Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Score	Zero	VT	Player
6916	2023-11-28 10:04	afriq.js 0cd971ef91e57c0c285da2fe74c2d6ec ActiveXObject VirusTotal Malware wscript.exe payload download Tofsee	1 Keyword trend analysis	2	2	2.0		5	ZeroCERT

6917	2023-11-28 09:58	BMW.txt.exe d3495009e35cc99a03329dda752d0bf4 AgentTesla Malicious Library Malicious Packer UPX PE32 PE File .NET EXE OS Name Check OS Memory Check OS Processor Check Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware suspicious privilege Check memory Checks debugger unpack itself Check virtual network interfaces IP Check Tofsee Browser Email ComputerName DNS Software crashed		2	4	5.2		49	ZeroCERT

6918	2023-11-28 09:58	ndldll.txt.exe 4e88cb52fa6c33f10aeeac975b2e4cd4 UPX PE32 PE File DLL VirusTotal Malware Check memory Checks debugger RWX flags setting unpack itself AntiVM_Disk sandbox evasion VM Disk Size Check Browser ComputerName Remote Code Execution DNS		1		5.4	M	35	ZeroCERT

6919	2023-11-28 09:57	File_HTA.hta dba4ee200dd745d57b7bb1f6dcdfe8d5 Generic Malware Antivirus Hide_URL AntiDebug AntiVM PowerShell MSOffice File VirusTotal Malware powershell suspicious privilege MachineGuid Code Injection Check memory Checks debugger buffers extracted Creates shortcut exploit crash unpack itself Windows utilities powershell.exe wrote Check virtual network interfaces suspicious process WriteConsoleW Tofsee Windows Exploit ComputerName DNS Cryptographic key crashed	3 Keyword trend analysis	3	2	10.0		4	ZeroCERT

6920	2023-11-28 09:56	brAZILLLFile_HTA.hta e72b286e211eec5f15fcd218ffcc389c Generic Malware Antivirus AntiDebug AntiVM PowerShell VirusTotal Malware powershell suspicious privilege MachineGuid Code Injection Check memory Checks debugger buffers extracted Creates shortcut RWX flags setting unpack itself Windows utilities powershell.exe wrote Check virtual network interfaces suspicious process WriteConsoleW Tofsee Windows ComputerName Cryptographic key	2 Keyword trend analysis	3	1	10.0		4	ZeroCERT

6921	2023-11-28 09:56	vbsss.jpg.exe db2ee1ea937d2e49bc3f237edde48cfb Generic Malware Antivirus PE32 PE File DLL .NET DLL VirusTotal Malware				0.6		14	ZeroCERT

6922	2023-11-28 09:34	Random.exe bb83e8db740d3441abb88dc34fd3759e PE32 PE File .NET EXE VirusTotal Malware PDB Check memory Checks debugger unpack itself ComputerName				2.0	M	26	ZeroCERT

6923	2023-11-28 09:32	Zdznzuwlua.exe 46c0e34ddfde46cdcf8bde9398c4d958 UPX AntiDebug AntiVM PE32 PE File .NET EXE VirusTotal Malware AutoRuns suspicious privilege Code Injection Check memory Checks debugger buffers extracted Creates executable files unpack itself AppData folder Windows Cryptographic key				9.2	M	48	ZeroCERT

6924	2023-11-28 09:29	wealthzx.exe bec11ca3a3a72fbb4b93e078f03b2e78 AgentTesla .NET framework(MSIL) PWS SMTP KeyLogger AntiDebug AntiVM PE32 PE File .NET EXE Browser Info Stealer VirusTotal Email Client Info Stealer Malware PDB suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself Browser Email ComputerName crashed				9.0	M	30	ZeroCERT

6925	2023-11-28 09:29	microsoftbrowserEdgedeletedhis... 75ae457731beea5721c8107608ee8316 MS_RTF_Obfuscation_Objects RTF File doc VirusTotal Malware exploit crash unpack itself Tofsee Exploit crashed		2	3	2.8	M	30	ZeroCERT

6926	2023-11-28 09:28	wininit.exe e8fc0040e6882e0b9ea0e830b6d74d65 Formbook .NET framework(MSIL) PWS AntiDebug AntiVM PE32 PE File .NET EXE FormBook Malware download VirusTotal Malware PDB suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted unpack itself ComputerName	2 Keyword trend analysis	5	1	9.0	M	29	ZeroCERT

6927	2023-11-28 09:27	file2data.exe e1628c99654edfe58f07bddbd9b29940 Malicious Packer .NET framework(MSIL) UPX PE32 PE File .NET EXE OS Processor Check VirusTotal Malware PDB Check memory Checks debugger unpack itself Check virtual network interfaces Tofsee Windows ComputerName		2	2	3.2	M	39	ZeroCERT

6928	2023-11-28 09:25	wlanext.exe 3713c253ab56bf85aaa806fc41cc6905 AgentTesla .NET framework(MSIL) KeyLogger AntiDebug AntiVM PE32 PE File .NET EXE Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself Windows Browser Email ComputerName Cryptographic key Software crashed				11.6	M	43	ZeroCERT

6929	2023-11-28 09:25	filer.exe 51f23cd8d73782f1dd032789f10def23 Malicious Packer Antivirus .NET framework(MSIL) UPX PE32 PE File .NET EXE OS Processor Check VirusTotal Malware PDB				1.6	M	31	ZeroCERT

6930	2023-11-28 09:23	file1.exe a7c67b27eb08e972fe6bb64df73bd19d Malicious Packer Antivirus .NET framework(MSIL) UPX Anti_VM PE32 PE File .NET EXE OS Processor Check VirusTotal Malware PDB Check memory Checks debugger unpack itself ComputerName				2.4	M	48	ZeroCERT