Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Rule	Score	Zero	VT	Player
45901	2024-07-08 18:28	venture45.hta e17e0242e9fe3834c192513619013b92 Generic Malware Antivirus Malicious Library .NET framework(MSIL) AntiDebug AntiVM PowerShell PE File DLL PE32 .NET DLL .NET EXE VirusTotal Malware powershell suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted WMI Creates shortcut Creates executable files unpack itself Windows utilities powershell.exe wrote Check virtual network interfaces suspicious process AppData folder WriteConsoleW Windows ComputerName Cryptographic key crashed	1 Keyword trend analysis	2	4	1	17.4	M	23	ZeroCERT

45902	2024-07-08 18:30	xplayd.hta 82a46c36da6b5ae4bd7794eb6fd9f029 Generic Malware Antivirus PE File DLL PE32 .NET DLL VirusTotal Malware powershell suspicious privilege Check memory Checks debugger Creates shortcut Creates executable files unpack itself Windows utilities powershell.exe wrote suspicious process AppData folder WriteConsoleW Windows ComputerName Cryptographic key crashed					6.6		6	ZeroCERT

45903	2024-07-09 09:55	asdf.EXE 651962c322d049e7271543d8d2673311 Malicious Library Malicious Packer .NET framework(MSIL) PE File .NET EXE PE32 VirusTotal Malware Check memory Checks debugger unpack itself ComputerName					2.0	M	13	ZeroCERT

45904	2024-07-09 09:55	inte.exe 91127bcbe51880375df489df4e711151 Malicious Library PE File PE32 VirusTotal Malware Remote Code Execution					2.0	M	24	ZeroCERT

45905	2024-07-09 09:58	PsExec.exe 24a648a48741b1ac809e47b9543c6f12 Generic Malware Malicious Library Malicious Packer UPX PE File PE32 OS Processor Check VirusTotal Malware PDB Check memory Checks debugger unpack itself WriteConsoleW Remote Code Execution					1.8	M	2	ZeroCERT

45906	2024-07-09 09:58	SCM_1.exe 00a69916c649b8f347552f045d9529ef PE File PE64 VirusTotal Cryptocurrency Miner Malware Cryptocurrency DNS		2	2		1.4	M	46	ZeroCERT

45907	2024-07-09 10:00	EXACT_ITEM.exe 9babf09115135e3726636ed32790bd36 Malicious Packer UPX PE File PE64 VirusTotal Malware Checks debugger					2.0	M	34	ZeroCERT

45908	2024-07-09 10:02	Xin.exe 520f92170a2cf78ed3152f83973b9b66 Malicious Library Admin Tool (Sysinternals etc ...) PWS AntiDebug AntiVM PE File .NET EXE PE32 VirusTotal Malware Buffer PE PDB suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself Windows DNS Cryptographic key		2			10.6		59	ZeroCERT

45909	2024-07-09 10:04	persona.exe a0f4dea92c2045c7da2664345e4e5edf Generic Malware Malicious Library UPX PE File PE64 OS Processor Check VirusTotal Malware PDB unpack itself DNS crashed	1 Keyword trend analysis	1			2.8	M	29	ZeroCERT

45910	2024-07-09 10:10	file 4808c478a3cf9d6fae1e1dcb10f4be33 Javascript_Blob AntiDebug AntiVM ftp MSOffice File Code Injection Creates executable files ICMP traffic RWX flags setting exploit crash unpack itself Windows utilities Tofsee Windows Exploit DNS crashed	5 Keyword trend analysis Info https://www.googletagmanager.com/gtag/js?id=UA-829541-1 https://the.gatekeeperconsent.com/cmp.min.js https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015 https://www.googletagmanager.com/gtm.js?id=GTM-53LP4T https://btloader.com/tag?o=5678961798414336&upapi=true	19 Info www.googletagmanager.com(142.250.206.232) the.gatekeeperconsent.com(172.67.199.186) translate.google.com(142.250.206.206) static.mediafire.com(104.16.114.74) cdn.amplitude.com(54.230.61.103) static.cloudflareinsights.com(104.16.80.73) www.ezojs.com(104.21.63.106) btloader.com(104.22.75.216) 142.250.207.78 172.67.199.186 172.67.170.144 104.16.113.74 - mailcious 142.251.220.46 104.16.80.73 54.230.61.127 104.16.114.74 - mailcious 104.22.75.216 142.250.76.232 104.21.63.106	2		6.6	M		ZeroCERT

45911	2024-07-09 10:11	install.exe 7524d560b667b8ed62f16bc59772d81f Emotet Gen1 HermeticWiper Generic Malware PhysicalDrive Malicious Library Malicious Packer UPX Admin Tool (Sysinternals etc ...) Obsidium protector Antivirus PE File PE64 CAB OS Processor Check DLL DllRegisterServer dll PE32 MZP Format MSOffice File VirusTotal Malware PDB Checks debugger Creates executable files					3.6	M	44	ZeroCERT

45912	2024-07-09 10:12	Setup.exe 59a192a7b85f4bb5796c53cc450caf2c Malicious Library PE File PE32 VirusTotal Malware Checks debugger WMI Creates executable files RWX flags setting unpack itself Checks Bios anti-virtualization ComputerName					4.4		28	ZeroCERT

45913	2024-07-09 10:12	AdaptorOvernight.exe e0d29de6e2fa7590f857f1ef825c943c Suspicious_Script_Bin Generic Malware Downloader Malicious Library UPX Create Service Socket DGA Http API ScreenShot Escalate priviledges Steal credential PWS Hijack Network Sniff Audio HTTP DNS Code injection Internet API persistence FTP KeyLogger P2P An VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger WMI Creates executable files unpack itself Windows utilities suspicious process AppData folder malicious URLs sandbox evasion WriteConsoleW Windows ComputerName DNS					8.0	M	18	ZeroCERT

45914	2024-07-09 11:20	Large_Innovation_Project_for_B... 51565dd3cedcdcf0040a62e31758a525 Generic Malware Antivirus AntiDebug AntiVM Lnk Format GIF Format VirusTotal Malware powershell AutoRuns suspicious privilege Code Injection Check memory Checks debugger Creates shortcut unpack itself Windows utilities powershell.exe wrote suspicious process WriteConsoleW Windows ComputerName Cryptographic key	3 Keyword trend analysis				7.0		14	ZeroCERT

45915	2024-07-09 12:06	download.php 019defe59b733d4d86a895702873ff07 Malicious Library PE File PE32 VirusTotal Malware Remote Code Execution					2.0	M	27	ZeroCERT