Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Score	Zero	VT	Player
6511	2023-12-20 07:57	voice5.13sert.exe b4b6bb1999d278b1eeb19783fce5cab4 Gen1 Malicious Library UPX Malicious Packer Anti_VM PE File PE64 ftp OS Processor Check DLL PNG Format ZIP Format icon Malware Check memory Creates executable files Ransomware				2.0			ZeroCERT

6512	2023-12-20 07:57	agent3.ps1 274945641a4f798a13bddec960a82670 Generic Malware Antivirus Check memory Checks debugger unpack itself WriteConsoleW Windows ComputerName Cryptographic key crashed				2.2	M		ZeroCERT

6513	2023-12-20 07:57	1afd11ac-e4a1-428c-a564-7314eb... 125a5c30fd99f5f53b2914e9f6cf1627 Gen1 Malicious Library ASPack UPX Anti_VM PE File PE64 OS Processor Check DLL ZIP Format Check memory Creates executable files crashed				1.4			ZeroCERT

6514	2023-12-20 07:55	wlanext.exe 228a21c1d3bdd03a1c3877e918913632 Generic Malware Malicious Library UPX Antivirus PE32 PE File powershell suspicious privilege Check memory Checks debugger Creates shortcut unpack itself Windows utilities powershell.exe wrote suspicious process Windows ComputerName Cryptographic key crashed				6.0	M		ZeroCERT

6515	2023-12-20 07:51	spfasiazx.exe 89ebe827b46d7e08adb6aa47e3761fed Formbook PWS AntiDebug AntiVM PE32 PE File .NET EXE PDB suspicious privilege Code Injection Check memory Checks debugger buffers extracted ICMP traffic unpack itself Check virtual network interfaces Tofsee Windows ComputerName Cryptographic key crashed		2	2	10.2			ZeroCERT

6516	2023-12-20 07:51	buildz.exe c108826f0555d4e9d6f1fcd7f0b872cd Malicious Library UPX PE32 PE File OS Processor Check unpack itself Windows crashed				1.8	M		ZeroCERT

6517	2023-12-20 07:49	%E6%B9%96%E5%8D%97%E7%81%AB%E9... 47db8f0121da0533cbceaf3179f28b4f UPX PE32 PE File unpack itself Remote Code Execution crashed				1.8			ZeroCERT

6518	2023-12-20 07:48	alex.exe 794fc2da25b437ba1f88c2276b336c4d AgentTesla .NET framework(MSIL) PWS SMTP KeyLogger AntiDebug AntiVM PE32 PE File .NET EXE Browser Info Stealer FTP Client Info Stealer Email Client Info Stealer PDB suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself Check virtual network interfaces IP Check Tofsee Windows Browser Email ComputerName DNS Cryptographic key Software crashed		2	4	9.6	M		ZeroCERT

6519	2023-12-19 18:35	microsoftprofile.vbs 7469ff142c0075494c1225977f91ddf5 Generic Malware Antivirus Hide_URL PowerShell VirusTotal Malware powershell suspicious privilege Check memory Checks debugger buffers extracted wscript.exe payload download Creates shortcut unpack itself Check virtual network interfaces suspicious process WriteConsoleW Tofsee Windows ComputerName Cryptographic key	4 Keyword trend analysis	5	2	9.0		3	ZeroCERT

6520	2023-12-19 12:21	Updationavailableformisofficet... 1990c5debf314b3860557e285f8c00ac MS_RTF_Obfuscation_Objects RTF File doc VirusTotal Malware VBScript Malicious Traffic buffers extracted RWX flags setting exploit crash Tofsee Exploit DNS crashed	3 Keyword trend analysis	6	3	4.6	M	34	ZeroCERT

6521	2023-12-19 12:21	Microsoftdecidedtodeleteentire... bd52f7a13aed1b9c15db012d98964c2c MS_RTF_Obfuscation_Objects RTF File doc Malware download Remcos VirusTotal Malware Malicious Traffic buffers extracted exploit crash unpack itself Windows Exploit DNS crashed	2 Keyword trend analysis	5	6 Info ET JA3 Hash - Remcos 3.x TLS Connection ET INFO Executable Download from dotted-quad Host ET MALWARE Likely Evil EXE download from dotted Quad by MSXMLHTTP M1 ET POLICY PE EXE or DLL Windows file download HTTP ET MALWARE Likely Evil EXE download from dotted Quad by MSXMLHTTP M2 ET HUNTING SUSPICIOUS Dotted Quad Host MZ Response	4.6	M	33	ZeroCERT

6522	2023-12-19 12:18	upgradedtechnologyfordeleteent... 0e760369df71ec360aed63e8363796cc MS_RTF_Obfuscation_Objects RTF File doc VirusTotal Malware Malicious Traffic buffers extracted exploit crash unpack itself Exploit DNS crashed	1 Keyword trend analysis	1	1	4.6	M	35	ZeroCERT

6523	2023-12-19 12:18	installer.msi 91096f053b15929f5ef64db5b7029f82 Generic Malware Malicious Library Antivirus MSOffice File OS Processor Check VirusTotal Malware suspicious privilege Check memory Checks debugger unpack itself AntiVM_Disk VM Disk Size Check ComputerName				2.2		5	ZeroCERT

6524	2023-12-19 09:15	2023_12_10_1702192534929__com.... d41d8cd98f00b204e9800998ecf8427e AntiDebug AntiVM Email Client Info Stealer suspicious privilege Checks debugger Creates shortcut unpack itself installed browsers check Browser Email ComputerName				3.4			guest

6525	2023-12-19 07:40	lve5.exe 82182c7f430666ecd80649a3c9d4b06a UPX PE32 PE File AutoRuns Check memory RWX flags setting AntiVM_Disk sandbox evasion VM Disk Size Check Windows Browser DNS		2	2	4.4	M		ZeroCERT