Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Score	Zero	VT	Player
7471	2021-04-21 16:27	http://42.224.243.9:49107/Mozi... fbe51695e97a45dc61967dc3241a37dc VirusTotal Malware Code Injection RWX flags setting unpack itself Windows utilities Windows DNS	1 Keyword trend analysis	1	1	4.2			Kim.GS

7472	2021-04-21 17:04	Electronic form.doc 223975e6f03f5cc32074a00e82f8cf99 VBA_macro Vulnerability VirusTotal Malware Malicious Traffic unpack itself DNS	1 Keyword trend analysis	13 Info www.masque.es(82.223.13.171) attech.ml() - mailcious masque.es(82.223.13.171) - malware lidiscom.com.br(151.106.103.54) - malware admvero.com.br(187.1.136.117) - mailcious mesdelicesitaliens.fr(195.201.121.99) - malware dev.dosily.in() - mailcious facanha.com.br(191.6.208.15) - mailcious 195.201.121.99 - mailcious 187.1.136.117 - mailcious 151.106.103.54 191.6.208.15 - mailcious 82.223.13.171 - malware	1	3.8	M	41	guest

7473	2021-04-21 17:15	BrowserUpdate.exe 048aa5b804cde0768111c633e0faa028 VirusTotal Cryptocurrency Miner Malware Cryptocurrency AutoRuns Check memory Creates executable files unpack itself Windows utilities Auto service suspicious process AppData folder sandbox evasion WriteConsoleW Windows Browser ComputerName Remote Code Execution		2	1	8.6		38	guest

7474	2021-04-21 17:47	xvhostb.exe a1d6e3ac3ee1adbbc7a16e5f7d7cac1d PWS .NET framework VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself Windows Cryptographic key		1		7.6		36	ZeroCERT

7475	2021-04-21 17:48	build.exe f0a0ccf33628d9aa836215c7754752e0 Library Malware VirusTotal Malware unpack itself DNS				2.4		23	ZeroCERT

7476	2021-04-21 17:50	Rproxy.exe 7a8db408f5edd590e2b11ca0a797b23d Library Malware VirusTotal Malware unpack itself DNS		1		3.4		22	ZeroCERT

7477	2021-04-21 18:40	O28C.dll d0b30b11795c869a2d3c83be6761067b Emotet VirusTotal Malware Checks debugger RWX flags setting unpack itself sandbox evasion Windows Cryptographic key				3.6		49	guest

7478	2021-04-21 23:28	046cb520.exe 3e814f38a7158bfc8fe36004e2b9f1fd Gen2 Gen1 VirusTotal Malware PDB Remote Code Execution				1.0		6	guest

7479	2021-04-22 00:51	지불 사본.exe 43162c21e9c1e6a7846205665fce59ec PWS .NET framework				0.4		14	guest

7480	2021-04-22 07:12	PO.exe 30bd38d2a90db3510019a3fe7dae45cd Malicious Packer PWS .NET framework Generic Malware AsyncRAT backdoor VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger buffers extracted Creates executable files unpack itself Windows utilities suspicious process AppData folder WriteConsoleW Windows ComputerName crashed				11.6		26	ZeroCERT

7481	2021-04-22 07:22	lv.exe 0e6086a647b4a58bc42c89671352da18 Library Malware Malicious Library VirusTotal Malware Code Injection Check memory Checks debugger Creates executable files unpack itself Windows utilities suspicious process AppData folder malicious URLs AntiVM_Disk WriteConsoleW VM Disk Size Check Windows DNS		1		7.4		29	ZeroCERT

7482	2021-04-22 07:29	file.rtf 9ca89139d0918e5078122113fc883a7e Malware Malicious Traffic buffers extracted unpack itself Tofsee	8 Keyword trend analysis Info https://asw-sns.link/202/0BDXUKUO8U8p243usxNT46Yj5zTXyrUwpuXOqx92/45326/2623/14188cd3 https://mofa.iugur.live/2623/1/45326/3/1/1/1840589558/files-910af97c/1/plaoi https://mofa.iugur.live/2623/1/45326/3/1/1/1840589558/files-4057b130/1/lkjhg https://mofa.iugur.live/2623/1/45326/3/3/1/1840589560/files-16aef47a/1/cuui?data=AQZ0ZXN0MjInSW50ZWwoUikgQ29yZShUTSkgaTUtODQwMCBDUFUgQCAyLjgwR0h6ATISXFwuXFBIWVNJQ0FMRFJJVkUwCzM0MzU2OTk0NTYwBzUyNDI0MjQIMTA0ODMwMDQJVEVTVDIyLVBDDDk0REUyNzhDMzI3NA== https://mofa.iugur.live/2623/1/45326/3/3/0/1840589382/files-72843a7a/0/data?d= https://mofa.iugur.live/2623/1/45326/3/3/1/1840589560/files-a2da9285/1/lapd?data=2 https://mofa.iugur.live/2623/1/45326/3/3/1/1840589560/files-a2da9285/1/lapd?data=1 https://mofa.iugur.live/2623/1/45326/3/1/1/1840589382/files-52f76d0b/0/	4	1	2.8			ZeroCERT

7483	2021-04-22 07:36	지불 사본.exe 43162c21e9c1e6a7846205665fce59ec PWS .NET framework				0.4		14	ZeroCERT

7484	2021-04-22 09:53	file.rtf 9ca89139d0918e5078122113fc883a7e RTF File doc Malware Malicious Traffic buffers extracted exploit crash unpack itself Tofsee Exploit crashed	3 Keyword trend analysis Info https://mofa.iugur.live/2623/1/45326/3/3/0/1840589382/files-72843a7a/0/data?d= https://mofa.iugur.live/2623/1/45326/3/1/1/1840589382/files-52f76d0b/0/ https://mofa.iugur.live/2623/1/45326/3/3/0/1840589382/files-72843a7a/0/data?d=&e=%EC%9B%90%EA%B2%A9%20%EC%84%9C%EB%B2%84%EC%97%90%EC%84%9C%20(404)%20%EC%B0%BE%EC%9D%84%20%EC%88%98%20%EC%97%86%EC%9D%8C%20%EC%98%A4%EB%A5%98%EB%A5%BC%20%EB%B0%98%ED%99%98%ED%96%88%EC%8A%B5%EB%8B%88%EB%8B%A4.	2	1	3.0	M		r0d

7485	2021-04-22 10:22	지불 사본.exe 43162c21e9c1e6a7846205665fce59ec PWS .NET framework				0.4		14	Kim.GS