Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Rule	Score	Zero	VT	Player
5566	2021-03-03 09:58	new.bat 588fec39cf540c4cb8290588ea68510c Malware powershell AutoRuns suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger WMI Creates shortcut unpack itself Windows utilities Disables Windows Security powershell.exe wrote Check virtual network interfaces suspicious process malicious URLs WriteConsoleW Windows ComputerName DNS Cryptographic key	2 Keyword trend analysis	2	2		10.0	M		ZeroCERT

5567	2021-03-03 10:00	NewBSPlink Document.doc e582f3f495cbd17ca0c4a63e3ee8d7db Vulnerability VirusTotal Malware unpack itself malicious URLs	1 Keyword trend analysis				3.8	M	14	ZeroCERT

5568	2021-03-03 10:13	QS.exe 8843f7bcc17f04613cb0b97181b60b8d Check memory Creates executable files unpack itself AppData folder malicious URLs					3.0			ZeroCERT

5569	2021-03-03 10:15	R.exe f454674192c23053843a3b493b3d0e7f VirusTotal Malware AutoRuns suspicious privilege MachineGuid Malicious Traffic Check memory Checks debugger WMI Creates shortcut Creates executable files unpack itself Windows utilities malicious URLs AntiVM_Disk sandbox evasion WriteConsoleW VM Disk Size Check installed browsers check Windows Browser ComputerName Trojan Banking DNS	2 Keyword trend analysis	4		2	11.0	M	54	ZeroCERT

5570	2021-03-03 10:23	setup_2-2-1.exe 2aaad863fd1f461ad37fab75511ad094 VirusTotal Malware Malicious Traffic Check memory Checks debugger unpack itself malicious URLs Tofsee Windows DNS	3 Keyword trend analysis Info http://edgedl.gvt1.com/edgedl/release2/update2/ALmnr7lDhOvozdF08iOk7Ks_1.3.36.72/GoogleUpdateSetup.exe https://update.googleapis.com/service/update2 https://update.googleapis.com/service/update2?cup2key=10:2604977300&cup2hreq=4b7bcbf74d43b02f5b5b89134dc2da69dc1e258c0d62b4c126ec12983e3e5f27	2	4		4.4	M	14	ZeroCERT

5571	2021-03-03 10:23	setup_2-2.exe 0d93d4c4e466675bca3fb9705654e9c7 VirusTotal Malware suspicious privilege Check memory Checks debugger Creates shortcut Creates executable files unpack itself malicious URLs AntiVM_Disk suspicious TLD VM Disk Size Check installed browsers check Tofsee Ransomware Browser ComputerName DNS	1 Keyword trend analysis	4	3		7.8	M	23	ZeroCERT

5572	2021-03-03 10:33	six.exe 535d5361da7c8a874b28cbd77cc5dac4 VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself malicious URLs Ransomware Windows Tor ComputerName Cryptographic key crashed					11.0	M	46	ZeroCERT

5573	2021-03-03 10:34	6jhfa478.exe 77be0dd6570301acac3634801676b5d7 VirusTotal Malware ICMP traffic malicious URLs IP Check DNS	1 Keyword trend analysis	4	1		6.2	M	56	ZeroCERT

5574	2021-03-03 11:05	c09c6ebebf311bbe3ac421d286f419... b2eeba64441b3b35e9df5c31ed9bb7ca Malware download GandCrab VirusTotal Malware AutoRuns Check memory unpack itself Windows utilities Check virtual network interfaces malicious URLs AntiVM_Disk sandbox evasion anti-virtualization VM Disk Size Check Ransomware Windows ComputerName DNS Cryptographic key		7	4		6.2	M	60	guest

5575	2021-03-03 11:41	2200.dll 649b5c913739cea195c7662ff412b8ce VirusTotal Malware PDB unpack itself					1.6	M	15	ZeroCERT

5576	2021-03-03 11:43	8.buddy.exe 25396a0ab1c93e8505b3f7e56ba2f0e1 Dridex TrickBot VirusTotal Malware Report suspicious privilege Malicious Traffic Checks debugger buffers extracted RWX flags setting unpack itself Check virtual network interfaces malicious URLs Kovter ComputerName DNS crashed	1 Keyword trend analysis	8	7 Info ET JA3 Hash - Possible Malware - Various Trickbot/Kovter/Dridex ET POLICY OpenSSL Demo CA - Internet Widgits Pty (O) ET CNC Feodo Tracker Reported CnC Server group 7 ET CNC Feodo Tracker Reported CnC Server group 3 ET CNC Feodo Tracker Reported CnC Server group 2 ET CNC Feodo Tracker Reported CnC Server group 17 ET CNC Feodo Tracker Reported CnC Server group 1		8.0	M	15	ZeroCERT

5577	2021-03-03 12:18	654323456787654.exe 81cc05d2d17bca90456864988fe08d46 VirusTotal Malware suspicious privilege Check memory buffers extracted Creates executable files unpack itself AppData folder malicious URLs IP Check Windows keylogger	1 Keyword trend analysis	4	1		8.0	M	36	ZeroCERT

5578	2021-03-03 12:23	best4.exe ca0dcea34a0dec6c6ff25abab4a460fd Browser Info Stealer VirusTotal Email Client Info Stealer Malware AutoRuns suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself malicious URLs Ransomware Windows Browser Tor Email ComputerName Cryptographic key crashed					13.6	M	44	ZeroCERT

5579	2021-03-03 12:28	dated.exe d6bd50d16f46bae3c01d6d0ae51cb9e1 VirusTotal Malware unpack itself malicious URLs crashed					4.0	M	56	ZeroCERT

5580	2021-03-03 13:19	eni4.exe 7879ad6172d23092b29031d2bccaba26 Browser Info Stealer VirusTotal Email Client Info Stealer Malware suspicious privilege Check memory Checks debugger unpack itself Windows Browser Email ComputerName Cryptographic key crashed					5.4	M	29	ZeroCERT

First
Previous
371
372
373
374
375
376
377
378
379
380
Next
Last
Total : 49,394cnts

Submissions

588fec39cf540c4cb8290588ea68510c

e582f3f495cbd17ca0c4a63e3ee8d7db

8843f7bcc17f04613cb0b97181b60b8d

f454674192c23053843a3b493b3d0e7f

2aaad863fd1f461ad37fab75511ad094

0d93d4c4e466675bca3fb9705654e9c7

535d5361da7c8a874b28cbd77cc5dac4

77be0dd6570301acac3634801676b5d7

b2eeba64441b3b35e9df5c31ed9bb7ca

649b5c913739cea195c7662ff412b8ce

25396a0ab1c93e8505b3f7e56ba2f0e1

81cc05d2d17bca90456864988fe08d46

ca0dcea34a0dec6c6ff25abab4a460fd

d6bd50d16f46bae3c01d6d0ae51cb9e1

7879ad6172d23092b29031d2bccaba26

View

Insert

Alert