Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Score	Zero	VT	Player
6136	2024-08-30 18:18	IGCupdation.vbs 4a3d5b6a6676ea329386a7945756114b Generic Malware Antivirus AntiDebug AntiVM VirusTotal Malware powershell suspicious privilege Code Injection Check memory Checks debugger Creates shortcut unpack itself Windows utilities Check virtual network interfaces suspicious process WriteConsoleW Tofsee Windows ComputerName Cryptographic key		4	3	9.4	M	24	ZeroCERT

6137	2024-08-30 18:16	StartPrime2.exe 8eb33cfbc3fccab789e6f96cd7b4553b Generic Malware Malicious Library Downloader Malicious Packer UPX PE File ftp PE64 OS Processor Check VirusTotal Malware				1.6	M	48	ZeroCERT

6138	2024-08-30 18:15	1188%E7%83%88%E7%84%B0.exe 88783a57777926114b5c5c95af4c943c PE File PE32 PNG Format JPEG Format VirusTotal Malware Check memory RWX flags setting unpack itself Interception RCE crashed		3		5.0		17	ZeroCERT

6139	2024-08-30 18:14	wnbsqv3008.exe bc8cacd01aa943fbfbf9880d970c56ab Emotet Gen1 Malicious Library UPX PE File PE32 MZP Format OS Processor Check PE64 VirusTotal Malware Checks debugger unpack itself AppData folder				2.4	M	27	ZeroCERT

6140	2024-08-30 18:13	vvware_v3.exe f277e1eea63502240b9c2183248fdfca Gen1 Generic Malware Malicious Library Malicious Packer UPX PE File ftp PE64 OS Processor Check VirusTotal Malware PDB				1.6		20	ZeroCERT

6141	2024-08-30 18:13	QQHelper_1540.exe 5a39d66e2b925f7b7f9f39de2f9c5fa0 ASPack UPX PE File PE32 MZP Format URL Format DLL VirusTotal Malware Malicious Traffic ICMP traffic Windows RCE	12 Keyword trend analysis Info http://images.qqfarmer.com.cn/504486-20170712112840415-1890262410.gif http://down.qqfarmer.com.cn/ssleay32_0626_e503921a6061251302cb45772cb75f42.xml?r=0.329597188392654 http://ad.qqfarmer.com.cn/login.php?id=n&r=0.480842764023691 http://ad.qqfarmer.com.cn/login.php?id=p&r=0.368447953602299 http://ad.qqfarmer.com.cn/login.php?id=l&r=0.560313974739984 http://images.qqfarmer.com.cn/504486-20162218235650745-1529273276.gif http://ad.qqfarmer.com.cn/xml/encrypt.js?r=0.952554038958624 http://ad.qqfarmer.com.cn/login.php?id=v&r=0.494936139322817 http://images.qqfarmer.com.cn/504486-20161218235650745-1529273276.gif http://ad.qqfarmer.com.cn/login.php?id=x&r=0.44646016205661 http://down.qqfarmer.com.cn/libeay32_0626_5f86d65a1686e6bb031048d04bb3fe04.xml?r=0.313291363418102 http://images.qqfarmer.com.cn/hongbao_nav.gif	8	1	4.0		13	ZeroCERT

6142	2024-08-30 18:11	1.exe e995bb419884d365528a38a57c9630be Malicious Library Antivirus UPX PE File .NET EXE PE32 OS Processor Check VirusTotal Malware suspicious privilege MachineGuid Check memory Checks debugger unpack itself AntiVM_Disk VM Disk Size Check Windows ComputerName Cryptographic key				4.0	M	62	ZeroCERT

6143	2024-08-30 18:09	11wY502.exe 68d82beae213cad62a60a6df1363b12f Malicious Library Downloader VMProtect PE File PE64 VirusTotal Malware				2.2	M	53	ZeroCERT

6144	2024-08-30 18:09	66d0502b12496_MKna.exe#main f8afafba3e86d50ad9edce1d0ea179ab Malicious Library UPX PE File PE32 VirusTotal Malware Check memory Checks debugger unpack itself crashed				1.8		11	ZeroCERT

6145	2024-08-30 16:39	374b481f704c5ac8d04e4d92f2df5e... 6a5868425d6a234f502cc93da9013df2 AntiDebug AntiVM MSOffice File Code Injection RWX flags setting exploit crash unpack itself Windows utilities Windows Exploit DNS crashed				3.8			guest

6146	2024-08-30 16:38	f5c9ee003dc4f1dd578a393102938f... a1a12d64ae5e98d717e4a31fac953a8d Downloader Create Service Socket DGA Http API ScreenShot Escalate priviledges Steal credential PWS Hijack Network Sniff Audio HTTP DNS Code injection Internet API persistence FTP KeyLogger P2P AntiDebug AntiVM MSOffice File Code Injection RWX flags setting exploit crash unpack itself Windows utilities malicious URLs Tofsee Windows Exploit DNS crashed			2	4.8			guest

6147	2024-08-30 16:38	fd78ad3be58e5d0cbac1242ccdcbd1... 874858781e07cb3c3ce013b9e11dd7bc Downloader Create Service Socket DGA Http API ScreenShot Escalate priviledges Steal credential PWS Hijack Network Sniff Audio HTTP DNS Code injection Internet API persistence FTP KeyLogger P2P AntiDebug AntiVM MSOffice File Code Injection RWX flags setting exploit crash unpack itself Windows utilities malicious URLs Tofsee Windows Exploit DNS crashed			2	4.2			guest

6148	2024-08-30 16:37	7fda1e50488896f329561b30ea0c3f... 8d2b522ca500a1fe0745223e1578ebae AntiDebug AntiVM MSOffice File Code Injection RWX flags setting exploit crash unpack itself Windows utilities Windows Exploit DNS crashed				3.8			guest

6149	2024-08-30 11:23	nvidia.exe 4b3659cdd58a9f5cda08278568d65da1 Malicious Library VMProtect PE File PE64 VirusTotal Malware DNS		1		2.4	M	21	ZeroCERT

6150	2024-08-30 11:21	54.exe 0b1d213e54d820dd3fefa386aa3e1f43 Generic Malware Downloader UPX PE File ftp PE64 OS Processor Check VirusTotal Malware PDB				1.4	M	46	ZeroCERT