Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Score	Zero	VT	Player
45196	2021-06-02 09:30	cc200-07.exe e3aa230134fe078f662113eeb7ccc173 PWS .NET framework Malicious Library AntiDebug AntiVM PE File .NET EXE PE32 VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself Windows utilities suspicious process AppData folder Windows DNS				11.6	M	32	ZeroCERT

45197	2021-06-02 09:30	n.dot 5a7858fdfd59904990a6a5f019c80b80 RTF File doc AntiDebug AntiVM Malware download VirusTotal Malware MachineGuid Check memory exploit crash unpack itself Windows Exploit DNS DDNS crashed Downloader	1 Keyword trend analysis	4	3	5.6	M	27	ZeroCERT

45198	2021-06-02 09:27	freeold.exe 5108b268343f682e45b04f1af1dab2e3 Malicious Library AntiDebug AntiVM PE File .NET EXE PE32 VirusTotal Malware PDB suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself malicious URLs Windows Cryptographic key				8.4		47	ZeroCERT

45199	2021-06-02 09:25	PO_20880536,pdf.7z a98deab6a48941d96e070a75fcbc56d5 Escalate priviledges KeyLogger AntiDebug AntiVM VirusTotal Malware suspicious privilege Check memory Checks debugger unpack itself DNS		1		2.8	M	19	ZeroCERT

45200	2021-06-02 09:25	cc200.exe 2d3ca3ef781f7ae9d4db875d2f106bd1 AsyncRAT backdoor PWS .NET framework Anti_VM Malicious Library AntiDebug AntiVM PE File .NET EXE PE32 VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself Windows Cryptographic key				7.4	M	20	ZeroCERT

45201	2021-06-02 09:23	MAERSK INVOICE, BL, & AWB.doc 4f9bf95254ac818ee13e8c4915a23aa0 RTF File doc VirusTotal Malware Malicious Traffic buffers extracted exploit crash unpack itself Tofsee Windows Exploit DNS crashed	2 Keyword trend analysis	4	4	5.2	M	21	ZeroCERT

45202	2021-06-02 09:23	bug.xlsx 7fd41119cd2f2bd6fe13aa60eafd534d MSOffice File Malware download VirusTotal Malware Malicious Traffic exploit crash unpack itself Exploit DNS crashed Downloader	1 Keyword trend analysis	1	2	3.8		19	ZeroCERT

45203	2021-06-02 09:21	cc200-077.exe ffb41067c3ba0fcfbcdefea7ad536443 AsyncRAT backdoor PWS .NET framework Malicious Library PE File .NET EXE PE32 VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger unpack itself Windows DNS Cryptographic key				6.0		35	ZeroCERT

45204	2021-06-02 09:20	po8703.exe ec901f509871709b2038cfa53a72f577 AsyncRAT backdoor PE File .NET EXE PE32 VirusTotal Malware Check memory Checks debugger unpack itself				2.2		39	ZeroCERT

45205	2021-06-02 07:52	EHH.exe 979555d563632cad528a128a3af233bb PE File PE32 VirusTotal Malware RWX flags setting unpack itself DNS crashed				2.2	M	16	ZeroCERT

45206	2021-06-02 07:50	FNH.exe 616f7519c2af317844666eab115e219f PE File PE32 VirusTotal Malware RWX flags setting unpack itself DNS crashed				2.2		15	ZeroCERT

45207	2021-06-01 17:41	svch.exe e5e99249a71ae209175217256edd30c0 Antivirus Malicious Packer Escalate priviledges KeyLogger ScreenShot Downloader persistence AntiDebug AntiVM PE File PE32 VirusTotal Malware				1.0		19	ZeroCERT

45208	2021-06-01 17:25	s.dot 4480323dc216794cef3823395edc4b41 RTF File doc AntiDebug AntiVM Malware download Malware MachineGuid Malicious Traffic exploit crash unpack itself Windows Exploit DNS crashed	1 Keyword trend analysis	1	5 Info ET INFO Executable Download from dotted-quad Host ET MALWARE Likely Evil EXE download from dotted Quad by MSXMLHTTP M1 ET POLICY PE EXE or DLL Windows file download HTTP ET MALWARE Likely Evil EXE download from dotted Quad by MSXMLHTTP M2 ET HUNTING SUSPICIOUS Dotted Quad Host MZ Response	3.8			ZeroCERT

45209	2021-06-01 17:21	app.dll 3d38578600e828c447707199822dacd4 Gen1 Gen2 PE File DLL OS Processor Check PE32 VirusTotal Malware PDB MachineGuid unpack itself ComputerName DNS				2.2		15	ZeroCERT

45210	2021-06-01 17:20	info_10621.xlsb 4567910e5ab113f08eb7edd48152074b Gen1 Gen2 PE File DLL OS Processor Check PE32 VirusTotal Malware MachineGuid Check memory Checks debugger WMI unpack itself Windows utilities suspicious process WriteConsoleW Tofsee Windows ComputerName crashed	2 Keyword trend analysis Info http://authd.feronok.com/Y_2Bxq_2FCq_2/F7MtFfN9/OaOiUxVKaMBar_2Bwadu9JI/5f2JIT1R6z/wqyp5OYH26_2FCxoz/4cOT1gafxSEk/1G5XsW988_2/BjdSRlF7L4UAwI/jcsnuDJ33Fm5LZiPOHvvA/PAjjFqU39DDThmrZ/eR22M_2Fe0ePvSa/5l4TtOyHif5dcS9VgY/EtNp35w6x/i4xoaI04WasHjLAOvTF6/tc4VmpY6u_2F8heA9cW/KMPn27BMSv_2B3g7Hp4Ztp/SRUmhDBdfjn5m/rRGd_2Bb/Kx_2FAWnV71TDHDIMbMeb_2/BNfwSQhYk9/_2Fu_2BOoxOVDOIkf/D2gC2K1i https://megoseri.com/app.dll	4	1	5.8		12	ZeroCERT