Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Rule	Score	Zero	VT	Player
47326	2024-08-19 15:22	Brazeeel.vbs 14bde8aed8a9f08a93483d751677dc71 Generic Malware Antivirus Hide_URL PowerShell VirusTotal Malware powershell suspicious privilege Check memory Checks debugger Creates shortcut unpack itself Check virtual network interfaces suspicious process WriteConsoleW Tofsee Windows ComputerName Cryptographic key	1 Keyword trend analysis	2	1		7.6	M	2	ZeroCERT

47327	2024-08-19 15:23	slavamerlov.exe cecdc6f5ffde0ad1ddc333cc2a59d56e Generic Malware Malicious Library UPX PE File PE32 OS Processor Check VirusTotal Malware PDB Tofsee crashed	1 Keyword trend analysis	2	1		1.6	M	50	ZeroCERT

47328	2024-08-19 15:24	TMS_C153.exe 1ce9a063972f6f5266b78f7be6365fd6 Malicious Library UPX PE File DllRegisterServer dll PE32 MZP Format VirusTotal Malware unpack itself crashed					1.8		3	ZeroCERT

47329	2024-08-19 15:25	POS_C018.exe 4a4725aeec3719c349392b5dd8f01d14 Malicious Library UPX PE File DllRegisterServer dll PE32 MZP Format VirusTotal Malware unpack itself crashed					2.0	M	12	ZeroCERT

47330	2024-08-19 15:26	imjp14k.dll 4fa897798a9028ea4f8dad8f8da5dc63 Malicious Library UPX PE File DLL PE32 OS Processor Check VirusTotal Malware					1.2	M	49	ZeroCERT

47331	2024-08-19 15:26	TMS_C009.exe 36c9de5666a5ef5b6f7a27f23538f5bb Malicious Library UPX PE File DllRegisterServer dll PE32 MZP Format VirusTotal Malware unpack itself crashed					1.8	M	10	ZeroCERT

47332	2024-08-19 15:27	POS_C088.exe d33adff25e4c94c97c77ad6e9954a5bc Malicious Library Admin Tool (Sysinternals etc ...) UPX PE File DllRegisterServer dll PE32 MZP Format VirusTotal Malware unpack itself crashed					2.0	M	10	ZeroCERT

47333	2024-08-19 15:29	wzoptini.exe e4eff021485fd9e7050c2beebc30a376 Generic Malware UPX PE File PE32 VirusTotal Malware Checks debugger					2.2	M	43	ZeroCERT

47334	2024-08-19 15:32	POS_C010.exe c27b1550edae5ab1b33a3b4a0b823a93 Malicious Library UPX PE File ftp DllRegisterServer dll PE32 MZP Format OS Processor Check VirusTotal Malware Check memory unpack itself Detects VirtualBox Check virtual network interfaces AntiVM_Disk sandbox evasion anti-virtualization VM Disk Size Check human activity check ComputerName crashed					5.4	M	12	ZeroCERT

47335	2024-08-19 15:34	wordup.exe 6b3b47c27c01e8f45f6d0f6aa509315c CoinMiner AutoIt Generic Malware UPX PE File PE32 VirusTotal Malware Check memory Checks debugger					2.6	M	62	ZeroCERT

47336	2024-08-19 15:36	NVIDIAShare.exe b17292cfd59a608662ae9e63a9a799fd Generic Malware Malicious Library UPX Downloader PE File PE32 OS Processor Check PE64 VirusTotal Malware AutoRuns PDB Creates executable files AppData folder Tofsee Windows Remote Code Execution	1 Keyword trend analysis	2	1		3.6	M	54	ZeroCERT

47337	2024-08-19 15:38	wednesdayfileequitossMPDW-cons... 97ee32367c563f106c50974bca88a375 Generic Malware Antivirus Hide_URL PowerShell VirusTotal Malware powershell suspicious privilege Check memory Checks debugger Creates shortcut unpack itself Check virtual network interfaces suspicious process WriteConsoleW Tofsee Windows ComputerName Cryptographic key	1 Keyword trend analysis	2	1		7.6	M	4	ZeroCERT

47338	2024-08-19 15:40	TMS_C024.exe b8df4ec39884a6248d88482299a55744 Malicious Library UPX PE File DllRegisterServer dll PE32 MZP Format VirusTotal Malware unpack itself crashed					1.8	M	9	ZeroCERT

47339	2024-08-19 15:44	66c1c5838f95f_file1808.exe#fil... 006edf0ac466164ddc9e0ac56474fe0a Suspicious_Script_Bin Malicious Library Socket DGA Http API ScreenShot PWS DNS Internet API AntiDebug AntiVM PE File PE32 Malware download VirusTotal Malware Microsoft AutoRuns Code Injection Checks debugger buffers extracted unpack itself malicious URLs Tofsee Windows ComputerName DNS	2 Keyword trend analysis	4	6 Info ET INFO Observed External IP Lookup Domain (api .2ip .ua in TLS SNI) SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) ET POLICY External IP Address Lookup DNS Query (2ip .ua) ET USER_AGENTS Suspicious User Agent (Microsoft Internet Explorer) ET MALWARE Win32/Filecoder.STOP Variant Request for Public Key ET MALWARE Win32/Filecoder.STOP Variant Public Key Download	1	9.8	M	26	ZeroCERT

47340	2024-08-19 15:45	POS_C091.exe 4542643b447f61d5b323ccb555eec06c Malicious Library Admin Tool (Sysinternals etc ...) UPX PE File DllRegisterServer dll PE32 MZP Format VirusTotal Malware unpack itself crashed					1.8	M	9	ZeroCERT