Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Score	Zero	VT	Player
46201	2020-10-13 09:50	svcguard.exe 3306d593ebf57425ec38bc5fbe400d06 VirusTotal Malware malicious URLs				3.0	M	20	guest

46202	2020-10-13 09:30	evapicturesetup-4858.exe 03417211431d04bce8d68d62c0ca2543 VirusTotal Malware AutoRuns Code Injection Check memory Checks debugger Creates shortcut Creates executable files unpack itself AppData folder malicious URLs AntiVM_Disk sandbox evasion VM Disk Size Check human activity check installed browsers check Windows Browser ComputerName DNS	10 Keyword trend analysis Info http://config.zcjczj.cn/upgrade/evapicture/InfoDes.json http://con2.zcjczj.cn/evapicture4858.xml http://info.zcjczj.cn/4858.html http://api.zcjczj.cn/port.php?redata=Xyoxq2DlH4jt%2FtRxws4nz%2BTI%2Bcs0o64QgOx9Wp5CdBkahaPL%2FHfZ%2FSmC4cIeY22y8kqsr8uYHr32T2%2FMOk0UKWjg33HMjcGcwqraYVB1bhKot77GXEpDGT7Z7i9AplUsTYyJBS185GXX78FD4u6s%2F6ukvyct%2F7XR40Smo48oh5pN3RUVfQZSHzbSFGKhmuyg%2BQ%2F7KFIv1gHz4rFScb0Pqg%3D%3D&verify=266296f875337984bb9f558adf655d49&time=1602557160&ver1.0.0.1&act=1 http://config.zcjczj.cn/upgrade/evapicture/Updatebz.json http://api.zcjczj.cn/portb.php?redata=Xyoxq2DlH4jt%2FtRxws4nz%2BsHCHzuOOy9ZkexX1rM%2BYYcA6Jff39XAyO5Ngyx8RtggkTc3mRQzfeY7wg7kjjOedKd0wIzocZ4Ts61brpBMFhZzJBTGarFo%2Bhf3karOc6w1mSifQ3DIC3EtnmZ0bYf9A%3D%3D&verify=773adc30a799ade97cb9d006fcdf1952&time=1602557160&ver1.0.0.1 http://api.zcjczj.cn/port.php?redata=Xyoxq2DlH4jt%2FtRxws4nz78u17x%2BboYEIT1eWSQPAk1UHoeTdFd8Prhvhpz6%2BT%2FRXdXpIoLLRPBR0TiQDhNWr7wP24L5Br623wSFSsiu9KZba4KfWBC9TaBX8B%2FAVGYGAdqY6jIXs1bgSSZh461YdXn27obdrhe4lcXTZC0bJBvWQlIQUNA97dJBITVu%2FQQGy0qZgG543NyoFU77suVLbQ%3D%3D&verify=e6bee07895b4dfb6635b7c80ae375eae&time=1602557165&ver1.0.0.1&act=2 http://api.zcjczj.cn/port.php?redata=Xyoxq2DlH4jt%2FtRxws4nz4ezSSpqeudcZiqv1qFMmEay4pprDkT9puVxnRzw%2B1H6uQDJfapvCiBkyonhGXs7CJkfmNmm%2BCZ8%2FOqtK11%2FloCsqfWLWx7eDUeNWs2TrSw1kh6rdTpaBnPFmXrj1%2BbIW37r0Q8to7DCcGu9xh28IemcgZV%2FPzdfl0b8lN3M6tbzLHSb%2BvKVY1XQ%2F4MkV5aynQ%3D%3D&verify=29f61217c8d015d3854ca9d0199722af&time=1602557200&ver1.0.0.1&act=1 http://pv.sohu.com/cityjson http://ip.ws.126.net/ipquery	6		10.4	M	39	guest

46203	2020-10-13 09:29	magi.jpg.exe 6f09c7f423232ef509f90e66b1146a50 VirusTotal Malware powershell suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted Creates shortcut Creates executable files unpack itself powershell.exe wrote Check virtual network interfaces suspicious process malicious URLs WriteConsoleW Tofsee Windows ComputerName DNS Cryptographic key	3 Keyword trend analysis	2	1	16.6	M	34	guest

46204	2020-10-13 09:28	starg.exe d65cc6dea6345e91547eae7a12c7a204 VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself Windows utilities suspicious process malicious URLs WriteConsoleW Ransomware Windows Tor ComputerName Cryptographic key crashed				13.0	M	25	guest

