Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Score	Zero	VT	Player
46381	2024-07-29 13:46	CBS_applcation_details_0726020... 117bc3a7fa3309e3f443ea02c267f1d4 VirusTotal Malware VBScript AutoRuns suspicious privilege buffers extracted wscript.exe payload download Creates shortcut Creates executable files unpack itself Windows utilities sandbox evasion installed browsers check Tofsee Windows Browser ComputerName Dropper	2 Keyword trend analysis	2	1	10.0	M	21	ZeroCERT

46382	2024-07-29 13:47	test1.exe 97de4bc04461280f11316077a41083e0 Malicious Library Malicious Packer Antivirus .NET framework(MSIL) UPX PE File .NET EXE PE32 OS Processor Check VirusTotal Malware Check memory Checks debugger unpack itself				2.0	M	60	ZeroCERT

46383	2024-07-29 13:49	ngrok.exe f02b8dabd9612d56140b7b435f70424b Malicious Library Malicious Packer UPX PE File ftp PE64 wget OS Processor Check VirusTotal Malware wscript.exe payload download unpack itself Check virtual network interfaces crashed	1 Keyword trend analysis	2		3.6		28	ZeroCERT

46384	2024-07-29 13:51	Ref_BA0929399122_pdf.js 117bc3a7fa3309e3f443ea02c267f1d4 VirusTotal Malware VBScript AutoRuns suspicious privilege buffers extracted wscript.exe payload download Creates shortcut Creates executable files unpack itself Windows utilities sandbox evasion installed browsers check Tofsee Windows Browser ComputerName Dropper	2 Keyword trend analysis	2	1	10.0	M	21	ZeroCERT

46385	2024-07-29 13:51	svhostc.exe ae3dd2f4488753b690ca17d555147aba Malicious Library UPX Http API HTTP Internet API AntiDebug AntiVM PE File PE32 OS Processor Check VirusTotal Malware Telegram AutoRuns Code Injection Checks debugger buffers extracted unpack itself Tofsee Windows ComputerName DNS		2	4	8.2	M	56	ZeroCERT

46386	2024-07-29 13:52	163.exe c5d0790f653d7922b4723bdd6737f3a7 Generic Malware Malicious Library ASPack UPX DllRegisterServer dll PE File PE32 MZP Format OS Processor Check JPEG Format DLL VirusTotal Malware AutoRuns suspicious privilege Creates executable files unpack itself Windows utilities AppData folder Tofsee Windows Advertising Google ComputerName DNS DDNS crashed keylogger	7 Keyword trend analysis Info http://freedns.afraid.org/api/?action=getdyndns&sha=a30fa98efc092684e8d1c5cff797bcc613562978 https://drive.usercontent.google.com/download?id=0BxsMXGfPIZfSVlVsOGlEVGxuZVk&export=download https://drive.usercontent.google.com/download?id=0BxsMXGfPIZfSTmlVYkxhSDg5TzQ&export=download https://www.dropbox.com/s/n1w4p8gc6jzo0sg/SUpdate.ini?dl=1 https://www.dropbox.com/s/zhp1b06imehwylq/Synaptics.rar?dl=1 https://www.dropbox.com/s/fzj752whr3ontsm/SSLLibrary.dll?dl=1 http://xred.site50.net/syn/SSLLibrary.dll	11 Info www.dropbox.com(162.125.80.18) - mailcious drive.usercontent.google.com(142.250.206.193) - mailcious freedns.afraid.org(69.42.215.252) docs.google.com(172.217.25.174) - mailcious xred.mooo.com() - mailcious smtp.163.com(103.129.252.45) 103.129.252.45 162.125.80.18 - mailcious 142.250.196.238 69.42.215.252 142.250.71.225	3	8.8	M	69	ZeroCERT

46387	2024-07-29 13:53	gate3.exe 1cbf0540443b57f70f8f09dfb0386d94 Generic Malware VMProtect Anti_VM PE File PE64 VirusTotal Malware Disables Windows Security Windows Remote Code Execution DNS crashed		6		6.2	M	55	ZeroCERT

46388	2024-07-29 14:04	file.exe 987780c119053443d858af831068bb47 Generic Malware ASPack UPX Antivirus PE File ftp PE32 VirusTotal Malware powershell suspicious privilege Check memory Checks debugger buffers extracted Creates shortcut Creates executable files RWX flags setting unpack itself powershell.exe wrote suspicious process AppData folder Windows ComputerName Cryptographic key	2 Keyword trend analysis	10	2	8.0	M	45	ZeroCERT

