Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Score	Zero	VT	Player
45496	2024-06-20 18:33	zonprox_00007FFECBD51000_maybe... ba5a5029b23078c3fa8d9ad135ff4b31 AntiDebug AntiVM Email Client Info Stealer suspicious privilege Checks debugger Creates shortcut unpack itself installed browsers check Browser Email ComputerName				3.4			guest

45497	2024-06-20 18:36	spphost_00007FFE17011000_sc18_... 9331e68d194bdd01be1e601321a82003 AntiDebug AntiVM Email Client Info Stealer suspicious privilege Checks debugger Creates shortcut unpack itself installed browsers check Browser Email ComputerName				3.4			guest

45498	2024-06-20 19:11	fontqry32_00007FF658671000_RDX... ba5a5029b23078c3fa8d9ad135ff4b31 AntiDebug AntiVM Email Client Info Stealer suspicious privilege Checks debugger Creates shortcut unpack itself installed browsers check Browser Email ComputerName				3.4			guest

45499	2024-06-20 19:19	ZONProX.exe aa2dbf6b53f773b83ff28baa6a868819 Malicious Library .NET framework(MSIL) UPX PE File .NET EXE PE32 PDB MachineGuid Check memory Checks debugger unpack itself				1.6			guest

45500	2024-06-20 19:31	spphost.exe 358f68588c7f515fcf638b0141fea937 Generic Malware Malicious Library UPX PE File PE64 OS Processor Check VirusTotal Malware				1.0		3	guest

45501	2024-06-20 19:45	FONTQRY32.exe aa20ff0db8694e6fd98760cb00c1bf74 Generic Malware Malicious Library UPX PE File PE64 OS Processor Check VirusTotal Malware				0.6		1	guest

45502	2024-06-21 00:38	IOUSB.pdf 2929d4841e1b01c2df23d6e98b0548b3 PDF							guest

45503	2024-06-21 00:43	O.txt 5065fb226090c29069f235a546e8468e Schwerer ScreenShot AntiDebug AntiVM OS Processor Check Check memory unpack itself				1.0			guest

45504	2024-06-21 00:47	CodeSignature copy.txt f9b2e038e6e2935047de6951552ecfbc ScreenShot AntiDebug AntiVM Check memory unpack itself				1.0			guest

45505	2024-06-21 01:03	com_apple_MobileAsset_UAF_Siri... e08e4d148aadeabb7278fce7a60aa79d AntiDebug AntiVM MSOffice File Code Injection buffers extracted RWX flags setting exploit crash unpack itself Windows utilities Windows Exploit DNS crashed				4.2			guest

45506	2024-06-21 01:07	com.apple.ifdreader 980b2134101bf9c24c5bf001cd8b748b AntiDebug AntiVM Email Client Info Stealer suspicious privilege Checks debugger Creates shortcut unpack itself installed browsers check Browser Email ComputerName				3.4			guest

45507	2024-06-21 06:17	cache_vts_inaka_com.wag.walker... 56f12bbc7d60f29724929277725dfeb3 AntiDebug AntiVM Email Client Info Stealer suspicious privilege Checks debugger Creates shortcut unpack itself installed browsers check Browser Email ComputerName				3.4			guest

45508	2024-06-21 07:34	DownSysSoft.exe 50cc1aa14f6c5b5920b72e522297839f Generic Malware UPX PE File PE32 VirusTotal Malware Checks debugger ICMP traffic unpack itself Windows DNS	1 Keyword trend analysis	3	1	4.0		46	ZeroCERT

45509	2024-06-21 07:36	simon.exe b7e7f713ce1c717b6ae28904971e37e5 Themida Packer Malicious Packer PE File PE32 ZIP Format Browser Info Stealer Malware download FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware Cryptocurrency wallets Cryptocurrency AutoRuns MachineGuid Check memory buffers extracted unpack itself Windows utilities Checks Bios Collect installed applications Detects VirtualBox Detects VMWare suspicious process AntiVM_Disk sandbox evasion WriteConsoleW VMware anti-virtualization IP Check VM Disk Size Check installed browsers check Tofsee Ransomware Windows Browser RisePro Email ComputerName Firmware DNS Software crashed	1 Keyword trend analysis	5	8 Info ET MALWARE RisePro TCP Heartbeat Packet ET MALWARE [ANY.RUN] RisePro TCP (Token) ET MALWARE [ANY.RUN] RisePro TCP (Activity) ET MALWARE [ANY.RUN] RisePro TCP (External IP) ET POLICY Possible External IP Lookup Domain Observed in SNI (ipinfo. io) SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) ET MALWARE [ANY.RUN] RisePro TCP (Exfiltration) ET MALWARE RisePro CnC Activity (Inbound)	15.2		41	ZeroCERT

45510	2024-06-21 07:38	Downdd.exe f6be85b0254a308f77189fc96fa6f38e UPX PE File PE32 VirusTotal Malware Check memory Checks debugger				2.6	M	52	ZeroCERT