Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Score	VT	Player
47221	2024-08-17 23:16	Configure.xml a163ce14405a6eed5ec4bfbef078e5b6 AntiDebug AntiVM MSOffice File Code Injection RWX flags setting exploit crash unpack itself Windows utilities Tofsee Windows Exploit DNS crashed			2	3.8		guest

47222	2024-08-17 23:16	cleanospp.exe d3467cb7b83b654c2d05407dc7ba2360 Generic Malware Downloader Create Service Socket DGA Http API ScreenShot Escalate priviledges Steal credential PWS Sniff Audio HTTP DNS Code injection Internet API FTP KeyLogger P2P AntiDebug AntiVM PE File PE64 PDB Check memory unpack itself				1.2		guest

47223	2024-08-17 23:16	Uninstall.xml 364f86f97324ea82fe0d142cd01cf6dd Downloader Create Service Socket DGA Http API ScreenShot Escalate priviledges Steal credential PWS Hijack Network Sniff Audio HTTP DNS Code injection Internet API persistence FTP KeyLogger P2P AntiDebug AntiVM MSOffice File Code Injection RWX flags setting exploit crash unpack itself Windows utilities malicious URLs Tofsee Windows Exploit DNS crashed			2	4.2		guest

47224	2024-08-17 23:17	Uninstall.xml 364f86f97324ea82fe0d142cd01cf6dd Downloader Create Service Socket DGA Http API ScreenShot Escalate priviledges Steal credential PWS Hijack Network Sniff Audio HTTP DNS Code injection Internet API persistence FTP KeyLogger P2P AntiDebug AntiVM MSOffice File Code Injection RWX flags setting exploit crash unpack itself Windows utilities malicious URLs Tofsee Windows Exploit DNS crashed			2	4.8		guest

47225	2024-08-17 23:18	OInstallLite_x64.exe eac3a81a4d8b10eb2c8bc8b87cbb252e Gen1 Emotet Generic Malware Downloader task schedule Malicious Library Antivirus UPX Admin Tool (Sysinternals etc ...) Malicious Packer [C] OS Create Service Socket DGA Http API ScreenShot Escalate priviledges Steal credential PWS Sniff Audio HTTP DNS Cod powershell Buffer PE suspicious privilege Check memory Checks debugger buffers extracted Creates shortcut Creates executable files unpack itself Windows utilities powershell.exe wrote suspicious process AppData folder malicious URLs WriteConsoleW Windows ComputerName Cryptographic key crashed				10.0		guest

47226	2024-08-17 23:19	OInstall_x64.exe 0ecb6ffe27ff59289f07d7097a7b36e8 Gen1 Emotet Generic Malware PhysicalDrive task schedule Downloader Malicious Library Antivirus UPX Malicious Packer Admin Tool (Sysinternals etc ...) [C] OS Socket DGA Http API ScreenShot Escalate priviledges PWS Hijack Network HTTP DNS Internet API persi powershell Buffer PE suspicious privilege Check memory Checks debugger buffers extracted Creates shortcut Creates executable files unpack itself Windows utilities powershell.exe wrote suspicious process AppData folder malicious URLs WriteConsoleW Windows ComputerName Cryptographic key crashed				9.4		guest

47227	2024-08-17 23:19	cpuz.exe 933612be98b1de1b5fb119a6b30e84db Emotet Gen1 Generic Malware Malicious Library Malicious Packer ASPack UPX PE File PE64 OS Processor Check PDB suspicious privilege Check memory Checks debugger Creates shortcut unpack itself Auto service Firewall state off anti-virtualization Tofsee Windows ComputerName Firmware		2	2	6.0		guest

47228	2024-08-18 02:13	MediaCreationTool_Win11_23H2.e... 25c9285c00ef7d41b28823a053a9a372 Gen1 Generic Malware Malicious Library Malicious Packer UPX PE File CAB PE32 PDB Remote Code Execution				1.0		guest

47229	2024-08-18 02:39	APP do PT.url d5bc3c4d57a844636c1bcd3ed5d7fb1f AntiDebug AntiVM URL Format MSOffice File PNG Format JPEG Format Code Injection RWX flags setting exploit crash unpack itself Windows utilities Tofsee Windows Exploit DNS crashed		2	2	4.2		guest

47230	2024-08-18 06:48	Feliz natal.docx 7ecabc55cb0e6b0893102fb1d368b34e Word 2007 file format(docx) ZIP Format Vulnerability unpack itself				1.8		guest

47231	2024-08-18 09:53	eagleget-2-1-6-50.exe e96dd956bc2159ff1d073876ef5d4e58 Gen1 Generic Malware Downloader task schedule Malicious Library UPX Antivirus Create Service Socket DGA Http API ScreenShot Escalate priviledges Steal credential PWS Hijack Network Sniff Audio HTTP DNS Code injection Internet API persistence FTP KeyLogger suspicious privilege Check memory Checks debugger WMI Creates executable files unpack itself Windows utilities AppData folder malicious URLs WriteConsoleW Windows ComputerName				5.0	16	guest

47232	2024-08-18 09:58	SSD-Z.exe dc6e1b46c89572020133463ec43ca414 Downloader Malicious Library Malicious Packer UPX Create Service Socket DGA Http API ScreenShot Escalate priviledges Steal credential PWS Hijack Network Sniff Audio HTTP DNS Code injection Internet API persistence FTP KeyLogger P2P AntiDebug AntiVM PE Fil Check memory unpack itself malicious URLs AntiVM_Disk anti-virtualization VM Disk Size Check				2.6	1	guest

47233	2024-08-18 10:03	alanne L3150_Lite_LA.exe e804d30fec2f2c8f51417273192d4c3a Gen1 Malicious Library UPX PE File PE32 MZP Format OS Processor Check PE64 Check memory Checks debugger unpack itself AppData folder crashed				2.2		guest

47234	2024-08-18 10:08	L3250_L3251_Lite_LA.exe 23b9be57494e761584989265e5a2dcf3 Emotet Gen1 Schwerer Generic Malware Malicious Library UPX Malicious Packer Admin Tool (Sysinternals etc ...) PE File PE32 MZP Format PNG Format DLL OS Processor Check JPEG Format icon PE64 Malware Malicious Traffic Check memory Checks debugger RWX flags setting unpack itself AppData folder Tofsee ComputerName DNS	1 Keyword trend analysis	6	3	3.8		guest

47235	2024-08-18 10:08	L3250_L3251_Lite_LA.exe 23b9be57494e761584989265e5a2dcf3 Emotet Gen1 Schwerer Generic Malware Malicious Library UPX Malicious Packer Admin Tool (Sysinternals etc ...) PE File PE32 MZP Format PNG Format DLL OS Processor Check JPEG Format icon PE64 Malware Malicious Traffic Check memory Checks debugger RWX flags setting unpack itself AppData folder Tofsee ComputerName DNS	1 Keyword trend analysis	6	3	4.4		guest