46389	2024-07-29 14:06	server.exe 2de7d28d6a79983ee82356f91fb0859c Malicious Library PE File .NET EXE PE32 VirusTotal Malware PDB Check memory Checks debugger buffers extracted Creates executable files unpack itself				2.8		18	ZeroCERT

46390	2024-07-29 16:44	YesBnk_Transaction_File_981200... 117bc3a7fa3309e3f443ea02c267f1d4 VirusTotal Malware VBScript AutoRuns suspicious privilege buffers extracted wscript.exe payload download Creates shortcut Creates executable files unpack itself Windows utilities sandbox evasion installed browsers check Tofsee Windows Browser ComputerName Dropper	2 Keyword trend analysis	2	1	10.0	M	21	ZeroCERT

46391	2024-07-29 16:45	Transaction_File_9812009_End_I... 117bc3a7fa3309e3f443ea02c267f1d4 ZIP Format VirusTotal Malware VBScript AutoRuns suspicious privilege buffers extracted wscript.exe payload download Creates shortcut Creates executable files Windows utilities sandbox evasion installed browsers check Tofsee Windows Browser ComputerName Dropper	7 Keyword trend analysis Info http://acroipm2.adobe.com/20/rdr/ENU/win/nooem/none/consumer/277_20_6_20042.zip http://acroipm2.adobe.com/20/rdr/ENU/win/nooem/none/consumer/279_20_6_20042.zip http://acroipm2.adobe.com/20/rdr/ENU/win/nooem/none/consumer/280_20_6_20042.zip http://acroipm2.adobe.com/20/rdr/ENU/win/nooem/none/consumer/281_20_6_20042.zip http://acroipm2.adobe.com/20/rdr/ENU/win/nooem/none/consumer/message.zip https://ddfcbb9325637bcdeff.mxttbszhh1.free.hr/oauth/pdf/Monetary_Funding_Sheet_2024.pdf https://ddfcbb9325637bcdeff.mxttbszhh1.free.hr/oauth/pdf/Monetary_Funding_Sheet_2024.js	2	1	10.0	M	21	ZeroCERT

46392	2024-07-29 16:51	eaz.txt.vbs ee3604ddfe9c20f08d2bf9e3ec7c7ac5 Generic Malware Antivirus PowerShell VirusTotal Malware powershell suspicious privilege Malicious Traffic Check memory Checks debugger Creates shortcut unpack itself Check virtual network interfaces suspicious process WriteConsoleW Tofsee Windows ComputerName DNS Cryptographic key	1 Keyword trend analysis	2	3	8.6	M	12	ZeroCERT

46393	2024-07-29 16:51	Monetary_Funding_Sheet_2024.js 71b47c3b941616d457f0edc4234a91a0 VirusTotal Malware VBScript wscript.exe payload download Tofsee Dropper	1 Keyword trend analysis	2	2	10.0	M	19	ZeroCERT

46394	2024-07-29 16:51	kiss.txt.vbs e18a46ead29fa590d71256bca05fac76 Generic Malware Antivirus PowerShell VirusTotal Malware powershell suspicious privilege Malicious Traffic Check memory Checks debugger Creates shortcut unpack itself Check virtual network interfaces suspicious process WriteConsoleW Tofsee Windows ComputerName DNS Cryptographic key	1 Keyword trend analysis	2	3	8.6	M	11	ZeroCERT

46395	2024-07-29 16:55	Tranx_not_receive_Ref_Ba092001... 117bc3a7fa3309e3f443ea02c267f1d4 Client SW User Data Stealer browser info stealer Generic Malware Google Chrome User Data Downloader Create Service Socket DGA Http API ScreenShot Escalate priviledges Steal credential PWS Sniff Audio HTTP DNS Code injection BitCoin Internet API persistenc Browser Info Stealer VirusTotal Malware VBScript AutoRuns Code Injection Checks debugger buffers extracted wscript.exe payload download Creates executable files exploit crash unpack itself malicious URLs installed browsers check Tofsee Windows Exploit Browser crashed Dropper	1 Keyword trend analysis	2	1	10.0	M	21	guest