Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Score	Zero	VT	Player
48511	2024-09-30 11:25	MAS_AIO.cmd afc260e4b427800bfd63abb49b3681ce Hide_EXE Generic Malware Downloader Antivirus Create Service Socket DGA Http API ScreenShot Escalate priviledges Steal credential PWS Sniff Audio HTTP DNS Code injection Internet API FTP KeyLogger P2P AntiDebug AntiVM VirusTotal Malware powershell suspicious privilege MachineGuid Code Injection Check memory Checks debugger Creates shortcut unpack itself Windows utilities powershell.exe wrote suspicious process WriteConsoleW Windows ComputerName Cryptographic key		1		5.8	M	3	ZeroCERT

48512	2024-09-30 11:27	useraccount.aspx.exe 9b73c82d8f0e6cae3bce7b2fc98b3383 Generic Malware Malicious Library UPX PE File DLL PE32 OS Processor Check VirusTotal Malware Checks debugger unpack itself Tofsee crashed		4	2	2.4	M	48	ZeroCERT

48513	2024-09-30 11:28	dllhost.exe 249f4ca7f1cc801c87cebd0cdf0b398e Generic Malware Malicious Library UPX PE File PE32 OS Processor Check Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware suspicious privilege Malicious Traffic Check memory Checks debugger unpack itself Check virtual network interfaces IP Check Tofsee Windows Browser Email ComputerName DNS Cryptographic key DDNS Software crashed keylogger	2 Keyword trend analysis	4	6 Info ET INFO External IP Lookup Domain in DNS Query (checkip .dyndns .org) ET INFO External IP Address Lookup Domain in DNS Lookup (reallyfreegeoip .org) ET POLICY External IP Lookup - checkip.dyndns.org ET INFO 404/Snake/Matiex Keylogger Style External IP Check ET INFO External IP Lookup Service Domain (reallyfreegeoip .org) in TLS SNI SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	9.0	M	46	ZeroCERT

48514	2024-09-30 11:29	Documents.exe 5ed596968000a68132c532f48762d82f Malicious Packer UPX PE File PE32 VirusTotal Malware unpack itself DNS		1		4.0	M	64	ZeroCERT

48515	2024-09-30 11:29	svhost.exe b58c2506b40b7c00bb2e7a6651bfc9a9 UPX PE File PE64 VirusTotal Malware				0.6	M	9	ZeroCERT

48516	2024-09-30 11:29	xmrig.exe 5fba8ae226b096da3b31de0e17496735 XMRig Miner Generic Malware Malicious Library Malicious Packer UPX PE File PE64 OS Processor Check VirusTotal Malware unpack itself ComputerName				2.0	M	59	ZeroCERT

48517	2024-09-30 11:32	Macro2.exe e0dbf63fbaba9fd87d48a9a0f1147c18 Malicious Packer UPX PE File PE32 VirusTotal Malware unpack itself DNS		1		4.0	M	62	ZeroCERT

48518	2024-09-30 11:34	Journal.exe 85b5bf3202121bcc048ae8b5b04595bd Malicious Library PE File PE64 VirusTotal Malware RWX flags setting DNS crashed		2		4.0	M	58	ZeroCERT

48519	2024-09-30 11:34	Session.exe 370dcc1d0729d93d08255de011febaa4 Malicious Library PE File PE64 VirusTotal Malware RWX flags setting DNS crashed		1		4.0	M	56	ZeroCERT

