Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Rule	Score	Zero	VT	Player
6541	2021-03-26 15:10	date.php ab70894ecc3d92c51f4086a1253bebb9 Emotet Gen Dridex TrickBot VirusTotal Malware PDB suspicious privilege Malicious Traffic Checks debugger buffers extracted ICMP traffic RWX flags setting unpack itself Check virtual network interfaces suspicious process Kovter ComputerName DNS crashed	4 Keyword trend analysis Info https://67.212.241.178/login.cgi?uri=/index.html - rule_id: 447 https://67.212.241.178/cookiechecker?uri=/rob86/TEST22-PC_W617601.8737B6E31BA23B3C4DD9E983745731F0/5/file/ - rule_id: 447 https://71.40.62.107/rob86/TEST22-PC_W617601.8737B6E31BA23B3C4DD9E983745731F0/5/file/ https://67.212.241.178/index.html - rule_id: 447	9	2	3	9.4	M	11	ZeroCERT

6542	2021-03-26 15:14	optonline.php 2c4ba65ebe45a97b6e43a971c6ad580b VirusTotal Malware Checks debugger unpack itself crashed					2.4	M	42	ZeroCERT

6543	2021-03-26 15:18	mar2403.exe a84aad2cbe9b58a2f49a0aa913cfe2c1 Azorult .NET framework VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself Windows DNS Cryptographic key					8.0		21	ZeroCERT

6544	2021-03-26 15:19	pack.exe 4b9c4ce6bfb3627ec42b6d50420a74e5 unpack itself					1.4			ZeroCERT

6545	2021-03-26 15:20	lol.exe 43ee0f8e53e7a8bc3b2fb2e69fe0f198 Azorult .NET framework VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself Windows ComputerName DNS Cryptographic key crashed					9.4		15	ZeroCERT

6546	2021-03-26 15:23	helbb3289.tar b2b0ce409720d7d0693f7f1453895541 Gen VirusTotal Malware PDB Check memory unpack itself DNS crashed					2.6		30	ZeroCERT

6547	2021-03-26 15:25	hhh.exe 9493d47531a24062a3e20e5581f4c17c Azorult .NET framework VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger unpack itself Windows DNS Cryptographic key					5.8		20	ZeroCERT

6548	2021-03-26 16:35	userx.scr 8aa2f93e6823ab808c2b5c55192f220c Antivirus Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware powershell suspicious privilege Code Injection Check memory Checks debugger buffers extracted Creates shortcut unpack itself Disables Windows Security powershell.exe wrote suspicious process WriteConsoleW Windows Browser Email ComputerName DNS Cryptographic key Software crashed keylogger					14.6	M	26	ZeroCERT

6549	2021-03-26 16:37	ebYBO10oU96aGW7.exe aa46a177d59c5f284f855dbed66b07b6 Azorult .NET framework VirusTotal Malware Check memory Checks debugger unpack itself					2.2	M	31	ZeroCERT