46205	2020-10-13 09:18	jesu.exe 0bad1c2742b051a7faceb9dfee896986 Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware suspicious privilege Check memory Checks debugger unpack itself malicious URLs Windows Browser Email ComputerName Cryptographic key Software crashed				6.6	M	22	guest

46206	2020-10-13 09:18	document.doc d9b99daa5b8f7876576da1fbfd783e2c VirusTotal Malware Malicious Traffic exploit crash unpack itself malicious URLs Windows Exploit DNS crashed Downloader	1 Keyword trend analysis	1	6 Info ET INFO Executable Download from dotted-quad Host ET CURRENT_EVENTS Terse alphanumeric executable downloader high likelihood of being hostile ET CURRENT_EVENTS Likely Evil EXE download from dotted Quad by MSXMLHTTP M1 ET POLICY PE EXE or DLL Windows file download HTTP ET CURRENT_EVENTS Likely Evil EXE download from dotted Quad by MSXMLHTTP M2 ET HUNTING SUSPICIOUS Dotted Quad Host MZ Response	5.2	M	24	guest

46207	2020-10-13 09:16	goodluckvpn.exe 09ae134443ee2e63240664c93e2c6afd VirusTotal Malware unpack itself sandbox evasion crashed				3.2	M	30	guest

46208	2020-10-13 09:05	div.exe 73566a9aac1c8ac110e4375f05be15ea VirusTotal Malware Check memory Checks debugger buffers extracted Creates executable files unpack itself AppData folder malicious URLs crashed				4.2		36	guest

46209	2020-10-13 09:05	530340.png.exe 36ffb0b8cfc94f42145839e6b65b7409 AutoRuns Code Injection Check memory buffers extracted unpack itself Windows utilities Detects VMWare suspicious process malicious URLs sandbox evasion WriteConsoleW VMware Windows Browser ComputerName crashed				8.6			guest

46210	2020-10-13 09:05	090206.jpg.exe 5046c78fa38fe90384a1588a55405d6f VirusTotal Malware AutoRuns suspicious privilege Code Injection Check memory Checks debugger buffers extracted Creates executable files unpack itself Windows utilities suspicious process AppData folder malicious URLs Windows Cryptographic key				12.2		24	guest

46211	2020-10-12 16:39	kaptain.exe 2ec35b9e143f9788ead2a7514ac5d6a6 Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware AutoRuns suspicious privilege Check memory Checks debugger unpack itself malicious URLs Ransomware Windows Browser Tor Email ComputerName Cryptographic key Software crashed				10.4		26	guest

46212	2020-10-12 16:39	fran.exe 213909bf7170679df8b3e671726f82cb Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware AutoRuns suspicious privilege Check memory Checks debugger unpack itself malicious URLs Ransomware Windows Browser Tor Email ComputerName Cryptographic key Software crashed				10.4		25	guest

46213	2020-10-12 16:38	document.doc d31e0cd8788360bc57ac0cb59062759d VirusTotal Malware exploit crash unpack itself malicious URLs Exploit DNS crashed	1 Keyword trend analysis	1	1	4.8		27	guest

46214	2020-10-12 16:11	cuckoo_api.txt 32ec54a215318c72db94eed04bc7f609 Check memory unpack itself				1.0			guest

46215	2020-10-12 15:56	postgers.txt 43d035b25ca6b0a71eb28519a6f4a6d6 Check memory unpack itself				1.0			guest

Submissions

3306d593ebf57425ec38bc5fbe400d06

03417211431d04bce8d68d62c0ca2543

6f09c7f423232ef509f90e66b1146a50

d65cc6dea6345e91547eae7a12c7a204

0bad1c2742b051a7faceb9dfee896986

d9b99daa5b8f7876576da1fbfd783e2c

09ae134443ee2e63240664c93e2c6afd

73566a9aac1c8ac110e4375f05be15ea

36ffb0b8cfc94f42145839e6b65b7409

5046c78fa38fe90384a1588a55405d6f

2ec35b9e143f9788ead2a7514ac5d6a6

213909bf7170679df8b3e671726f82cb

d31e0cd8788360bc57ac0cb59062759d

32ec54a215318c72db94eed04bc7f609

43d035b25ca6b0a71eb28519a6f4a6d6

View

Insert

Alert