Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Score	Zero	VT	Player
7141	2023-11-13 10:47	InstallSetup8.exe 5f5a15189f9eca3843ae765a41106e3f NSIS Generic Malware Malicious Library UPX Antivirus Malicious Packer Admin Tool (Sysinternals etc ...) Anti_VM PE32 PE File PNG Format OS Processor Check ZIP Format JPEG Format BMP Format CHM Format DLL icon PE64 CAB MZP Format MSOffice File Word 2007 fi Malware Check memory Creates executable files unpack itself AppData folder AntiVM_Disk VM Disk Size Check Ransomware				5.0	M		ZeroCERT

7142	2023-11-13 10:46	InstallSetup6.exe c4d534c2279d1e53893f70f6444f1067 NPKI HermeticWiper NSIS Generic Malware Suspicious_Script Malicious Library UPX Antivirus Malicious Packer Admin Tool (Sysinternals etc ...) Anti_VM Javascript_Blob PE32 PE File PNG Format JPEG Format OS Processor Check ZIP Format icon BMP Format PE64 CAB Malware Check memory Creates executable files unpack itself AppData folder AntiVM_Disk VM Disk Size Check Ransomware				5.0	M		ZeroCERT

7143	2023-11-13 10:41	InstallSetup7.exe e31dd6f0e2b467c367370f18ba09f0f8 NSIS Generic Malware Malicious Library UPX Antivirus Malicious Packer Admin Tool (Sysinternals etc ...) Anti_VM PE32 PE File PNG Format OS Processor Check ZIP Format JPEG Format BMP Format CHM Format DLL icon PE64 CAB MZP Format MSOffice File Word 2007 fi Malware Check memory Creates executable files unpack itself AppData folder AntiVM_Disk VM Disk Size Check Ransomware				5.0	M		ZeroCERT

7144	2023-11-13 10:40	WeMod-Setup.exe b5d9ec4463780fe7ff0cad5b7e794ec2 Gen1 Malicious Library Malicious Packer UPX ASPack Anti_VM PE32 PE File DLL PE64 OS Processor Check ZIP Format .NET EXE VirusTotal Malware Buffer PE Check memory Checks debugger buffers extracted Creates executable files unpack itself AppData folder crashed				4.8	M	60	ZeroCERT

7145	2023-11-13 10:39	HCLcleanupcachecookiebacupclea... 17042d1b64ee37cbd64e3f77a967cfda MS_RTF_Obfuscation_Objects RTF File doc Malware VBScript Malicious Traffic exploit crash unpack itself Tofsee Exploit DNS crashed	3 Keyword trend analysis	6	3	3.2	M		ZeroCERT

7146	2023-11-12 18:49	0311.dll 28ade89b1d09d13581d3abe00d7658fb Malicious Library UPX PE File DLL PE64 DllRegisterServer dll Check memory unpack itself crashed				1.2	M		ZeroCERT

7147	2023-11-12 14:46	ACR.exe 4247de093585ea6db6b6c520ca81247d Malicious Library Malicious Packer UPX PE32 PE File OS Processor Check Browser Info Stealer FTP Client Info Stealer Malware Cryptocurrency wallets Cryptocurrency Malicious Traffic Check memory Ransomware Interception Browser ComputerName DNS Software	2 Keyword trend analysis	1		5.6	M		ZeroCERT

7148	2023-11-12 14:43	11.11.2023_URUN_DOSYASI.PDF.ja... 5b5f0954e451fd2ec65d98c73850f136 ZIP Format Check memory heapspray unpack itself Java				1.6	M		ZeroCERT

7149	2023-11-12 14:41	11.11.2023_URUN_LISTESI.CSV.ja... f858788e48ae55d66e9ee3e32bf8ffe8 ZIP Format Check memory heapspray unpack itself Java				1.6	M		ZeroCERT

7150	2023-11-12 14:40	11.11.2023_SIPARISLER.DOCX.jar 5ae53798de1427f31fa77a3bc776af1f ZIP Format Check memory Checks debugger WMI RWX flags setting unpack itself Windows utilities suspicious process WriteConsoleW Windows ComputerName crashed				3.4	M		ZeroCERT

7151	2023-11-12 14:39	j-1 cf69c6526775008e39917f8d61ffd8ca Malicious Library Downloader UPX PE32 PE File DLL JPEG Format ZIP Format Malware download Malware Malicious Traffic Check memory Checks debugger Creates executable files RWX flags setting unpack itself AppData folder sandbox evasion Windows Browser ComputerName DNS Downloader	4 Keyword trend analysis	1	6 Info ET POLICY PE EXE or DLL Windows file download HTTP ET MALWARE JS/WSF Downloader Dec 08 2016 M7 ET INFO Executable Retrieved With Minimal HTTP Headers - Potential Second Stage Download ET HUNTING SUSPICIOUS Dotted Quad Host MZ Response ET INFO EXE - Served Attached HTTP ET INFO EXE IsDebuggerPresent (Used in Malware Anti-Debugging)	7.8	M		ZeroCERT

7152	2023-11-12 14:38	Nfwwamql.exe c8c92a207e2a92499a19f26f04b3d8b2 UPX PE File PE64 MachineGuid Check memory Checks debugger unpack itself				1.4	M		ZeroCERT

7153	2023-11-11 21:47	SIPARIS_62444520.PDF.jar c9000f0381622e97f6bdd056b9a30a8f ZIP Format Check memory heapspray unpack itself Java				1.6	M		guest

7154	2023-11-11 16:52	j-3 89d063bf866a6428c1cd61b9caeb5bec Malicious Library Downloader UPX PE32 PE File DLL ZIP Format JPEG Format Malware download Malware Malicious Traffic Check memory Checks debugger Creates executable files RWX flags setting unpack itself sandbox evasion Windows Browser ComputerName DNS Downloader	4 Keyword trend analysis	1	6 Info ET POLICY PE EXE or DLL Windows file download HTTP ET MALWARE JS/WSF Downloader Dec 08 2016 M7 ET INFO Executable Retrieved With Minimal HTTP Headers - Potential Second Stage Download ET HUNTING SUSPICIOUS Dotted Quad Host MZ Response ET INFO EXE - Served Attached HTTP ET INFO EXE IsDebuggerPresent (Used in Malware Anti-Debugging)	6.8	M		ZeroCERT

7155	2023-11-11 16:50	system12.exe 76237495f1127cd3e1506ef3cdac3fbb Malicious Library UPX AntiDebug AntiVM PE32 PE File MZP Format ftp OS Processor Check Buffer PE AutoRuns suspicious privilege Code Injection Check memory Checks debugger buffers extracted WMI Creates executable files unpack itself Windows utilities suspicious process AppData folder malicious URLs sandbox evasion WriteConsoleW Windows ComputerName		1		10.4	M		ZeroCERT