Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Rule	Score	Zero	VT	Player
7321	2021-04-17 09:13	2021 데이터기반 미래전망 연구_(평화안보).doc... 6a614ca002c5b3a4d7023faffc0546e1 VirusTotal Malware unpack itself					2.0		29	guest

7322	2021-04-17 09:15	사례비 지급의뢰서.doc d7b717134358bbeefc5796b5912369f0 Vulnerability VirusTotal Malware unpack itself DNS	1 Keyword trend analysis	2			3.6		23	guest

7323	2021-04-17 10:08	bigmanx.exe dfd632783e3542fd1bd09ae916d59a12 AsyncRAT backdoor Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself Windows Browser Email ComputerName DNS Cryptographic key Software crashed keylogger					11.8	M	25	ZeroCERT

7324	2021-04-17 10:08	dutyx.exe 801f5b2e55c1168dfa6b1e6d0c8c9663 Google Chrome User Data browser info stealer AsyncRAT backdoor VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself Windows utilities suspicious process malicious URLs WriteConsoleW Windows ComputerName DNS Cryptographic key keylogger		1			13.2	M	23	ZeroCERT

7325	2021-04-17 10:10	man.exe 89ea4532a1fdfc04805e6158e2c55711 AsyncRAT backdoor VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself malicious URLs Windows ComputerName DNS Cryptographic key crashed					10.0	M	20	ZeroCERT

7326	2021-04-17 10:11	aguerox.exe be64ba16260fa8f15fe08e3fbcc32a0a AsyncRAT backdoor VirusTotal Malware Malicious Traffic Check memory Checks debugger unpack itself Check virtual network interfaces Tofsee Windows ComputerName DNS Cryptographic key	6 Keyword trend analysis Info http://bornforthis.ml/liverpool-fc-news/features/steven-gerrard-liverpool-future-dalglish--goal-8D306B0B42F37AE8814979F5718988BB.html - rule_id: 969 http://bornforthis.ml/liverpool-fc-news/features/steven-gerrard-liverpool-future-dalglish--goal-A2DC6DDDB051F23AE27593EE6177D2CE.html - rule_id: 969 http://bornforthis.ml/liverpool-fc-news/features/steven-gerrard-liverpool-future-dalglish--goal-F974651699F7A075AAAF2F0C9FB48273.html - rule_id: 969 https://bornforthis.ml/liverpool-fc-news/features/steven-gerrard-liverpool-future-dalglish--goal-A2DC6DDDB051F23AE27593EE6177D2CE.html - rule_id: 970 https://bornforthis.ml/liverpool-fc-news/features/steven-gerrard-liverpool-future-dalglish--goal-8D306B0B42F37AE8814979F5718988BB.html - rule_id: 970 https://bornforthis.ml/liverpool-fc-news/features/steven-gerrard-liverpool-future-dalglish--goal-F974651699F7A075AAAF2F0C9FB48273.html - rule_id: 970	2	3	6	3.6	M	45	ZeroCERT

7327	2021-04-17 10:13	shedyx.exe f47588652d18e1ebbdc247442a84de26 VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself Windows DNS Cryptographic key					8.2	M	39	ZeroCERT

7328	2021-04-17 10:13	drunk.exe 14ec8620dd7c36679694b12420be829b AsyncRAT backdoor VirusTotal Malware PDB suspicious privilege MachineGuid Malicious Traffic Check memory Checks debugger unpack itself Check virtual network interfaces IP Check ComputerName crashed	1 Keyword trend analysis	2	1		5.0	M	42	ZeroCERT

7329	2021-04-17 10:15	filename.exe d8b640850b70e36c4994bbcc45202470 VirusTotal Malware unpack itself DNS					2.4		21	ZeroCERT

7330	2021-04-17 10:16	ffa.exe 36d68e329da71e5569b5c4221a8660fc Antivirus VirusTotal Malware powershell suspicious privilege MachineGuid Check memory Checks debugger buffers extracted Creates shortcut Creates executable files unpack itself powershell.exe wrote suspicious process Windows ComputerName Cryptographic key					7.8		36	ZeroCERT

7331	2021-04-17 10:18	Ttcmb.exe d239a7aeffee188f2aa966e9f252e4bb AsyncRAT backdoor Browser Info Stealer FTP Client Info Stealer Email Client Info Stealer Malware suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted unpack itself Check virtual network interfaces malicious URLs IP Check Tofsee Windows Browser Email ComputerName DNS Cryptographic key DDNS Software crashed	2 Keyword trend analysis	4	4		12.2			ZeroCERT

7332	2021-04-17 10:19	lv.exe 89492053b065ae2c7f39a462e6048092 Glupteba Emotet Malicious Library VirusTotal Malware Code Injection Check memory Checks debugger Creates executable files unpack itself Windows utilities suspicious process AppData folder malicious URLs AntiVM_Disk WriteConsoleW VM Disk Size Check Windows DNS crashed		1			7.8	M	21	ZeroCERT

7333	2021-04-17 10:20	catalog-359462809.xlsm f00e8a3cb014f7732fe0b5b685304ff2 unpack itself Tofsee DNS	2 Keyword trend analysis	9	2		3.4			ZeroCERT

7334	2021-04-17 10:20	puff.exe aa444cd99154f376edbbc9c3effa1f66 VirusTotal Malware unpack itself					1.8	M	21	ZeroCERT

7335	2021-04-17 10:22	catalog-350434392.xlsm 94e7b5a0f5cecb24336de03de0771631 unpack itself Tofsee DNS	1 Keyword trend analysis	9 Info alexandrea-friesen16ka.ru.com(34.95.253.189) - mailcious useragent20.barloggio.net(116.0.21.14) - mailcious jerry-dibbert16ih.ru.com(34.95.253.189) ri.posgradocolumbia.edu.py(50.87.146.86) - mailcious casadopai.net.br(192.185.214.152) - mailcious 192.185.214.152 - mailcious 50.87.146.86 - mailcious 116.0.21.14 - mailcious 34.95.253.189 - mailcious	2		3.4	M		ZeroCERT