Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Rule	Score	Zero	VT	Player
7366	2021-04-19 17:08	winlog.exe 36dff976427ac27d7fb7294960ac4092 VirusTotal Malware unpack itself DNS					2.4	M	22	ZeroCERT

7367	2021-04-19 17:11	orgg.exe a53cb89c79820a3ad6b1a157d6a31eec PWS .NET framework AsyncRAT backdoor VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself Windows utilities suspicious process WriteConsoleW Windows ComputerName DNS Cryptographic key crashed					12.0	M	21	ZeroCERT

7368	2021-04-19 17:23	Chapo.exe c6c55d4ec62be18675a039e710ab6ae2 Library Malware VirusTotal Malware unpack itself Remote Code Execution					2.4	M	50	r0d

7369	2021-04-19 17:24	vbc.exe 8ebc5fda2631c040d6a4fc7a95314b93 Library Malware VirusTotal Malware unpack itself					1.8	M	25	r0d

7370	2021-04-19 17:25	msvhost.exe 9487de43f88f7e89bb5d3999f58bff15 Library Malware VirusTotal Malware unpack itself					2.2	M	45	r0d

7371	2021-04-19 17:26	winlog.exe 36dff976427ac27d7fb7294960ac4092 Library Malware VirusTotal Malware unpack itself					1.8	M	22	r0d

7372	2021-04-19 17:41	svchost.out.exe 775029e6ac5944e85432fe39daf93ad7 Library Malware VirusTotal Malware Check memory Checks debugger WMI unpack itself ComputerName crashed					4.2	M	59	r0d

7373	2021-04-19 21:40	xvhostb.exe 2b0ddd050806aebc7d52fb39a313b08e VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself Windows Cryptographic key					7.2		18	ZeroCERT

7374	2021-04-19 21:55	...dot 6282f2cfbc7e8a2bbecb1561130dd074 Malware download VirusTotal Malware Malicious Traffic exploit crash unpack itself Windows Exploit DNS crashed Downloader	1 Keyword trend analysis	1	6 Info ET INFO Executable Download from dotted-quad Host ET MALWARE Terse alphanumeric executable downloader high likelihood of being hostile ET MALWARE Likely Evil EXE download from dotted Quad by MSXMLHTTP M1 ET POLICY PE EXE or DLL Windows file download HTTP ET MALWARE Likely Evil EXE download from dotted Quad by MSXMLHTTP M2 ET HUNTING SUSPICIOUS Dotted Quad Host MZ Response		4.0		23	ZeroCERT

