Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Hosts	IDS	Score	Zero	VT	Player
7351	2021-04-19 10:18	SECH.exe c272d7b6b2c0b86e6883edbaa57f61f4 PWS .NET framework VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger buffers extracted Creates executable files unpack itself Windows utilities suspicious process AppData folder WriteConsoleW Windows ComputerName crashed			11.6	M	25	r0d

7352	2021-04-19 10:22	a268e9e152c260a0e80431aa8d6df1... a58394937da9d3adb33e948058fde4e9 VBA_macro Vulnerability VirusTotal Malware Malicious Traffic unpack itself Tofsee	14 Info blogs.g2gtechnologies.com(208.91.199.15) - malware sureoptimize.com(142.93.247.242) - malware tenmoney.business(104.21.8.30) - mailcious pattayastore.com(202.183.165.89) - malware rsimadinah.com(66.96.230.225) - malware insvat.com(185.42.104.77) - malware littleindiadirectory.com(18.141.196.101) - malware 185.42.104.77 - malware 208.91.199.15 - malware 202.183.165.89 142.93.247.242 104.21.8.30 66.96.230.225 - malware 18.141.196.101 - malware	1	4.8	M	50	r0d

7353	2021-04-19 13:53	a268e9e152c260a0e80431aa8d6df1... a58394937da9d3adb33e948058fde4e9 VBA_macro Vulnerability VirusTotal Malware Malicious Traffic unpack itself Tofsee	14 Info blogs.g2gtechnologies.com(208.91.199.15) - malware sureoptimize.com(142.93.247.242) - malware tenmoney.business(172.67.156.186) - mailcious pattayastore.com(202.183.165.89) - malware rsimadinah.com(66.96.230.225) - malware insvat.com(185.42.104.77) - malware littleindiadirectory.com(18.141.196.101) - malware 185.42.104.77 - malware 208.91.199.15 - malware 202.183.165.89 142.93.247.242 104.21.8.30 66.96.230.225 - malware 18.141.196.101 - malware	1	4.8	M	50	guest

7354	2021-04-19 16:44	beautyhealth.exe 3f7b4f0adea1d5162ac77679fb66be40 VirusTotal Malware Check memory Checks debugger unpack itself AppData folder			3.0	M	29	ZeroCERT

7355	2021-04-19 16:45	msvhost.exe 9487de43f88f7e89bb5d3999f58bff15 VirusTotal Malware unpack itself DNS			2.8	M	45	ZeroCERT

7356	2021-04-19 16:46	mcoYqpno.exe c43424026a62e758b3902b6d88349bb0 VirusTotal Malware PDB Check memory			2.0	M	54	ZeroCERT

7357	2021-04-19 16:48	setup%20-%202021-04-14T145545.... bc77142742a9c68969d4fec89f940fe8 unpack itself Remote Code Execution			1.2	M		ZeroCERT

7358	2021-04-19 16:49	lv.exe ca53a81dbdcd1af8f750800b3911a77f Emotet Malicious Library VirusTotal Malware Code Injection Check memory Checks debugger Creates executable files unpack itself Windows utilities suspicious process AppData folder malicious URLs AntiVM_Disk WriteConsoleW VM Disk Size Check Windows DNS	1		7.6	M	32	ZeroCERT

7359	2021-04-19 16:50	Taurus_1.exe 1f7e656cf2ef6e41eecacd7f9fdd258b VirusTotal Malware unpack itself			1.8	M	22	ZeroCERT

7360	2021-04-19 16:52	xlss.exe 4f5390b92f8ff72c45f690ab986d5d96 PWS .NET framework AsyncRAT backdoor VirusTotal Malware Check memory Checks debugger unpack itself			1.8		18	ZeroCERT

7361	2021-04-19 16:54	vbc.exe 8ebc5fda2631c040d6a4fc7a95314b93 VirusTotal Malware unpack itself			1.8	M	25	ZeroCERT

7362	2021-04-19 16:57	svchost.out.exe 775029e6ac5944e85432fe39daf93ad7 VirusTotal Malware Check memory Checks debugger WMI unpack itself ComputerName crashed			4.2	M	59	ZeroCERT

7363	2021-04-19 16:59	Chapo.exe c6c55d4ec62be18675a039e710ab6ae2 VirusTotal Malware unpack itself Remote Code Execution			2.4	M	50	ZeroCERT

7364	2021-04-19 17:06	vbc.exe 5fc57e8a4e5255d173fb47ab64f1ff86 PWS .NET framework AsyncRAT backdoor VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself Windows utilities suspicious process WriteConsoleW Windows ComputerName Cryptographic key crashed			10.8		17	ZeroCERT

7365	2021-04-19 17:06	vbc.exe f854b53260f930337a75cdd7011b7622 PWS .NET framework AsyncRAT backdoor VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself Windows ComputerName DNS Cryptographic key crashed			9.4		14	ZeroCERT