6550	2021-03-26 16:39	host.exe b59fe006636630d23d00a29b5cb0d4a8 FormBook Malware download VirusTotal Malware suspicious privilege Malicious Traffic Check memory Creates executable files ICMP traffic unpack itself Windows utilities AppData folder sandbox evasion Windows ComputerName DNS	18 Keyword trend analysis Info http://www.montcoimmigrationlawyer.com/uoe8/?jP=DVW7OxuR/l0MgT0nDzIJzGfsiMq3vXOqW3XcgnFXnAhOJxKbpl47XJscsrRJEeE6Tdv++OFn&bv=YV8dsLxptXkTb8w http://www.borderlesstrade.info/uoe8/?jP=KG7GP8kQJ7f7bh2nZHIUYpAKl+7w5dexMWLQrwQy9VOH3OWZin4Y/kCKwdprQ5fvvE63V5kn&bv=YV8dsLxptXkTb8w http://www.zagorafinancial.com/uoe8/?jP=0AgkmMdZi2B/s/x2xloO7jEL6e2GWsoAGGdo86zfhMS5r5fcHnf1oJ4CApN5/9z28joZDZ+a&bv=YV8dsLxptXkTb8w http://www.gooddoggymedia.com/uoe8/?jP=g6sAxrRpkk0ELFA9bfctro+Kdmjt/MYSrVtMXGBXJP+9wo4kRfutIHI8M+wh68WA8Vx7XQ/Z&bv=YV8dsLxptXkTb8w http://www.boldercoolware.com/uoe8/?jP=ZPMJ9Ig2jcDDRMUR35HvUTMzXYPlG+joZF16VOQmjcpl1W+1IEbM7TrGmeH0iJz1SAy/3wBF&bv=YV8dsLxptXkTb8w http://www.boldercoolware.com/uoe8/ http://www.bucktheherd.net/uoe8/?jP=nwXRa0s9aNLedRmqYCc085JySmfdMJU3v/tBrY+dYcOQzXSkAqJkLLDGbYUwhecVlPFbemg7&bv=YV8dsLxptXkTb8w http://www.fibermover.com/uoe8/ http://www.lanren.plus/uoe8/ http://www.lanren.plus/uoe8/?jP=tMPs/lCCUJyXhCtAb5b8gcWtLLVD4pee8R/Nt6qFrEMANauGy9c5Nh7d9aIxKCpuae/zz+V5&bv=YV8dsLxptXkTb8w http://www.zagorafinancial.com/uoe8/ http://www.montcoimmigrationlawyer.com/uoe8/ http://www.borderlesstrade.info/uoe8/ http://www.fibermover.com/uoe8/?jP=6wr609VzgiVnFrtDyDK49BerhrrLsGkNJqFtccejO0tOUzB+0R0y4du94ZvVjsXBRQGHekeA&bv=YV8dsLxptXkTb8w http://www.rangamaty.com/uoe8/?jP=R56IzDXbjiKZQiW1EQwuK2xVQqAmQzk7iKSIY0yKLDzU7Q9+F9pwjIJqWtsinPaIuC7h0Eu6&bv=YV8dsLxptXkTb8w http://www.bucktheherd.net/uoe8/ http://www.gooddoggymedia.com/uoe8/ http://www.rangamaty.com/uoe8/	21 Info www.borderlesstrade.info(172.67.212.56) www.nevadasmallbusinessattorney.com() www.boldercoolware.com(52.52.194.179) www.zagorafinancial.com(162.209.114.201) www.fibermover.com(34.102.136.180) www.bjzjgjg.com() www.gooddoggymedia.com(198.49.23.145) www.montcoimmigrationlawyer.com(184.168.131.241) www.rangamaty.com(54.39.133.15) www.best20singles.com() www.bucktheherd.net(192.64.81.209) www.lanren.plus(188.164.131.200) 162.209.114.201 198.49.23.145 - mailcious 104.21.53.110 198.251.81.30 - mailcious 34.102.136.180 - mailcious 54.39.133.15 52.52.155.86 184.168.131.241 - mailcious 192.64.81.209	3		8.2		14	ZeroCERT

6551	2021-03-26 16:39	eShKTlyVQQ1s5P8.exe aa51238a6e01df0a9d330f67972af754 Azorult .NET framework VirusTotal Malware Check memory Checks debugger unpack itself Windows DNS Cryptographic key					2.8	M	22	ZeroCERT

6552	2021-03-26 16:39	Rj3alDyiLXkDuFa.exe 7dd72a955142cd20d13a9cdbff595da8 Azorult .NET framework VirusTotal Malware Check memory Checks debugger unpack itself					2.0	M	24	ZeroCERT

6553	2021-03-26 16:41	zxYMOD6SDfWi1bH.exe ba76d51c605e60f3f43240e1ec1e5c96 Azorult .NET framework VirusTotal Malware Check memory Checks debugger unpack itself Windows DNS Cryptographic key					3.0	M	31	ZeroCERT

6554	2021-03-26 16:42	5VOtljiG1kQtfxU.exe fe7f9d8316a3a8a75af52367021b0db2 Azorult .NET framework VirusTotal Malware Check memory Checks debugger unpack itself					2.0	M	27	ZeroCERT

6555	2021-03-26 16:44	AFCqxjccyseSfBd.exe 8f5603abf955b12d55fe6e763ac4fde3 Azorult .NET framework VirusTotal Malware Check memory Checks debugger unpack itself Windows DNS Cryptographic key					3.0	M	31	ZeroCERT