Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Score	Zero	VT	Player
6301	2024-08-22 11:31	random.exe a151cbfbefd0a8e04caa4aa5be8f388e Generic Malware Malicious Library UPX Code injection AntiDebug AntiVM PE File PE32 OS Processor Check VirusTotal Malware MachineGuid Code Injection Check memory Checks debugger buffers extracted RWX flags setting exploit crash unpack itself malicious URLs installed browsers check Tofsee Ransomware Exploit Browser ComputerName crashed		2	1	9.4		20	ZeroCERT

6302	2024-08-22 11:30	f.php e6f22534386dfeabe97f646659b7820a Malicious Library .NET framework(MSIL) PE File .NET EXE PE32 VirusTotal Malware Check memory Checks debugger unpack itself Check virtual network interfaces Tofsee Windows Cryptographic key		2	1	3.8	M	54	ZeroCERT

6303	2024-08-22 11:28	downloader.exe 64f01094081e5214edde9d6d75fca1b5 Generic Malware Malicious Library UPX PE File PE32 OS Processor Check VirusTotal Malware PDB unpack itself				1.4		13	ZeroCERT

6304	2024-08-22 11:27	yummysilkybutterbuncamewithcho... ed3c59a3e67a8803a62bb3ca27c9ad31 MS_RTF_Obfuscation_Objects RTF File doc VirusTotal Malware Malicious Traffic RWX flags setting exploit crash Tofsee Exploit DNS crashed	1 Keyword trend analysis	3	1	4.6		35	ZeroCERT

6305	2024-08-22 10:46	https://archivecloud.dev/ b43d9021a42d173048611a17339d2c85 Downloader Create Service Socket DGA Http API ScreenShot Escalate priviledges Steal credential PWS Hijack Network Sniff Audio HTTP DNS Code injection Internet API persistence FTP KeyLogger P2P AntiDebug AntiVM MSOffice File Code Injection exploit crash unpack itself Windows utilities malicious URLs Tofsee Windows Exploit DNS crashed	1 Keyword trend analysis	2	2	3.8			guest

6306	2024-08-21 21:20	scan_20240805144103.pdf e4f6cd4d0556d4a0841b0617f14efc92 PDF							guest

6307	2024-08-21 15:28	photo.jpeg.exe 1a530b88ea994df4c9cc20d9a9470a36 Malicious Library PE File PE64 VirusTotal Malware AutoRuns PDB ICMP traffic unpack itself Windows DNS		1		5.6		45	ZeroCERT

6308	2024-08-21 15:21	Public Official Property Decla... dfc1a7f27ae2cfbcfe0cea9c1305ce80 Escalate priviledges PWS KeyLogger AntiDebug AntiVM suspicious privilege Check memory Checks debugger Creates shortcut unpack itself DNS				3.6			ZeroCERT

6309	2024-08-21 15:19	통일부 5월 간담회 계획안(줄리 터너대사 방한건_인권 ... 028075a00beb580aae25e2d60180889f Generic Malware Antivirus AntiDebug AntiVM Lnk Format GIF Format PowerShell VirusTotal Malware powershell suspicious privilege Code Injection Check memory Checks debugger buffers extracted Creates shortcut Creates executable files unpack itself powershell.exe wrote suspicious process WriteConsoleW Windows ComputerName Cryptographic key				7.2		19	ZeroCERT

6310	2024-08-21 15:17	newupdate.hta 800ba50354158f39366e2b4e7f96a3eb Generic Malware Antivirus AntiDebug AntiVM MSOffice File PE File DLL PE32 .NET DLL VirusTotal Malware powershell suspicious privilege MachineGuid Code Injection Check memory Checks debugger Creates shortcut Creates executable files exploit crash unpack itself Windows utilities powershell.exe wrote suspicious process AppData folder Tofsee Windows Exploit ComputerName DNS Cryptographic key crashed		1	2	12.2		17	ZeroCERT

6311	2024-08-21 15:16	NATO%20company.lnk.lnk 1099227fc19bfaab01b509e016079fa0 Lnk Format GIF Format VirusTotal Malware Creates shortcut unpack itself WriteConsoleW	1 Keyword trend analysis			1.4		6	ZeroCERT

6312	2024-08-21 15:15	통일부 5월 간담회 계획안(줄리 터너대사 방한건_인권 ... 028075a00beb580aae25e2d60180889f Generic Malware Antivirus AntiDebug AntiVM Lnk Format GIF Format PowerShell VirusTotal Malware powershell suspicious privilege Code Injection Check memory Checks debugger buffers extracted Creates shortcut Creates executable files unpack itself powershell.exe wrote suspicious process WriteConsoleW Windows ComputerName Cryptographic key				7.2		19	ZeroCERT

6313	2024-08-21 14:27	file.pdf.lnk 589440925b53b50ff9f6518c1b532320 Suspicious_Script_Bin Generic Malware Downloader Antivirus Create Service Socket DGA Http API ScreenShot Escalate priviledges Steal credential PWS Sniff Audio HTTP DNS Code injection Internet API FTP KeyLogger P2P AntiDebug AntiVM Lnk Format GIF Format VirusTotal Malware powershell AutoRuns suspicious privilege MachineGuid Code Injection Check memory Checks debugger WMI Creates shortcut Creates executable files unpack itself Windows utilities suspicious process WriteConsoleW installed browsers check Tofsee Windows Browser ComputerName Cryptographic key crashed	1 Keyword trend analysis	2	1	12.6		18	ZeroCERT

6314	2024-08-21 14:27	MFWBlackFilter.js 0cece80f82110ef4c815ee2a192faaa0 crashed				0.2			ZeroCERT

6315	2024-08-21 14:26	202404_주중한국대사관 한중 북중·안보현안 1.5트... a4bd6d00abbd79ab00161ff538cfe703 Generic Malware Antivirus AntiDebug AntiVM HWP MSOffice File Lnk Format GIF Format PowerShell VirusTotal Malware powershell suspicious privilege Code Injection Check memory Checks debugger Creates shortcut Creates executable files unpack itself Windows utilities powershell.exe wrote Check virtual network interfaces suspicious process WriteConsoleW Tofsee Windows ComputerName Cryptographic key		2	2	10.0		36	ZeroCERT