Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Score	Zero	VT	Player
46036	2024-07-15 09:27	dmi.txt.vbs 7e4e5ec429a0738c15593112bcf50406 Generic Malware Antivirus PowerShell VirusTotal Malware powershell suspicious privilege Check memory Checks debugger Creates shortcut unpack itself suspicious process WriteConsoleW Windows ComputerName Cryptographic key	1 Keyword trend analysis			6.2	M	23	ZeroCERT

46037	2024-07-15 09:28	nlb.txt.vbs afd1fa691ac9b0ab5b39fd8a0d0e40d7 Generic Malware Antivirus PowerShell VirusTotal Malware powershell AutoRuns suspicious privilege Malicious Traffic Check memory Checks debugger buffers extracted Creates shortcut Creates executable files unpack itself Check virtual network interfaces suspicious process WriteConsoleW Tofsee Windows ComputerName DNS Cryptographic key	1 Keyword trend analysis	2	3	10.6	M	10	ZeroCERT

46038	2024-07-15 09:29	SIP.03746.XSLSX.exe a3e681364daaa68ce0177581573f483f Emotet Generic Malware Malicious Library Antivirus UPX Confuser .NET .NET framework(MSIL) AntiDebug AntiVM DllRegisterServer dll PE File PE32 MZP Format PowerShell CAB .NET EXE VirusTotal Malware powershell AutoRuns suspicious privilege Code Injection Check memory Checks debugger Creates shortcut Creates executable files unpack itself powershell.exe wrote Check virtual network interfaces suspicious process suspicious TLD anti-virtualization installed browsers check Tofsee Windows Browser ComputerName Cryptographic key		3	2	12.2		38	ZeroCERT

46039	2024-07-15 09:30	1PDF.FaturaDetay_202407.exe d8bf792f818877bf4848fde9511caeb8 Emotet Generic Malware Malicious Library Antivirus UPX Confuser .NET .NET framework(MSIL) AntiDebug AntiVM DllRegisterServer dll PE File PE32 MZP Format PowerShell CAB .NET EXE VirusTotal Malware powershell AutoRuns suspicious privilege Code Injection Check memory Checks debugger Creates shortcut Creates executable files unpack itself powershell.exe wrote Check virtual network interfaces suspicious process AntiVM_Disk anti-virtualization VM Disk Size Check installed browsers check Tofsee Windows Browser ComputerName Cryptographic key crashed		2	2	13.6	M	44	ZeroCERT

46040	2024-07-15 09:30	217.exe 42e2d273ee6215957f2b979737a74b45 Generic Malware Malicious Library UPX PE File PE32 OS Processor Check VirusTotal Malware unpack itself crashed				1.8	M	26	ZeroCERT

46041	2024-07-15 09:31	vikis.txt.vbs 26a4c267e7169f70a2f810854c0214cd Generic Malware Antivirus PowerShell VirusTotal Malware powershell suspicious privilege Check memory Checks debugger Creates shortcut unpack itself suspicious process WriteConsoleW Windows ComputerName Cryptographic key crashed				6.2	M	10	ZeroCERT

46042	2024-07-15 09:32	pqjvyogm.exe 6498c822022751dbe8abb655e6ac9db0 PE File .NET EXE PE32 VirusTotal Malware MachineGuid Check memory Checks debugger buffers extracted unpack itself Windows DNS Cryptographic key		1		3.8	M	49	ZeroCERT

46043	2024-07-15 09:33	PDF.FaturaDetay_202407.exe 3a2ba5be087162cfdb5d49ac32edd534 Emotet Generic Malware Malicious Library Antivirus UPX Confuser .NET .NET framework(MSIL) AntiDebug AntiVM DllRegisterServer dll PE File PE32 MZP Format PowerShell CAB .NET EXE VirusTotal Malware powershell AutoRuns suspicious privilege Code Injection Check memory Checks debugger Creates shortcut Creates executable files unpack itself powershell.exe wrote Check virtual network interfaces suspicious process anti-virtualization installed browsers check Tofsee Windows Browser ComputerName Cryptographic key		2	2	11.6	M	43	ZeroCERT

46044	2024-07-15 09:35	AntiVirus2.exe e81179996dbd2490c45ca13d80eae0a8 PE File .NET EXE PE32 VirusTotal Malware Check memory Checks debugger buffers extracted unpack itself Windows DNS Cryptographic key		1		4.6	M	58	ZeroCERT

46045	2024-07-15 09:36	Trkyzwvg-TG-R.exe 42208ec96d3a525eb6c8fb7039dc680a Generic Malware .NET framework(MSIL) Antivirus PE File .NET EXE PE32 VirusTotal Malware powershell suspicious privilege Check memory Checks debugger Creates shortcut unpack itself powershell.exe wrote suspicious process AppData folder Windows ComputerName Cryptographic key				5.4	M	58	ZeroCERT

46046	2024-07-15 09:37	Eflbu.exe e3dc222d0a34c4b230f538a67bb7265d Malicious Library PE File .NET EXE PE32 VirusTotal Malware Buffer PE suspicious privilege Check memory Checks debugger buffers extracted unpack itself Windows ComputerName Cryptographic key				4.8	M	63	ZeroCERT

46047	2024-07-15 09:38	Milieuskadeligst.exe 99af50ba5059f85a1c8bd15ecf23fb3b Malicious Library PE File PE64 VirusTotal Malware suspicious privilege MachineGuid Check memory Checks debugger unpack itself				2.6	M	50	ZeroCERT

46048	2024-07-15 09:39	Rrobknnz-TPBA.exe 54b737b86fddcb3ca236a6cf743e66e7 Generic Malware Antivirus PE File .NET EXE PE32 VirusTotal Malware Buffer PE PDB suspicious privilege Check memory Checks debugger buffers extracted Creates shortcut unpack itself suspicious process AppData folder Windows ComputerName Cryptographic key				6.0	M	54	ZeroCERT

46049	2024-07-15 09:46	setup.exe 6a3939be71bff89a00b8d66c0cdae6d2 Malicious Library PE File PE32 Checks debugger WMI Creates executable files RWX flags setting unpack itself Checks Bios anti-virtualization ComputerName				3.6			ZeroCERT

46050	2024-07-15 10:30	Update.js 19e9ed9aab2bbf4d40e7d1e1072ebd21 Malware download Malware VBScript wscript.exe payload download Tofsee SocGholish DNS crashed Dropper	1 Keyword trend analysis	2	4	10.0			guest