Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Score	Zero	VT	Player
6571	2023-12-15 15:21	microsoftdeletedprofilehistory... 1578764a625e6b24828568abf19b591a MS_RTF_Obfuscation_Objects RTF File doc Malware download VirusTotal Malware AgentTesla Malicious Traffic exploit crash unpack itself Windows Exploit DNS crashed	1 Keyword trend analysis	3	7 Info ET INFO Executable Download from dotted-quad Host ET MALWARE Likely Evil EXE download from dotted Quad by MSXMLHTTP M1 ET POLICY PE EXE or DLL Windows file download HTTP ET MALWARE Likely Evil EXE download from dotted Quad by MSXMLHTTP M2 ET HUNTING SUSPICIOUS Dotted Quad Host MZ Response SURICATA Applayer Detect protocol only one direction ET MALWARE AgentTesla Exfil via FTP	4.2	M	31	ZeroCERT

6572	2023-12-15 15:14	winpack-en-18f036cdef58fd.url 07419ec9bbd2759b58f49acd28287cd8 AntiDebug AntiVM URL Format VirusTotal Malware Code Injection Malicious Traffic unpack itself Windows utilities Windows DNS	3 Keyword trend analysis	1	2	3.6	M	3	ZeroCERT

6573	2023-12-15 15:14	Mpclient.dll 6ecc1d52fba67fdcade83bbdc9576477 Malicious Library UPX PE32 PE File DLL OS Processor Check VirusTotal Malware PDB Checks debugger unpack itself				1.6	M	22	ZeroCERT

6574	2023-12-15 15:12	microsoftdecidedtoreleaseautoh... 531a09e71351ec16fd78034a53bd1fec MS_RTF_Obfuscation_Objects RTF File doc VirusTotal Malware buffers extracted RWX flags setting exploit crash Exploit crashed				3.2	M	32	ZeroCERT

6575	2023-12-15 15:10	jst.js 55168cc1c03c6a5177fe0d4c559cbd6f VirusTotal Malware crashed				0.6	M	1	ZeroCERT

6576	2023-12-15 15:08	pdf.exe 0e9f35b662b5f2686e0648d014d144e2 UPX AntiDebug AntiVM PE32 PE File .NET EXE Browser Info Stealer RedLine Malware download FTP Client Info Stealer VirusTotal Malware Microsoft suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself Collect installed applications installed browsers check Stealer Windows Browser ComputerName DNS Cryptographic key Software crashed		1	3	11.0	M	40	ZeroCERT

6577	2023-12-15 15:07	microsoftdeletedprofilehistory... 1578764a625e6b24828568abf19b591a MS_RTF_Obfuscation_Objects RTF File doc VirusTotal Malware RWX flags setting exploit crash Exploit crashed				2.8	M	31	ZeroCERT

6578	2023-12-15 15:06	OnlineFix64.dll 0cccdd04b47dfcd6d20b4d1e21738cca PE File DLL PE64 VirusTotal Malware				1.6		38	ZeroCERT

6579	2023-12-15 15:05	setup.msi 512117fac8d5544ac9a0a911a1b7e2b8 Generic Malware Malicious Library Antivirus MSOffice File OS Processor Check VirusTotal Malware suspicious privilege Check memory Checks debugger unpack itself AntiVM_Disk VM Disk Size Check ComputerName				2.2		4	ZeroCERT

6580	2023-12-15 15:03	1.js fd70d6abba9da87f416b6c8829955573 VirusTotal Malware crashed				1.2		32	ZeroCERT

6581	2023-12-15 08:46	7.exe 58fc6de6c4e5d2fda63565d54feb9e75 Generic Malware Malicious Library Malicious Packer UPX PE32 PE File OS Processor Check WriteConsoleW				0.6	M		ZeroCERT

6582	2023-12-15 08:44	pdf.exe 2bce2e5420d837f173ce430e1da00d3c UPX AntiDebug AntiVM PE32 PE File .NET EXE Browser Info Stealer RedLine Malware download FTP Client Info Stealer Malware Microsoft suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself Collect installed applications installed browsers check Stealer Windows Browser ComputerName DNS Cryptographic key Software crashed		2	3	9.8	M		ZeroCERT

6583	2023-12-15 08:42	psaux.exe bd84bdff727b82364685f4179170d81e Malicious Packer UPX PE File PE64 Checks debugger Check virtual network interfaces DNS		1		2.0	M		ZeroCERT

6584	2023-12-15 08:39	4ygvd.exe 9641bf93090e32e89ceb1994165195ad Formbook .NET framework(MSIL) PE32 PE File .NET EXE PDB Check memory Checks debugger buffers extracted unpack itself Windows Cryptographic key				2.0	M		ZeroCERT

6585	2023-12-15 08:39	Cwzlz.exe b53777547ba689a1dd28cf3dbd7dd99f PE32 PE File .NET EXE Check memory Checks debugger unpack itself ComputerName				1.0	M		ZeroCERT