Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Score	Zero	VT	Player
48661	2024-10-07 10:31	QQBG.exe 0cfc32f744186c3b2b094b5670d2e7cc Generic Malware Malicious Library Malicious Packer UPX PE File PE64 OS Processor Check VirusTotal Malware PDB				1.8	M	45	ZeroCERT

48662	2024-10-07 10:33	g.exe 9c2aeb99843094262e5038fd152a7db1 Generic Malware Malicious Library Malicious Packer ASPack UPX PE File PE32 OS Processor Check VirusTotal Malware AutoRuns Windows Remote Code Execution		13 Info spa.gotohttp.com(152.32.197.201) usw.gotohttp.com(43.130.10.102) hk.gotohttp.com(47.241.41.42) def.gotohttp.com(43.130.10.102) tk.gotohttp.com(103.143.72.251) eu.gotohttp.com(43.131.61.143) use.gotohttp.com(47.252.31.236) 47.252.31.236 47.241.41.42 152.32.197.201 43.130.10.102 103.143.72.251 43.131.61.143		3.2	M	30	ZeroCERT

48663	2024-10-07 10:34	seethedifferentbetweengoodthin... c1f6c58e88f5da3be54e8ba77fd23bf4 MS_RTF_Obfuscation_Objects RTF File doc VirusTotal Malware Malicious Traffic RWX flags setting exploit crash Tofsee Exploit DNS crashed	1 Keyword trend analysis	3	1	4.8	M	41	ZeroCERT

48664	2024-10-07 10:42	thisgoodthingshappenedeverytim... 90fd80481e6ff4475cbf3ade38425eb2 MS_RTF_Obfuscation_Objects RTF File doc VirusTotal Malware Malicious Traffic exploit crash unpack itself Tofsee Exploit DNS crashed	1 Keyword trend analysis	3	1	4.8	M	40	ZeroCERT

48665	2024-10-07 10:54	niceworkwithentireprocessinonl... eea7898502a02cd374a71c7f7b8853a9 MS_RTF_Obfuscation_Objects RTF File doc VirusTotal Malware Malicious Traffic RWX flags setting exploit crash Tofsee Exploit DNS crashed	1 Keyword trend analysis	3	1	4.6	M	37	ZeroCERT

48666	2024-10-07 10:55	taskhostw.exe d515411b9a3c0d9fb13b9c6a928a7fd0 Generic Malware Malicious Library UPX PE File PE32 OS Processor Check Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware suspicious privilege Malicious Traffic Check memory Checks debugger unpack itself Check virtual network interfaces IP Check Tofsee Windows Browser Email ComputerName DNS Cryptographic key DDNS Software crashed keylogger	2 Keyword trend analysis	4	6 Info ET INFO External IP Lookup Domain in DNS Query (checkip .dyndns .org) ET INFO External IP Address Lookup Domain in DNS Lookup (reallyfreegeoip .org) ET INFO External IP Lookup Service Domain (reallyfreegeoip .org) in TLS SNI SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) ET POLICY External IP Lookup - checkip.dyndns.org ET INFO 404/Snake/Matiex Keylogger Style External IP Check	8.4	M	47	ZeroCERT

48667	2024-10-07 10:56	iwanttogooutsideforeatingfooda... a5b3f3c10070bde9dc1806731c089b2b MS_RTF_Obfuscation_Objects RTF File doc VirusTotal Malware Malicious Traffic RWX flags setting exploit crash Tofsee Exploit DNS crashed	1 Keyword trend analysis	3	1	4.6	M	36	ZeroCERT

48668	2024-10-07 10:57	taskhostw.exe 58ff14d476f2bbaab31b12587c09559e Generic Malware Malicious Library UPX PE File PE32 OS Processor Check Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware suspicious privilege Malicious Traffic Check memory Checks debugger unpack itself Check virtual network interfaces IP Check Tofsee Windows Browser Email ComputerName DNS Cryptographic key DDNS Software crashed keylogger	2 Keyword trend analysis	4	6 Info ET INFO External IP Lookup Domain in DNS Query (checkip .dyndns .org) ET INFO External IP Address Lookup Domain in DNS Lookup (reallyfreegeoip .org) ET POLICY External IP Lookup - checkip.dyndns.org ET INFO 404/Snake/Matiex Keylogger Style External IP Check ET INFO External IP Lookup Service Domain (reallyfreegeoip .org) in TLS SNI SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	8.4		53	ZeroCERT

48669	2024-10-07 11:00	Document.bat 6bdc18d89eac8169f6783f768259ea94 Generic Malware Downloader Antivirus Create Service Socket DGA Http API ScreenShot Escalate priviledges Steal credential PWS Sniff Audio HTTP DNS Code injection Internet API FTP KeyLogger P2P AntiDebug AntiVM PowerShell powershell suspicious privilege Code Injection Check memory Checks debugger Creates shortcut RWX flags setting unpack itself powershell.exe wrote suspicious process WriteConsoleW Windows ComputerName DNS Cryptographic key		1		8.2			ZeroCERT

48670	2024-10-07 11:00	3.exe 4574de6b9f970058f5306aa830f3a132 Generic Malware UPX PE File PE32 DLL Malware download VirusTotal Malware Malicious Traffic AppData folder suspicious TLD WriteConsoleW CryptBot ComputerName DNS	1 Keyword trend analysis	2	3	3.2	M	26	ZeroCERT

48671	2024-10-07 11:00	nicemanhaveagoodwordswhichfull... 93033dda218831cdb2db14b3d7ce18f3 MS_RTF_Obfuscation_Objects RTF File doc VirusTotal Malware Malicious Traffic RWX flags setting exploit crash Tofsee Exploit DNS crashed	1 Keyword trend analysis	3	1	4.8	M	40	ZeroCERT

48672	2024-10-07 11:01	seethenewthingswhichgivenmebac... bfaa32a30b6603d952ef9f6a016b81b4 MS_RTF_Obfuscation_Objects RTF File doc VirusTotal Malware Malicious Traffic exploit crash unpack itself Tofsee Exploit DNS crashed	1 Keyword trend analysis	3	1	4.6	M	38	ZeroCERT

48673	2024-10-07 11:02	creambananacakegoodforladieswh... c9ac55d64a51738b57f065449c7e3911 MS_RTF_Obfuscation_Objects RTF File doc VirusTotal Malware RWX flags setting exploit crash Exploit crashed				3.2	M	39	ZeroCERT

48674	2024-10-07 11:06	KillEmAll.scr e28c544f8ad0ac7fe1063f76f6d51b29 Gen1 Generic Malware Malicious Library Antivirus UPX PE File PE32 VirusTotal Malware WMI RWX flags setting Windows utilities suspicious process sandbox evasion Windows ComputerName Remote Code Execution crashed				3.4	M	4	ZeroCERT

48675	2024-10-07 11:09	11.exe 284c99e2aa6644acd914e7d1a245deed Generic Malware Admin Tool (Sysinternals etc ...) PE File PE32 VirusTotal Malware Check memory RWX flags setting suspicious TLD DNS		1	1	1.8	M	23	ZeroCERT