Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Score	Zero	VT	Player
5551	2021-03-02 18:29	Specification_IMG_016.jpg.exe 596f12d6ca8c939db739cc7146662f6a Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware powershell Buffer PE suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted Creates shortcut unpack itself powershell.exe wrote Check virtual network interfaces suspicious process malicious URLs VMware IP Check Tofsee Windows Browser Email ComputerName DNS Cryptographic key DDNS Software crashed	2 Keyword trend analysis	4	4	18.2	M	25	ZeroCERT

5552	2021-03-02 18:33	svchost.exe 86930983e6a587767da96c37af2fb32a VirusTotal Malware Buffer PE suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself Checks Bios Detects VirtualBox suspicious process malicious URLs VMware anti-virtualization Windows ComputerName Cryptographic key Software				12.2	M	10	ZeroCERT

5553	2021-03-02 18:34	vbc.exe e574e71459a245b820d5d649b404220d VirusTotal Malware Buffer PE suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself malicious URLs Windows ComputerName DNS Cryptographic key crashed				11.6	M	21	ZeroCERT

5554	2021-03-02 18:37	vbc2.exe 6ce4e645c5084253c4deed0532fcba95 VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself Windows utilities suspicious process malicious URLs WriteConsoleW Windows ComputerName Cryptographic key crashed				11.4	M	25	ZeroCERT

5555	2021-03-02 18:39	wcbn.exe 4fdd28c043e2a78adad2842308b9a417 Browser Info Stealer VirusTotal Email Client Info Stealer Malware suspicious privilege Check memory Checks debugger Creates executable files unpack itself AppData folder malicious URLs sandbox evasion Windows Browser Email ComputerName DNS Cryptographic key crashed				8.2	M	22	ZeroCERT

5556	2021-03-02 18:41	winlog.exe 2b5028e84ae49a866edd6a243d059c4f FormBook Malware download VirusTotal Malware suspicious privilege Malicious Traffic Check memory Creates executable files unpack itself AppData folder malicious URLs sandbox evasion	8 Keyword trend analysis Info http://www.bkhlep.xyz/nsag/?qFQl7Pf0=9quu7qxzrtoB+kYIkoOu+N5EFAckOqu46RZA8fowIlCZtpsSFEgon8p3qHkXd1e9TouKQXQv&8pp=fjoP_Bs84PKXWf http://www.wholesalerbargains.com/nsag/?qFQl7Pf0=S2rwVw3ug8FIqDLKTn0CJ3djiO7xqRLsdPBbZenfoCUyXum3zUyBfPE9EeXEoChJfVI9m+5k&8pp=fjoP_Bs84PKXWf http://www.creationsbyjamie.com/nsag/ http://www.wholesalerbargains.com/nsag/ http://www.bkhlep.xyz/nsag/ http://www.creationsbyjamie.com/nsag/?qFQl7Pf0=ikjZmpp2rKIdfQGHLwg8/vzbnsAf6IhlNdWefevTJsajsTw6xmjgOZnutL3cpS9z2eZcVCpP&8pp=fjoP_Bs84PKXWf http://www.fashionwatchesstore.com/nsag/ http://www.fashionwatchesstore.com/nsag/?qFQl7Pf0=S6to9wkgMEljRKJDmHgt/L/SBo+9VyFJxmA+r1dPkJtX1rvSVI6t0RqwZISqjtvPGhKjI7Gj&8pp=fjoP_Bs84PKXWf	15 Info www.caresring.com(18.189.205.91) - mailcious www.patientsbooking.info(34.102.136.180) - mailcious www.nooshone.com() - mailcious www.fashionwatchesstore.com(104.21.61.250) www.856380692.xyz(103.88.34.80) www.creationsbyjamie.com(198.49.23.144) www.bkhlep.xyz(150.95.255.38) www.clericallyco.com() www.wholesalerbargains.com(34.102.136.180) 3.131.252.17 198.49.23.145 - mailcious 104.21.61.250 150.95.255.38 - mailcious 103.88.34.80 - suspicious 34.102.136.180 - mailcious	3	6.8	M	20	ZeroCERT

