Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Score	Zero	VT	Player
47161	2024-08-15 15:27	uneednewthingstogetmebackwithe... 9853bd06615e0b92da339077f6aa9e85 MS_RTF_Obfuscation_Objects RTF File doc VirusTotal Malware Malicious Traffic RWX flags setting exploit crash Tofsee Exploit DNS crashed	1 Keyword trend analysis	3	1	4.6	M	34	ZeroCERT

47162	2024-08-15 15:28	1.ps1 3c43cf2113474c72b9201dd18f375a33 XMRig Miner Generic Malware Antivirus Malicious Library Malicious Packer UPX PE File PE64 OS Processor Check VirusTotal Malware powershell AutoRuns Malicious Traffic Check memory buffers extracted Creates executable files unpack itself Windows utilities powershell.exe wrote Check virtual network interfaces suspicious process WriteConsoleW Windows ComputerName DNS Cryptographic key	2 Keyword trend analysis	2	4	13.2	M	33	ZeroCERT

47163	2024-08-15 15:29	sirMXU3YH.exe be2991a976897adedd63e73d32de221d Process Kill Generic Malware Malicious Library FindFirstVolume CryptGenKey UPX PE File Device_File_Check PE32 OS Processor Check Browser Info Stealer VirusTotal Email Client Info Stealer Malware suspicious privilege Check memory Checks debugger unpack itself Browser Email ComputerName crashed				4.6	M	33	ZeroCERT

47164	2024-08-15 15:30	Application.jar 63bf5a039306926938fb1755e89419ba ZIP Format Check memory heapspray unpack itself Java				1.6			ZeroCERT

47165	2024-08-15 15:39	verynicefruitswithbutterbunhei... d04da4190c7c6d6d6b8687e69ddb79f7 Generic Malware Antivirus Hide_URL PowerShell powershell suspicious privilege Check memory Checks debugger Creates shortcut unpack itself Check virtual network interfaces suspicious process WriteConsoleW Tofsee Windows ComputerName Cryptographic key	1 Keyword trend analysis	2	1	7.2	M		ZeroCERT

47166	2024-08-15 16:35	CodeResources b3449813343cf03f6050a0a4d79c2ee6 AntiDebug AntiVM MSOffice File Code Injection RWX flags setting exploit crash unpack itself Windows utilities Windows Exploit DNS crashed				3.8			guest

47167	2024-08-15 16:36	CodeResources b3449813343cf03f6050a0a4d79c2ee6 Downloader Create Service Socket DGA Http API ScreenShot Escalate priviledges Steal credential PWS Hijack Network Sniff Audio HTTP DNS Code injection Internet API persistence FTP KeyLogger P2P AntiDebug AntiVM MSOffice File Code Injection RWX flags setting exploit crash unpack itself Windows utilities malicious URLs Tofsee Windows Exploit DNS crashed			2	4.2			guest

47168	2024-08-15 16:36	CodeResources b3449813343cf03f6050a0a4d79c2ee6 Downloader Create Service Socket DGA Http API ScreenShot Escalate priviledges Steal credential PWS Hijack Network Sniff Audio HTTP DNS Code injection Internet API persistence FTP KeyLogger P2P AntiDebug AntiVM MSOffice File Code Injection RWX flags setting exploit crash unpack itself Windows utilities malicious URLs Tofsee Windows Exploit DNS crashed			2	4.8			guest

47169	2024-08-15 16:37	CodeResources b3449813343cf03f6050a0a4d79c2ee6 AntiDebug AntiVM MSOffice File Code Injection RWX flags setting exploit crash unpack itself Windows utilities Windows Exploit DNS crashed				3.8			guest

47170	2024-08-15 16:38	CodeResources b3449813343cf03f6050a0a4d79c2ee6 AntiDebug AntiVM MSOffice File Code Injection RWX flags setting exploit crash unpack itself Windows utilities Windows Exploit DNS crashed				3.8			guest

47171	2024-08-15 16:39	CodeResources b3449813343cf03f6050a0a4d79c2ee6 Downloader Create Service Socket DGA Http API ScreenShot Escalate priviledges Steal credential PWS Hijack Network Sniff Audio HTTP DNS Code injection Internet API persistence FTP KeyLogger P2P AntiDebug AntiVM MSOffice File Code Injection RWX flags setting exploit crash unpack itself Windows utilities malicious URLs Tofsee Windows Exploit DNS crashed			2	4.2			guest

47172	2024-08-15 16:39	CodeResources b3449813343cf03f6050a0a4d79c2ee6 Downloader Create Service Socket DGA Http API ScreenShot Escalate priviledges Steal credential PWS Hijack Network Sniff Audio HTTP DNS Code injection Internet API persistence FTP KeyLogger P2P AntiDebug AntiVM MSOffice File Code Injection RWX flags setting exploit crash unpack itself Windows utilities malicious URLs Tofsee Windows Exploit DNS crashed			2	4.8			guest

47173	2024-08-16 15:10	robotic.exe 6b1bbe4e391cdfd775780d8502ccbc41 RedLine stealer ILProtector Packer Malicious Library .NET framework(MSIL) UPX PE File .NET EXE PE32 OS Processor Check RedLine Malware download VirusTotal Malware Microsoft suspicious privilege MachineGuid Check memory Checks debugger buffers extracted unpack itself Stealer Windows ComputerName DNS Cryptographic key		1	3	4.0	M	49	ZeroCERT

47174	2024-08-16 15:16	rootkit.dll d72fea64a05b3f7dce725352d7c1d032 Generic Malware Malicious Library Malicious Packer PE File .NET EXE PE32 VirusTotal Malware PDB suspicious privilege Check memory Checks debugger unpack itself				3.0	M	63	ZeroCERT

47175	2024-08-16 15:16	feelfreethingstogetmebackwithe... c1a7bf262d7bad7fc46411c0996fc50c MS_RTF_Obfuscation_Objects RTF File doc VirusTotal Malware Malicious Traffic RWX flags setting exploit crash Tofsee Exploit DNS crashed	1 Keyword trend analysis	3	1	4.6	M	37	ZeroCERT