Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Score	Zero	VT	Player
48526	2024-09-30 11:40	nicetoseeyouonehrewithentireli... e571a5e64f7f2eead04060b151bd373f MS_RTF_Obfuscation_Objects RTF File doc VirusTotal Malware RWX flags setting exploit crash Exploit DNS crashed		1		4.8	M	39	ZeroCERT

48527	2024-09-30 11:40	Set_up.exe 7f44b7e2fdf3d5b7ace267e04a1013ff Malicious Library Malicious Packer UPX PE File PE32 VirusTotal Malware unpack itself DNS		1		4.2	M	65	ZeroCERT

48528	2024-09-30 11:42	1.exe 5cebc6552eb1d0665391ddbe8a25bfff Malicious Library PE File PE64 VirusTotal Malware RWX flags setting DNS crashed		1		4.0	M	62	ZeroCERT

48529	2024-09-30 11:43	vfasd16.exe 44723eb5e4cd0352241c74aeb4fa93e8 PE File .NET EXE PE32 VirusTotal Malware PDB Check memory Checks debugger unpack itself WriteConsoleW ComputerName				3.0	M	49	ZeroCERT

48530	2024-09-30 11:45	66f6dac63154d_crypted.exe 48b59bd4c9219cc6f4bca6a45642dcbd PE File .NET EXE PE32 VirusTotal Malware PDB Check memory Checks debugger unpack itself WriteConsoleW ComputerName				3.0	M	49	ZeroCERT

48531	2024-09-30 11:45	66f904cda3b3f_fusion.exe 6e1953433d891db10790aafcced19b30 ROMCOM RAT PE File PE64 VirusTotal Cryptocurrency Miner Malware DNS CoinMiner		2	1	1.6	M	38	ZeroCERT

48532	2024-09-30 11:47	66f75fe4d8a33_vdsa12.exe 021d0c04cb4de2638dbd89de7625f9b7 PE File .NET EXE PE32 VirusTotal Malware PDB Check memory Checks debugger unpack itself WriteConsoleW ComputerName DNS		1		3.6	M	48	ZeroCERT

48533	2024-09-30 11:47	0703_uac_doc.exe 18ad834f5a8779d88d5db1ee291ddb26 Generic Malware Malicious Library Malicious Packer UPX PE File PE64 OS Processor Check VirusTotal Malware				1.4	M	50	ZeroCERT

48534	2024-09-30 11:49	AAct.exe ab4bef832c6437ff9cb2be8d43f2bc74 PhysicalDrive Generic Malware Malicious Library Downloader Malicious Packer UPX PE File PE32 OS Processor Check VirusTotal Malware Check memory Checks debugger unpack itself				2.4	M	46	ZeroCERT

48535	2024-09-30 11:50	LWK7Fu5KbeWFBQc.exe 102fc50ca338cfcca58d79b1272faabf Generic Malware .NET framework(MSIL) Antivirus PWS SMTP KeyLogger AntiDebug AntiVM PE File .NET EXE PE32 Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware Telegram suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted Creates shortcut unpack itself Check virtual network interfaces suspicious process WriteConsoleW IP Check Tofsee Windows Browser Email ComputerName DNS Cryptographic key DDNS Software crashed keylogger	2 Keyword trend analysis	6	9 Info ET POLICY External IP Lookup - checkip.dyndns.org ET INFO 404/Snake/Matiex Keylogger Style External IP Check ET INFO External IP Lookup Service Domain (reallyfreegeoip .org) in TLS SNI SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) ET INFO TLS Handshake Failure ET HUNTING Observed Telegram API Domain (api .telegram .org in TLS SNI) ET INFO External IP Lookup Domain in DNS Query (checkip .dyndns .org) ET INFO External IP Address Lookup Domain in DNS Lookup (reallyfreegeoip .org) ET HUNTING Telegram API Domain in DNS Lookup	15.0	M	54	ZeroCERT

48536	2024-09-30 11:51	gqgqg.exe bfa1e7e35d167b382e767572cd29813d Generic Malware ScreenShot AntiDebug AntiVM PE File .NET EXE PE32 DLL .NET DLL VirusTotal Malware Code Injection Check memory Checks debugger buffers extracted Creates executable files unpack itself Windows utilities AppData folder Windows Cryptographic key				8.8	M	53	ZeroCERT

48537	2024-09-30 11:52	66f410932765c_videoshaper.exe 927f42900da344192bdfea8e3325d631 Generic Malware Malicious Library Admin Tool (Sysinternals etc ...) Malicious Packer UPX PE File DllRegisterServer dll PE32 OS Processor Check VirusTotal Malware				1.4	M	48	ZeroCERT

48538	2024-09-30 11:53	66f913ff66eae_eth.exe 2d67f6b5b48c29464f7b184f3ee18c5c Generic Malware Malicious Library Admin Tool (Sysinternals etc ...) .NET framework(MSIL) PE File .NET EXE PE32 VirusTotal Malware Check memory Checks debugger unpack itself				2.0	M	40	ZeroCERT

48539	2024-09-30 11:53	A240084721.exe a683a263949c7443317f3dffacf4cb94 UPX PE File PE32 VirusTotal Malware Check memory unpack itself				2.8	M	53	ZeroCERT

48540	2024-09-30 11:56	hacker%E2%80%AEgnp.exe 2db22520dd9b1e8ac7be1c681dae7d01 Malicious Packer UPX PE File PE32 VirusTotal Malware unpack itself DNS		1		3.6	M	65	ZeroCERT