Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Rule	Score	Zero	VT	Player
45751	2024-07-03 18:47	uho.uouo.uououo.doc 9904916ce3549610216e99d83e7e2135 MS_RTF_Obfuscation_Objects RTF File doc Malware download VirusTotal Malware Malicious Traffic buffers extracted exploit crash unpack itself Tofsee Exploit Java DNS crashed	3 Keyword trend analysis	4	4	1	5.0	M	33	ZeroCERT

45752	2024-07-03 18:50	poop.exe 42e52b8daf63e6e26c3aa91e7e971492 PE File PE32 Browser Info Stealer VirusTotal Malware suspicious privilege Check memory Creates shortcut Creates executable files Ransomware Browser					4.6	M	68	ZeroCERT

45753	2024-07-03 19:02	file_ahstznsa.ob0.txt.ps1 478b1ac88592f59f8a1d4cb790120c38 Generic Malware Antivirus VirusTotal Malware powershell Malicious Traffic unpack itself Check virtual network interfaces Tofsee ComputerName	2 Keyword trend analysis	2	1	1	3.6	M	9	ZeroCERT

45754	2024-07-03 19:10	file_xgep41gp.dyp.txt.ps1 b75a49ff9b2f445e17519d2e743fe1b4 Generic Malware Antivirus Malware powershell Malicious Traffic unpack itself Check virtual network interfaces Tofsee ComputerName	2 Keyword trend analysis	2	1	1	3.2	M		ZeroCERT

45755	2024-07-04 02:39	http://py.pl/I7mIC 6cb7e9e8e7161d8a30c49a4228aafaaf Downloader Create Service Socket DGA Http API ScreenShot Escalate priviledges Steal credential PWS Hijack Network Sniff Audio HTTP DNS Code injection Internet API persistence FTP KeyLogger P2P AntiDebug AntiVM MSOffice File PNG Format JPEG Format VirusTotal Malware Code Injection RWX flags setting exploit crash unpack itself Windows utilities malicious URLs Tofsee Windows Exploit DNS crashed	1 Keyword trend analysis	2	2		5.6			guest

45756	2024-07-04 07:36	injector.exe 509c110ee54d73c3398140a5eb78c45a NSIS Malicious Library UPX Confuser .NET PE File PE32 .NET EXE VirusTotal Malware Microsoft suspicious privilege Check memory Checks debugger Creates executable files unpack itself AppData folder ComputerName DNS crashed		1	2		5.2		57	ZeroCERT

45757	2024-07-04 07:38	ABC.exe 2808310786effc87a4359c778a73a7ee UPX PE File .NET EXE PE32 VirusTotal Malware PDB suspicious privilege Check memory Checks debugger unpack itself ComputerName					2.8		42	ZeroCERT

45758	2024-07-04 07:40	38.exe 40ecc726bee273961d09301c0316af6e Malicious Library UPX PE File PE32 VirusTotal Malware Check memory Checks debugger unpack itself crashed					2.4	M	54	ZeroCERT

45759	2024-07-04 07:43	loader.exe edc8dc2a71af650c1c6272efa564adc3 Generic Malware Malicious Library UPX PE File PE64 OS Processor Check PE32 VirusTotal Malware PDB Creates executable files unpack itself AppData folder Remote Code Execution crashed					3.8		46	ZeroCERT

45760	2024-07-04 07:45	csrss.exe a2dcc2e9dd81e3a5f6440ed7027a86da PE File PE64 VirusTotal Malware PDB MachineGuid Check memory Checks debugger unpack itself					2.2		34	ZeroCERT

45761	2024-07-04 09:36	SWSS.txt.exe cd385c30936cf9cf395b32ba14cfac70 Browser Login Data Stealer Generic Malware Malicious Library Downloader Malicious Packer UPX PE File PE32 OS Processor Check Remcos VirusTotal Malware Malicious Traffic Check memory ICMP traffic DNS DDNS	1 Keyword trend analysis	4	3		4.0		68	ZeroCERT

45762	2024-07-04 09:38	CNO.txt.exe cf6bd97368f587fc689f0cc96702e02e Browser Login Data Stealer Generic Malware Malicious Library Downloader Malicious Packer UPX PE File PE32 OS Processor Check VirusTotal Malware Windows DNS keylogger		1			4.0		61	ZeroCERT

45763	2024-07-04 09:39	systemd.exe da4b6f39fc024d2383d4bfe7f67f1ee1 Generic Malware Malicious Library UPX PE File PE32 OS Processor Check VirusTotal Malware PDB unpack itself Tofsee crashed	1 Keyword trend analysis	2	2		2.0		44	ZeroCERT

45764	2024-07-04 09:41	Bitwarden-Installer-2024.6.3.e... 06e9439beabd1813ff13295adbba48ff Generic Malware Malicious Library Malicious Packer UPX AntiDebug AntiVM PE File ftp PE32 OS Processor Check FTP Client Info Stealer VirusTotal Malware Telegram PDB MachineGuid Code Injection Malicious Traffic Check memory WMI unpack itself Windows utilities Collect installed applications suspicious process AppData folder WriteConsoleW anti-virtualization installed browsers check Tofsee Windows Browser ComputerName Remote Code Execution DNS Software	2 Keyword trend analysis	5	3		10.8		10	ZeroCERT

45765	2024-07-04 09:43	realtekdriver.exe 662404ed188bfab5386fc73a0a7732d4 Malicious Library PE File .NET EXE PE32 VirusTotal Malware Buffer PE Check memory Checks debugger buffers extracted unpack itself Windows ComputerName Cryptographic key					3.8	M	53	ZeroCERT