Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Hosts	IDS	Score	VT	Player
49216	2024-10-29 17:13	4.exe 58d65f5fca31cd83c18163b56b27f246 Malicious Library .NET framework(MSIL) PE File .NET EXE PE32 VirusTotal Malware Check memory Checks debugger unpack itself Windows Cryptographic key			2.4	37	ZeroCERT

49217	2024-10-29 17:15	1.exe 1db00ee7f85164f081e7cf05d7fa08a9 Generic Malware Malicious Library UPX PE File PE32 OS Processor Check VirusTotal Malware PDB unpack itself Remote Code Execution			1.6	2	ZeroCERT

49218	2024-10-29 17:18	3.exe 2dc8cdf825e23ff1df1ad11b3a6f1973 Generic Malware Malicious Library Admin Tool (Sysinternals etc ...) Malicious Packer UPX PE File DllRegisterServer dll PE32 OS Processor Check VirusTotal Malware			0.8	13	ZeroCERT

49219	2024-10-29 18:17	cryyy.exe 0f103ba48d169f87b6d066ca88bc03c1 Malicious Library UPX PE File PE32 OS Processor Check VirusTotal Malware unpack itself Remote Code Execution			2.6	53	ZeroCERT

49220	2024-10-30 08:03	in_plain_sight ddab0e61485ac6c86835861db972fc08 Generic Malware Malicious Library Malicious Packer UPX PE File PE64 OS Processor Check PDB			0.6		guest

49221	2024-10-30 09:03	Session.exe 3ba35e9d091539ec658813e3d15e4b89 Generic Malware Antivirus PE File .NET EXE PE32 VirusTotal Malware powershell PDB suspicious privilege Check memory Checks debugger Creates shortcut unpack itself powershell.exe wrote Check virtual network interfaces suspicious process WriteConsoleW Windows ComputerName Cryptographic key	1		6.2	8	ZeroCERT

49222	2024-10-30 09:22	qHbynE8Vgwabsy3.doc 657e7d38172b5294be8ff81a94efe745 MS_RTF_Obfuscation_Objects RTF File doc VirusTotal Malware buffers extracted exploit crash unpack itself Exploit DNS crashed	1		4.6	27	ZeroCERT

49223	2024-10-30 09:22	BandiCut.exe 649673218a19e8fd278c99d1355949f4 Generic Malware Suspicious_Script_Bin Malicious Library UPX PE File PE32 OS Processor Check VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger WMI Creates executable files Windows utilities suspicious process AppData folder sandbox evasion WriteConsoleW Windows ComputerName			6.4	20	ZeroCERT

49224	2024-10-30 09:24	pgTQ4mfZBbJhpdd.doc 991c3ef3605df4ffc60c31c48747fec9 MS_RTF_Obfuscation_Objects RTF File doc VirusTotal Malware buffers extracted RWX flags setting exploit crash Exploit crashed			3.0	29	ZeroCERT

49225	2024-10-30 09:24	4q0pGnqqpgTTSL7.doc 1e6c06ed300dd4d6744f43efd6cc36a2 MS_RTF_Obfuscation_Objects RTF File doc VirusTotal Malware exploit crash unpack itself Exploit DNS crashed	1		4.2	27	ZeroCERT

49226	2024-10-30 09:26	pKL9HXcZosWfPt1.doc 17fbc6bf368de449e0afb59ff45af1fd MS_RTF_Obfuscation_Objects RTF File doc VirusTotal Malware exploit crash unpack itself Exploit DNS crashed	1		4.2	27	ZeroCERT

49227	2024-10-30 09:26	man.bat d0b5238a18abc402b506f608968270dc Generic Malware Downloader Antivirus Create Service Socket DGA Http API ScreenShot Escalate priviledges Steal credential PWS Sniff Audio HTTP DNS Code injection Internet API FTP KeyLogger P2P AntiDebug AntiVM PNG Format MSOffice File JPEG Format VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger Creates shortcut RWX flags setting unpack itself Windows utilities suspicious process WriteConsoleW Windows ComputerName Cloudflare DNS Cryptographic key	1	1	5.6	12	ZeroCERT

49228	2024-10-30 09:28	CLLPdgxhnmwGf5Y.doc 84db82889d53879931a4551c5c81619b MS_RTF_Obfuscation_Objects RTF File doc VirusTotal Malware RWX flags setting exploit crash Exploit crashed			2.6	27	ZeroCERT

49229	2024-10-30 09:28	zxalphamn.doc 6d073ba5d41c86cae70a88e15da90ac7 MS_RTF_Obfuscation_Objects RTF File doc VirusTotal Malware buffers extracted exploit crash unpack itself Exploit DNS crashed	1		4.8	30	ZeroCERT

49230	2024-10-30 09:30	withnicethingswhichgivingbestt... 6fe3c24853e9de94688a2311999ba946 MS_RTF_Obfuscation_Objects RTF File doc VirusTotal Malware RWX flags setting exploit crash Exploit crashed			3.2	30	ZeroCERT