popup

Submissions

No Date Request Urls Hosts IDS Rule Score Zero VT Player Etc
5611 2021-03-04 11:17 lv.exe  

7fb4bc02c317b69c178833f4af693b75


VirusTotal Malware Code Injection Check memory Checks debugger Creates executable files unpack itself Windows utilities suspicious process AppData folder malicious URLs AntiVM_Disk WriteConsoleW IP Check VM Disk Size Check Windows ComputerName Firmware DNS crashed 		1 4 1 10.6 M 32 ZeroCERT

5612 2021-03-04 11:28 march nano.exe  

d65086abfcdcfdc72716384337768c2e


VirusTotal Malware Buffer PE AutoRuns suspicious privilege MachineGuid Check memory Checks debugger buffers extracted unpack itself human activity check Windows ComputerName DNS DDNS 		2 1 9.0 M 56 ZeroCERT

5613 2021-03-04 11:29 march OG.exe  

b75b990ac5990f1b6b0127540de4ec30


VirusTotal Malware Check memory RWX flags setting unpack itself DNS 		2.4 M 24 ZeroCERT

5614 2021-03-04 11:30 mon102.dll  

75378e60ba4f150d6adb5468edef655b


VirusTotal Malware Checks debugger buffers extracted RWX flags setting unpack itself malicious URLs Remote Code Execution 		4.4 M 12 ZeroCERT

5615 2021-03-04 11:32 march.exe  

82986909978d11fa5896a8f530278510


Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware suspicious privilege MachineGuid Check memory malicious URLs AntiVM_Disk VM Disk Size Check installed browsers check Browser Email ComputerName DNS Software 		1 9.2 M 67 ZeroCERT

5616 2021-03-04 12:20 mon103.dll  

0b7e2ae69ce9b9577ee7ca17926fd654


VirusTotal Malware Checks debugger buffers extracted RWX flags setting unpack itself Remote Code Execution 		4.0 M 13 ZeroCERT

5617 2021-03-04 12:23 scr.dll  

ff01369d27e69d473384573d0cbf2328


VirusTotal Malware Malicious Traffic Checks debugger buffers extracted unpack itself DNS 		1 1 1 4.4 M 39 ZeroCERT

5618 2021-03-04 12:25 remote.dotm  

e2b322ed2a62e9bd4c1bfcdb2b37b9b7


VirusTotal Malware Code Injection unpack itself malicious URLs 		2 2 5.8 M 30 ZeroCERT

5619 2021-03-04 13:32 svchost.exe  

472c92a28c05f2d13031a7ab406fe562


VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself suspicious process malicious URLs Windows ComputerName Cryptographic key 		10.6 M 22 ZeroCERT

5620 2021-03-04 15:31 cs_obfuscated_vba.xlsm  

e4b23adf2b3e3edfe8a979ee5d49be20


VirusTotal Malware Code Injection unpack itself malicious URLs 		2 2 2 5.8 M 35 ZeroCERT

5621 2021-03-04 15:32 msbuild_vba.xlsm  

d68eb2a0c4ef9306e93e7f993544bbfe


VirusTotal Malware Check memory Checks debugger buffers extracted Creates executable files RWX flags setting unpack itself Windows utilities AppData folder malicious URLs WriteConsoleW Windows ComputerName DNS Cryptographic key 		2 2 2 11.6 M 28 ZeroCERT

5622 2021-03-04 15:45 regasm.exe  

9eb475cef6f36f96f8e2457885f39dea


VirusTotal Malware unpack itself malicious URLs Remote Code Execution DNS 		3.4 M 20 ZeroCERT

5623 2021-03-04 15:46 remote.docx  

888dd860394853462c38d92f76af0b05


VirusTotal Malware Code Injection unpack itself malicious URLs 		2 4 2 5.2 M 3 ZeroCERT

5624 2021-03-05 02:09 dontTouch.exe  

818a64d619f6bbdbc4d68ff7411b6418


VirusTotal Malware Check memory malicious URLs DNS 		1 2.8 55 guest

5625 2021-03-05 09:11 E210115-Order.ace  

aa826867067439b67dea5a232f442a64


VirusTotal Email Client Info Stealer Malware suspicious privilege Checks debugger Creates shortcut unpack itself malicious URLs AntiVM_Disk VM Disk Size Check installed browsers check Browser Email ComputerName 		4.6 3 ZeroCERT

keyword