5557	2021-03-02 18:43	1.exe 0a30ebf1ff29044ea00b12ab226275c5 Emotet FTP Client Info Stealer VirusTotal Malware AutoRuns suspicious privilege MachineGuid Code Injection Check memory Checks debugger buffers extracted WMI Creates shortcut RWX flags setting unpack itself malicious URLs Ransomware Windows Tor ComputerName DNS DDNS Software keylogger		2		13.8	M	62	ZeroCERT

5558	2021-03-03 09:04	Access BSPlink Security.doc 2419f500c59b4ec968d70e55da81ba4f Vulnerability VirusTotal Malware unpack itself malicious URLs				3.4	M	24	ZeroCERT

5559	2021-03-03 09:05	AdobeSD.exe 24cae17860a840c0317018ef3d607e94 VirusTotal Malware AutoRuns suspicious privilege MachineGuid Malicious Traffic Check memory Checks debugger WMI Creates shortcut Creates executable files unpack itself Windows utilities malicious URLs AntiVM_Disk suspicious TLD sandbox evasion WriteConsoleW VM Disk Size Check installed browsers check Windows Browser ComputerName Trojan Banking DNS		6		13.6	M	54	ZeroCERT

5560	2021-03-03 09:10	BANK TRANSFER CONFIRMATION REC... 201a45a33e877324be58f5541fef9011 Vulnerability VirusTotal Malware unpack itself malicious URLs	1 Keyword trend analysis			3.0	M	9	ZeroCERT

5561	2021-03-03 09:11	bEHup.txt.exe d41b6a86158fe465841ff42251bf13ca VirusTotal Malware RWX flags setting unpack itself Windows DNS crashed				3.2	M	31	ZeroCERT

5562	2021-03-03 09:39	mon94_cr.dll e2936c63d59cee0853f9d50fc857813c Dridex TrickBot VirusTotal Malware suspicious privilege Checks debugger buffers extracted unpack itself Check virtual network interfaces malicious URLs Kovter ComputerName DNS crashed		3	2	5.0	M	30	ZeroCERT

5563	2021-03-03 09:40	mon94.dll 7e09c3d9ee6e83e7b6de694c4f72e129 Dridex TrickBot VirusTotal Malware suspicious privilege Checks debugger buffers extracted RWX flags setting unpack itself Check virtual network interfaces malicious URLs Kovter ComputerName Remote Code Execution DNS crashed		3	2	5.6	M	5	ZeroCERT

5564	2021-03-03 09:54	mon95_cr.dll 4b7ed1742ec9188ecbc5674fc18bfa4f VirusTotal Malware Checks debugger unpack itself				2.0	M	15	ZeroCERT

5565	2021-03-03 09:56	mon95.dll c0380891e177e4aec28f295dc3942611 Dridex TrickBot VirusTotal Malware suspicious privilege Checks debugger buffers extracted RWX flags setting unpack itself Check virtual network interfaces malicious URLs Kovter ComputerName Remote Code Execution DNS crashed		5	2	7.2	M	14	ZeroCERT

First
Previous
371
372
373
374
375
376
377
378
379
380
Next
Last
Total : 48,345cnts

Submissions

596f12d6ca8c939db739cc7146662f6a

86930983e6a587767da96c37af2fb32a

e574e71459a245b820d5d649b404220d

6ce4e645c5084253c4deed0532fcba95

4fdd28c043e2a78adad2842308b9a417

2b5028e84ae49a866edd6a243d059c4f

0a30ebf1ff29044ea00b12ab226275c5

2419f500c59b4ec968d70e55da81ba4f

24cae17860a840c0317018ef3d607e94

201a45a33e877324be58f5541fef9011

d41b6a86158fe465841ff42251bf13ca

e2936c63d59cee0853f9d50fc857813c

7e09c3d9ee6e83e7b6de694c4f72e129

4b7ed1742ec9188ecbc5674fc18bfa4f

c0380891e177e4aec28f295dc3942611

View

Insert

Alert