48520	2024-09-30 11:34	bin.exe aef23e8a6616618755598ea6643c457d Generic Malware Malicious Library UPX PE File PE32 DLL Browser Info Stealer VirusTotal Malware buffers extracted Creates executable files unpack itself AppData folder Browser	21 Keyword trend analysis Info http://www.asiapartnars.online/tkmh/?YL4Xuo8=xPv3ed6Vo6P/OeD9iYc0axaLiCbQz9tO+ter//brXKVYevLLhvaYqC5awYxtTwn3UYU3uWYA8pDaQLyA3tguhPnmONlJZZk7g7tUcQtoghx7Pdn1Dg+KuHxXpvtQneLtoLRoCkY=&juF=JFgRcS6ZmEX http://www.inastra.online/gbk4/ http://www.ks1x7i.vip/dlcs/?YL4Xuo8=w6QiAdP8awPLsa7dPlQNtgvFVHWdhtnaseEO6V4cXiHKOPXUCZsKWJ9BGfaAmTYzhN2K6Z5BOaQngwCX0AepSI0rlStBxd2X44bqJ9X+cKgImybpEIaXAhb5orDW/Ux0f9JI5tE=&juF=JFgRcS6ZmEX http://www.inastra.online/gbk4/?YL4Xuo8=Xcz/lKtmYzaclw30mRutCrMz0iCvMoWn4C+TPx5KwIQWTY7xXXdhjUXlNPIh25/crbVrIq+nqpDO6TzyKKRH1LwSOwIdyX9mToTVu2V82ZZJItXHAeKXLpKG0S9SlUSIj/WTYQM=&juF=JFgRcS6ZmEX http://www.sqlite.org/2016/sqlite-dll-win32-x86-3100000.zip http://www.asiapartnars.online/tkmh/ http://www.ortenckt.online/aj1a/?YL4Xuo8=Ur0ZWyFT8OiEfJLn3yPLdSBdWX8a8l8OC6gmTkbLwRlGrqwEpeuLxkPxSjH/HqLy3xgFwJuVqXT+/HpjTyaqXcBPjlyI/3D9P6Efe5WF0giYwWm9vrm6ZqnLm72faS9ZVKNPUgI=&juF=JFgRcS6ZmEX http://www.deikamalaharris.info/lrgf/?YL4Xuo8=hLl6Iyyv1/RGmZWkf5wh2yQvtjTpeji4gm2wi1fTCYCBRK5IakRwAMv3vntWZSb514WYAvfIVrM3RAyCjUSkRZGkPQg369vB4a8W0zuuOFNbaqB8dz2rlOz6hc3LPF0c7/Wc2h4=&juF=JFgRcS6ZmEX http://www.deikamalaharris.info/lrgf/ http://www.ks1x7i.vip/dlcs/ http://www.yu12345.xyz/mnl8/?YL4Xuo8=RGOQJd/YEggQptEhSR7QqNo9UXjxoHpnx+ZpwzxB5TUNCs3vZOAWVTa00MSp05vDjRsJpPlMBwR2f8tV0y9dQ8/CXq/FAb0GI/CYzLlsH+CYRwfr/US/g2IdAuaggqbc54PbH5Q=&juF=JFgRcS6ZmEX http://www.healthyloveforall.net/566f/ http://www.tophcom.online/vfa8/?YL4Xuo8=yTDEjSVS0lCRYcLLSbErnDAkT0JZNa8zZB0jcnDiZYtjnJOoqq5Z40Gn1U7J3oatl6C8awuakmbsKCgMViK0oesm5qwmAD1qOIwHCZzBZd3TJmynBSVD9f0/1JF0ONRaQoLyR2E=&juF=JFgRcS6ZmEX http://www.tophcom.online/vfa8/ http://www.ortenckt.online/aj1a/ http://www.chalet-tofane.net/obbp/ http://www.aaavvejibej.bond/j82t/ http://www.aaavvejibej.bond/j82t/?YL4Xuo8=NfWXDnAQh5K3pnOsCF0vDii8tXVcfmo/Yfv/BKk9TV5fOF3SI/PjI16lUcBoGutUdhauXHkkA4AYZcOT8aQA2N1B1+ukfsmATKdKfQuCh0ukTvZla/6w1Gm/BhFsxzKoGcO0xyo=&juF=JFgRcS6ZmEX http://www.chalet-tofane.net/obbp/?YL4Xuo8=q8u4kFvwJtfA9Pl1ds3tjQ7ow4KT7LOOGaMFAF6owipiqs4LNofKW4Y9CH1Win64WDwfsJ4uRP0wkw8hq3GbZS6kjA9nI0yHzN0mlQXpHN0/trnvSXB4Lf7XHG3+J/AtNs7QOpo=&juF=JFgRcS6ZmEX http://www.yu12345.xyz/mnl8/ http://www.healthyloveforall.net/566f/?YL4Xuo8=81geMJs5jQmVeK4i+zN1aXdgkXoAl5xwgeOmc9jTU6Fy38DzzGnJ7+rIeILM3vuuxnxtHSDzEYKSpKxEJp8TaMn+YY9ZjvrM5UkR73FkAqX/axSnrZS74daOnbcz5lsS/OUHPys=&juF=JFgRcS6ZmEX	20 Info www.inastra.online(208.91.197.27) www.asiapartnars.online(15.197.148.33) www.yu12345.xyz(154.82.100.162) www.healthyloveforall.net(15.197.148.33) www.tophcom.online(162.213.249.216) www.chalet-tofane.net(62.149.128.40) www.ks1x7i.vip(3.33.130.190) www.qmmkl.buzz(199.115.230.222) www.ortenckt.online(3.33.130.190) www.aaavvejibej.bond(104.21.31.249) www.deikamalaharris.info(3.33.130.190) 15.197.148.33 - mailcious 199.115.230.222 62.149.128.40 - mailcious 208.91.197.27 - mailcious 3.33.130.190 - phishing 154.82.100.162 104.21.31.249 45.33.6.223 162.213.249.216		5.4	M	55	ZeroCERT

48521	2024-09-30 11:36	AQ2.exe f5982c5d15d53a2fb2aaf0f473742082 UPX PE File PE32 VirusTotal Malware				2.2	M	45	ZeroCERT

48522	2024-09-30 11:36	66f6fb069f739_sgsfdgsda.exe 7bd092de7377de68b4f563563b616b10 PE File .NET EXE PE32 VirusTotal Malware PDB Check memory Checks debugger unpack itself WriteConsoleW ComputerName				3.0	M	51	ZeroCERT

48523	2024-09-30 11:37	66f6995655161_GoogleUpdater.ex... f19c11a58219d9abea718193816c24f4 Malicious Library PE File .NET EXE PE32 Lnk Format GIF Format VirusTotal Malware AutoRuns suspicious privilege Check memory Checks debugger Creates shortcut Creates executable files unpack itself AppData folder human activity check Windows ComputerName DNS crashed		1		7.6	M	49	ZeroCERT

48524	2024-09-30 11:38	Macro.vbs 78bd7c85fd4223850c6ed4c4e98ffa62 Hide_EXE PE File PE32 VirusTotal Malware Creates executable files AppData folder DNS		1		7.2	M	29	ZeroCERT

48525	2024-09-30 11:38	svchost.exe 56fd972f1d650272de4508513de8a27d PE File PE32 VirusTotal Malware AutoRuns suspicious privilege unpack itself suspicious process Windows DNS		2		6.8	M	60	ZeroCERT