Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Score	Zero	VT	Player
5596	2021-03-04 09:48	voCkkp1ECvJrn07.exe 27d57f11e1950ce1b6b6f5afa8d36e63 VirusTotal Malware Buffer PE Check memory Checks debugger buffers extracted unpack itself Windows DNS Cryptographic key				3.8	M	23	ZeroCERT

5597	2021-03-04 09:52	VRB.exe 2aad83569c16184a519d8490dd4e40fe VirusTotal Malware				1.4	M	34	ZeroCERT

5598	2021-03-04 09:52	wFTySpoECqiMMG8.exe 89cb887819a7dd60c71a3cc010f5650f VirusTotal Malware Buffer PE Check memory Checks debugger buffers extracted unpack itself malicious URLs Windows DNS Cryptographic key				4.6	M	22	ZeroCERT

5599	2021-03-04 10:04	winlog2.exe 635b56dd84336635832c8718f37d9713 VirusTotal Malware unpack itself malicious URLs Remote Code Execution				3.0	M	31	ZeroCERT

5600	2021-03-04 10:04	winlog.exe 351204fc1e1b2dfdfc971dfb2dcbfc74 Browser Info Stealer LokiBot Malware download FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware MachineGuid Malicious Traffic Check memory Creates executable files AppData folder malicious URLs AntiVM_Disk sandbox evasion VM Disk Size Check installed browsers check Browser Email ComputerName DNS Software	1 Keyword trend analysis	2	4	9.8	M	50	ZeroCERT

5601	2021-03-04 10:19	winlog3.exe 059a1308ebdfae6ee52fd646d341aeac VirusTotal Malware suspicious privilege Check memory Creates executable files unpack itself AppData folder malicious URLs sandbox evasion				4.6	M	20	ZeroCERT

5602	2021-03-04 10:45	11.dll d52baaccced394ea481b1e5dde107e25 VirusTotal Malware PDB unpack itself				1.0	M	7	ZeroCERT

5603	2021-03-04 10:47	6jhfa478.exe 77be0dd6570301acac3634801676b5d7 VirusTotal Malware ICMP traffic IP Check DNS	1 Keyword trend analysis	4	1	4.8	M	56	ZeroCERT

5604	2021-03-04 10:52	22.dll 620486432073a19eab114ba312dadb7e VirusTotal Malware PDB unpack itself				1.0	M	5	ZeroCERT

5605	2021-03-04 10:56	139my-6.5.exe 9804ed103792d5c7db767fa5e1876013 VirusTotal Malware PDB suspicious privilege Code Injection Check memory Checks debugger buffers extracted Creates executable files RWX flags setting exploit crash unpack itself Windows utilities Detects VMWare AppData folder malicious URLs WriteConsoleW VMware Tofsee Interception Windows Exploit DNS crashed	11 Keyword trend analysis Info http://www.139my.com/images/bg_91my.jpg http://www.139my.com/favicon.ico http://www.139my.com/images/footer_91my.jpg http://www.139my.com/Index_img/1Index_c1_r5.jpg http://www.139my.com/ http://www.139my.com/images/bg2.jpg http://www.139my.com/images/banner_91my.jpg http://www.139my.com/Index_Top/New_Au.css http://hi.baidu.com/139my139my/blog/item/ed869ea73e60a2ee37d3ca18.html https://c.cnzz.com/core.php?web_id=1277040139&t=z https://s5.cnzz.com/z_stat.php?id=1277040139&web_id=1277040139	15 Info c.cnzz.com(222.188.8.250) www.178stu.com(103.133.95.9) wg.400wg.com() s5.cnzz.com(222.188.8.250) hi.baidu.com(183.232.231.225) - mailcious www.139my.com(103.133.92.211) cnzz.mmstat.com(205.204.101.182) z9.cnzz.com(203.119.129.115) 183.232.231.225 218.94.207.228 103.133.95.9 106.11.251.20 222.188.8.250 103.133.92.211 106.11.84.7	1	12.2	M	37	ZeroCERT

5606	2021-03-04 10:56	cred.dll 46ac8c4f3321213418793a0d3c8494c6 FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware Check memory Checks debugger unpack itself Email DNS Software	1 Keyword trend analysis	1	1	5.0	M	40	ZeroCERT

5607	2021-03-04 11:08	Update.exe 808e1ade2dea30a742f120a5a26d6a32 VirusTotal Malware malicious URLs WriteConsoleW		2		3.2	M	63	r0d

5608	2021-03-04 11:13	lal.exe 66d807a9a5563d55054a0a0cbc6d4b9a VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself malicious URLs Windows ComputerName Cryptographic key crashed				10.4	M	20	ZeroCERT

5609	2021-03-04 11:14	local27.exe cc2afb09bf60bc0501e4af89f08318d8 unpack itself Remote Code Execution DNS				2.2	M		ZeroCERT

5610	2021-03-04 11:16	march loki.exe 5a4946a36347f1caa46109245b2b95c5 VirusTotal Malware suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted unpack itself Check virtual network interfaces malicious URLs Tofsee Windows	1 Keyword trend analysis	2	1	11.0	M	35	ZeroCERT

First
Previous
371
372
373
374
375
376
377
378
379
380
Next
Last
Total : 48,345cnts

Submissions

27d57f11e1950ce1b6b6f5afa8d36e63

2aad83569c16184a519d8490dd4e40fe

89cb887819a7dd60c71a3cc010f5650f

635b56dd84336635832c8718f37d9713

351204fc1e1b2dfdfc971dfb2dcbfc74

059a1308ebdfae6ee52fd646d341aeac

d52baaccced394ea481b1e5dde107e25

77be0dd6570301acac3634801676b5d7

620486432073a19eab114ba312dadb7e

9804ed103792d5c7db767fa5e1876013

46ac8c4f3321213418793a0d3c8494c6

808e1ade2dea30a742f120a5a26d6a32

66d807a9a5563d55054a0a0cbc6d4b9a

cc2afb09bf60bc0501e4af89f08318d8

5a4946a36347f1caa46109245b2b95c5

View

Insert

Alert