7375	2021-04-19 21:57	vbc.exe 6f3ab49fde594d6a299b9361e8a1e5bf Library Malware FormBook Malware download VirusTotal Malware suspicious privilege Code Injection Malicious Traffic Checks debugger buffers extracted unpack itself DNS	22 Keyword trend analysis Info http://www.forrealmodels.com/qjnt/ - rule_id: 872 http://www.p-col.com/qjnt/ http://www.elletesla.com/qjnt/ http://www.qianyafs.com/qjnt/ http://www.p-col.com/qjnt/?0VMpQN=AlRGUhtOASekR6Shv6PK8D5jI0orflNyLqeAW8gQLJMWztyryKrTxBwqgbjsumPKuPLLYR4z&j2MHjD=aDKPfJ6hU http://www.gailrichardson.com/qjnt/?0VMpQN=cQpYuVHVGObCoOy3oJObHgw0bCNAclVj5U/7sRdD/qRSo/tXEB2YKGAusTd/rcUBeGIQZ61D&j2MHjD=aDKPfJ6hU - rule_id: 797 http://www.garage-repair-near-me.com/qjnt/?0VMpQN=SFWGNogCdRPbv9IHlgLj+noeLN3MNjx5JCSysnMK8dtHcwov5tbgLKQp134ItuEqLMfflPDR&j2MHjD=aDKPfJ6hU http://www.crochenista.com/qjnt/ - rule_id: 788 http://www.crochenista.com/qjnt/?0VMpQN=J6zJO2/PwCYDrPfd6ahXoqg8qe3TXVYRwNW46sX1F3TUCNiZ+HIDBehPRyNHfGKllpDSpMGn&j2MHjD=aDKPfJ6hU - rule_id: 788 http://www.houstonwingate.com/qjnt/ - rule_id: 879 http://www.elletesla.com/qjnt/?0VMpQN=w8ZR7E/hc+j5jpzEYF3C38++8xnWzrUr6ha7vFqAWBIkOhrd5tXcQQqBa7FD2s3fOpgtc/be&j2MHjD=aDKPfJ6hU http://www.forrealmodels.com/qjnt/?0VMpQN=/8UA4kKoPYWid4Wy4SiZil89tJjdT7ic7hTrtZ5fAe41kMJ49sOOTLg7IOgO80aghp25g4RJ&j2MHjD=aDKPfJ6hU - rule_id: 872 http://www.afribus-sarl.com/qjnt/ - rule_id: 794 http://www.garage-repair-near-me.com/qjnt/ http://www.frotaconceitos.com/qjnt/ - rule_id: 878 http://www.gailrichardson.com/qjnt/ - rule_id: 797 http://www.desenergie.info/qjnt/ http://www.houstonwingate.com/qjnt/?0VMpQN=CzEu8ZxrHnRoIa1yxDkB+HouEa3BiY3cm4vRhwDecVIGXXoKItZ0uSpGs804ymz2gjLlGyUN&j2MHjD=aDKPfJ6hU - rule_id: 879 http://www.frotaconceitos.com/qjnt/?0VMpQN=SklQbBNIGDp60jmvc81YaO0+TakJjqFF7kfS9N7pp+kjm4De+jDioVGollGezL8QEhW81teu&j2MHjD=aDKPfJ6hU - rule_id: 878 http://www.desenergie.info/qjnt/?0VMpQN=rIvnIspkIdnPCoGZCAE9Yyjwzq+ktcSOqy9hEbZs9QfxJyyhbonWr+37Qm+BENXim6iQibCf&j2MHjD=aDKPfJ6hU http://www.qianyafs.com/qjnt/?0VMpQN=QcNsLv0Chw7IfBb23h+lmN3B8aAALtVYdRRGh90W5oVN3guaiDNHYhDZ8aXUCD2A331ZgZDV&j2MHjD=aDKPfJ6hU http://www.afribus-sarl.com/qjnt/?0VMpQN=6zsJ3I6fnvnvPqNUuHAovJSNRJHpn5EvvBYNRoEL7J7xd/JGdiWMrLKdjv+wu5Vp5UHXoriB&j2MHjD=aDKPfJ6hU - rule_id: 794	24 Info www.forrealmodels.com(188.93.150.60) www.frotaconceitos.com(23.227.38.74) www.afribus-sarl.com(156.67.222.15) www.bhcsva.com() - mailcious www.elletesla.com(34.102.136.180) www.slots-drift-casino.com() - mailcious www.p-col.com(192.254.225.104) www.crochenista.com(162.241.216.98) www.garage-repair-near-me.com(34.102.136.180) www.desenergie.info(185.104.29.100) www.halostreams.net() - mailcious www.hdepo.com() www.qianyafs.com(139.9.59.47) www.gailrichardson.com(52.58.78.16) www.houstonwingate.com(34.102.136.180) 188.93.150.60 - mailcious 162.241.216.98 - mailcious 52.58.78.16 - mailcious 34.102.136.180 - mailcious 139.9.59.47 185.104.29.100 192.254.225.104 156.67.222.15 - mailcious 23.227.38.74 - mailcious	1	12 Info http://www.forrealmodels.com/qjnt/ http://www.gailrichardson.com/qjnt/ http://www.crochenista.com/qjnt/ http://www.crochenista.com/qjnt/ http://www.houstonwingate.com/qjnt/ http://www.forrealmodels.com/qjnt/ http://www.afribus-sarl.com/qjnt/ http://www.frotaconceitos.com/qjnt/ http://www.gailrichardson.com/qjnt/ http://www.houstonwingate.com/qjnt/ http://www.frotaconceitos.com/qjnt/ http://www.afribus-sarl.com/qjnt/	8.6	M	35	ZeroCERT

7376	2021-04-19 21:57	svchost.exe 16c9ff30d2ed6ef5374c6a1e27750a3b VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself suspicious process Windows ComputerName Cryptographic key					10.0	M	20	ZeroCERT

7377	2021-04-19 21:58	lv.exe bd3f3284ad56a6efbadb2864e9e3d492 Emotet Library Malware Malicious Library VirusTotal Malware Code Injection Check memory Checks debugger Creates executable files unpack itself Windows utilities suspicious process AppData folder malicious URLs AntiVM_Disk WriteConsoleW VM Disk Size Check Windows DNS		1			7.0	M	27	ZeroCERT

7378	2021-04-19 21:59	vbc.exe f17d8c94783597296264ab489cfc64b8 VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself Windows ComputerName Cryptographic key crashed					8.8	M	17	ZeroCERT

7379	2021-04-19 22:00	givernorx.exe 6fad4976da2bd04abe815d5d70abcb59 Browser Info Stealer VirusTotal Email Client Info Stealer Malware MachineGuid Check memory Checks debugger buffers extracted WMI Creates executable files unpack itself AppData folder AntiVM_Disk VM Disk Size Check installed browsers check Browser Email ComputerName DNS DDNS crashed		2	1		7.8	M	21	ZeroCERT

7380	2021-04-19 22:02	mvp.exe a7d695342e3187d5dec594fae7668bd9 VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself Windows ComputerName DNS Cryptographic key crashed		1			9.6	M	24	ZeroCERT