2FCxoz/4cOT1gafxSEk/1G5XsW988_2/BjdSRlF7L4UAwI/jcsnuDJ33Fm5LZiPOHvvA/PAjjFqU39DDThmrZ/eR22M_2Fe0ePvSa/5l4TtOyHif5dcS9VgY/EtNp35w6x/i4xoaI04WasHjLAOvTF6/tc4VmpY6u_2F8heA9cW/KMPn27BMSv_2B3g7Hp4Ztp/SRUmhDBdfjn5m/rRGd_2Bb/Kx_2FAWnV71TDHDIMbMeb_2/BNfwSQhYk9/_2Fu_2BOoxOVDOIkf/D2gC2K1i https://megoseri.com/app.dll	4	1	5.8		12	ZeroCERT

44925	2021-06-01 17:17	Questions about the study of f... 7833c0f413c1611f7281ac303bcef4b3 PE File OS Processor Check PE32 VirusTotal Malware MachineGuid unpack itself RCE DNS				3.8		51	ZeroCERT