Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Score	Zero	VT	Player
47656	2024-08-28 12:26	nnn.exe 0034cc280cf75d46ec0d9a7911228109 Antivirus UPX PE File .NET EXE PE32 OS Processor Check Lnk Format GIF Format VirusTotal Malware Telegram AutoRuns suspicious privilege MachineGuid Check memory Checks debugger Creates shortcut Creates executable files unpack itself Check virtual network interfaces AppData folder AntiVM_Disk VM Disk Size Check Tofsee Windows ComputerName DNS keylogger		2	4	6.6		59	ZeroCERT

47657	2024-08-28 12:28	MsMpEng.exe bd36e9fc7144e50088bdcb08f842d4ae Suspicious_Script_Bin Malicious Library UPX PE File PE32 DLL VirusTotal Malware Check memory Creates executable files unpack itself AppData folder				2.8	M	40	ZeroCERT

47658	2024-08-28 12:28	wecreatebuttermilkchocolateicr... 61b061a48eb132e15884e4b53cf0401f MS_RTF_Obfuscation_Objects RTF File doc VirusTotal Malware Malicious Traffic exploit crash unpack itself Tofsee Exploit DNS crashed	1 Keyword trend analysis	3	1	4.6	M	33	ZeroCERT

47659	2024-08-28 12:30	thrylPXnvfySmGN.doc c0d48716ea8eef0d46d77cc231fa5371 MS_RTF_Obfuscation_Objects RTF File doc Malware download VirusTotal Malware Malicious Traffic exploit crash unpack itself Windows Exploit DNS crashed	1 Keyword trend analysis	1	5 Info ET INFO Executable Download from dotted-quad Host ET MALWARE Likely Evil EXE download from dotted Quad by MSXMLHTTP M1 ET POLICY PE EXE or DLL Windows file download HTTP ET MALWARE Likely Evil EXE download from dotted Quad by MSXMLHTTP M2 ET HUNTING SUSPICIOUS Dotted Quad Host MZ Response	4.6	M	32	ZeroCERT

47660	2024-08-28 12:30	SPOOOFER.exe a07e70b0b57df15c5a04d93da1de3f2b Generic Malware Admin Tool (Sysinternals etc ...) .NET framework(MSIL) PE File .NET EXE PE32 VirusTotal Malware Buffer PE suspicious privilege Check memory Checks debugger buffers extracted unpack itself Check virtual network interfaces Tofsee Windows ComputerName DNS Cryptographic key crashed	1 Keyword trend analysis	3	3	6.0		55	ZeroCERT

47661	2024-08-28 12:32	230.exe 49ef310675c37495a3fb6d406b3ed3cf Antivirus ScreenShot AntiDebug AntiVM PE File .NET EXE PE32 VirusTotal Malware PDB Code Injection Check memory Checks debugger buffers extracted unpack itself				7.2	M	34	ZeroCERT

47662	2024-08-28 12:33	thrylPXnvfySmGN.exe 04d4d4d83e1601d220f83f09ae16cd79 Client SW User Data Stealer Backdoor RemcosRAT browser info stealer Generic Malware Google Chrome User Data Downloader Malicious Library Antivirus ScreenShot Create Service Socket Escalate priviledges PWS Sniff Audio DNS Internet API KeyLogger AntiDebug A Browser Info Stealer Remcos VirusTotal Email Client Info Stealer Malware PDB suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted Creates shortcut unpack itself suspicious process AntiVM_Disk sandbox evasion WriteConsoleW VM Disk Size Check Windows Browser Email ComputerName DNS Cryptographic key DDNS keylogger	1 Keyword trend analysis	4	2	15.4	M	34	ZeroCERT

47663	2024-08-28 12:34	66cdfdb23b62d_File.exe#xin df168ea774b699222234ac533adce5b9 Emotet Malicious Library UPX PE File .NET EXE PE32 VirusTotal Malware PDB Check memory Checks debugger unpack itself ComputerName Remote Code Execution DNS		1		3.8		27	ZeroCERT

47664	2024-08-28 12:35	66cdff2bded74_Update.exe#updat... 9157a0df4966b25e45271e8010de96f7 Generic Malware Malicious Library Malicious Packer UPX PE File DllRegisterServer dll PE32 OS Processor Check VirusTotal Malware				1.2		11	ZeroCERT

47665	2024-08-28 12:36	66cca0b083a5e_Yietgld.exe#upus 2268fa0c1b8ab3e3a8306b7f7949ccff njRAT backdoor Generic Malware Malicious Library .NET framework(MSIL) UPX PE File .NET EXE PE32 OS Processor Check VirusTotal Malware Check memory Checks debugger unpack itself ComputerName DNS		1		2.6		19	ZeroCERT

47666	2024-08-28 12:37	niceshirtwhichwearedbymesherea... 97184c45a919e70afa3378753cae6e2f MS_RTF_Obfuscation_Objects RTF File doc VirusTotal Malware Malicious Traffic exploit crash unpack itself Tofsee Exploit DNS crashed	1 Keyword trend analysis	3	1	4.6	M	33	ZeroCERT

47667	2024-08-28 12:39	honey.exe b824978c8183a65d081012677a1d46d1 Malicious Library Malicious Packer Antivirus .NET framework(MSIL) UPX PE File .NET EXE PE32 OS Processor Check VirusTotal Malware Check memory Checks debugger unpack itself				2.0	M	62	ZeroCERT

47668	2024-08-28 12:41	PENDXGKW.exe 61d31fb13c1dd46fcb03caf7f648508c Generic Malware Malicious Library UPX Admin Tool (Sysinternals etc ...) Malicious Packer PE File PE32 DLL MZP Format DllRegisterServer dll OS Processor Check VirusTotal Malware Malicious Traffic Check memory Checks debugger Creates executable files unpack itself AppData folder AntiVM_Disk VM Disk Size Check Tofsee DNS	1 Keyword trend analysis	3	1	4.4	M	8	ZeroCERT

47669	2024-08-28 12:43	wecreatednewthingstogetmebackt... c5b33393804cbc8be7ea90ddd2a9f024 MS_RTF_Obfuscation_Objects RTF File doc VirusTotal Malware Malicious Traffic exploit crash unpack itself Tofsee Exploit DNS crashed	1 Keyword trend analysis	4	1	4.6	M	34	ZeroCERT

47670	2024-08-29 09:12	113133.exe 7fdc6d283bcbd3b6957117bcf029121b RedLine stealer Malicious Library .NET framework(MSIL) PE File .NET EXE PE32 Malware download VirusTotal Malware Stealer DNS		1	1	2.2		53	ZeroCERT