Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Score	Zero	VT	Player
7471	2024-07-31 10:24	Invoice-2024-07-29.url 123301099bd2b21b2b13bddb06c940dc AntiDebug AntiVM URL Format Code Injection exploit crash unpack itself Windows utilities Tofsee Windows Exploit DNS crashed	3 Keyword trend analysis	1	8 Info ET INFO Executable Download from dotted-quad Host ET HUNTING WebDAV Retrieving .exe ET HUNTING Successful PROPFIND Response for Application Media Type ET WEB_CLIENT DLL or EXE File From Possible WebDAV Share Possible DLL Preloading Exploit Attempt ET POLICY PE EXE or DLL Windows file download HTTP ET HUNTING SUSPICIOUS Dotted Quad Host MZ Response SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) ET INFO TLS Handshake Failure	3.4	M		ZeroCERT

7472	2024-07-31 10:24	mywifeisbeautifull.vbs 02b6b577cf925689c42545770b951ac6 Generic Malware Antivirus PowerShell VirusTotal Malware powershell suspicious privilege Check memory Checks debugger Creates shortcut unpack itself Check virtual network interfaces suspicious process WriteConsoleW Tofsee Windows ComputerName Cryptographic key	2 Keyword trend analysis	2	1	7.2	M	11	ZeroCERT

7473	2024-07-31 10:24	Archivejuudyyy.jpeg.vbs 7f2edeb8382cb0397d03bf2b3b32e528 ActiveXObject VirusTotal Malware unpack itself crashed				1.0		8	ZeroCERT

7474	2024-07-31 10:22	taxpreperationz.exe 20bbb7f851683930e080e888e1fd7c5f Gen1 NSIS Generic Malware Malicious Library UPX Malicious Packer Antivirus Javascript_Blob Anti_VM PE File PE32 DLL OS Processor Check PE64 ftp icon PNG Format Malware suspicious privilege Check memory Creates executable files unpack itself AppData folder AntiVM_Disk Ransom Message VM Disk Size Check Ransomware				5.8			ZeroCERT

7475	2024-07-31 10:22	kjposter.exe 456509bf6306fe9f2f34cc8177cad73d Confuser .NET Malicious Library Malicious Packer .NET framework(MSIL) UPX PE File .NET EXE PE32 VirusTotal Malware suspicious privilege Check memory Checks debugger unpack itself Check virtual network interfaces Windows ComputerName Cryptographic key crashed				4.4	M	34	ZeroCERT

7476	2024-07-31 10:22	wearekingofthejunglewithentier... 070b1946c9ab7ef8801ece97cc27eb0c MS_RTF_Obfuscation_Objects RTF File doc VirusTotal Malware Malicious Traffic exploit crash unpack itself Tofsee Exploit DNS crashed	1 Keyword trend analysis	3	1	4.6	M	39	ZeroCERT

7477	2024-07-31 10:19	memissedverynicesweetkissheren... cf3ae921fc075c967cac5a5e384849bc MS_RTF_Obfuscation_Objects RTF File doc Malware Malicious Traffic RWX flags setting exploit crash Tofsee Exploit DNS crashed	1 Keyword trend analysis	3	1	3.6	M		ZeroCERT

7478	2024-07-31 10:19	meneedyourverybadlywithentiret... f781d204ec1279f75a5cc307a7617260 MS_RTF_Obfuscation_Objects RTF File doc Malware Malicious Traffic exploit crash unpack itself Tofsee Exploit DNS crashed	1 Keyword trend analysis	3	1	3.6	M		ZeroCERT

7479	2024-07-31 10:17	medium 581bca6d99edd1eb945af367af110a8c UPX PE File PE32 VirusTotal Malware PDB RCE				1.4	M	30	ZeroCERT

7480	2024-07-31 10:17	oo ea252af032b9cb8339089c3a8369e6b3 UPX PE File PE32 VirusTotal Malware PDB RCE				1.6	M	41	ZeroCERT

7481	2024-07-31 10:17	123123123 73afff7e03cd55b7bc02151da0782e7b UPX PE File PE32 VirusTotal Malware PDB RCE				1.6	M	32	ZeroCERT

7482	2024-07-31 10:17	releaseform db1ae063d1be2bcb6af8f4afb145cdc4 UPX PE File PE32 VirusTotal Malware PDB RCE				1.4	M	29	ZeroCERT

7483	2024-07-31 10:17	video.lnk 55f9bf18d0ea6f426693056bde8a443f Generic Malware Antivirus AntiDebug AntiVM Lnk Format GIF Format VirusTotal Malware powershell suspicious privilege Code Injection Check memory Checks debugger Creates shortcut RWX flags setting unpack itself powershell.exe wrote suspicious process Interception Windows ComputerName DNS Cryptographic key	1 Keyword trend analysis	2	1	7.4		25	ZeroCERT

7484	2024-07-31 10:16	SetupPacket bcd6b5fcc67a0ebde9c476dd48111041 UPX PE File PE32 VirusTotal Malware PDB RCE				1.4	M	37	ZeroCERT

7485	2024-07-31 09:59	truck.lnk 88004ecaabefd311a5abf9b192486964 Generic Malware Antivirus AntiDebug AntiVM Lnk Format GIF Format VirusTotal Malware powershell suspicious privilege Code Injection Check memory Checks debugger Creates shortcut RWX flags setting unpack itself powershell.exe wrote suspicious process suspicious TLD Interception Windows ComputerName DNS Cryptographic key	1 Keyword trend analysis	2	1	7.8		22	ZeroCERT