Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Rule	Score	Zero	VT	Player
7531	2023-10-23 13:15	nigazxbb.vbs 4f67a35c1cef3eea2e6734e08beed57f Generic Malware Antivirus PowerShell VirusTotal Malware powershell suspicious privilege Check memory Checks debugger buffers extracted Creates shortcut unpack itself Check virtual network interfaces suspicious process WriteConsoleW Tofsee Windows ComputerName Cryptographic key	2 Keyword trend analysis	2	1		8.8		16	ZeroCERT

7532	2023-10-23 13:14	kwen.vbs 6919d3ccefbb9391a2f2a4deb3e52e70 Generic Malware Antivirus PowerShell VirusTotal Malware powershell suspicious privilege Check memory Checks debugger buffers extracted Creates shortcut unpack itself Check virtual network interfaces suspicious process WriteConsoleW Tofsee Windows ComputerName Cryptographic key	2 Keyword trend analysis	2	1		8.8		16	ZeroCERT

7533	2023-10-23 12:18	adyfriday.vbs 288d724f6234e9a79e54451391e158fe Generic Malware Antivirus PWS KeyLogger AntiDebug AntiVM PowerShell Browser Info Stealer VirusTotal Email Client Info Stealer Malware powershell suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted Creates shortcut unpack itself Check virtual network interfaces suspicious process WriteConsoleW Tofsee EXPLOIT_KIT Windows Exploit Browser Email ComputerName DNS Cryptographic key crashed	2 Keyword trend analysis	3	2		16.0	M	3	ZeroCERT

7534	2023-10-23 12:18	droidwednesdayyyFile.vbs c6cc9287c08464bfe297be623543d72d Generic Malware Antivirus PowerShell VirusTotal Malware powershell suspicious privilege Check memory Checks debugger buffers extracted Creates shortcut unpack itself Check virtual network interfaces suspicious process WriteConsoleW Tofsee Windows ComputerName Cryptographic key	2 Keyword trend analysis	2	1		8.6		4	ZeroCERT

7535	2023-10-23 12:18	abyx.vbs a4b27b7143e37f8c1c3d038e22fab7e5 Generic Malware Antivirus PowerShell VirusTotal Malware powershell suspicious privilege Check memory Checks debugger buffers extracted Creates shortcut unpack itself Check virtual network interfaces suspicious process WriteConsoleW Tofsee Windows ComputerName Cryptographic key	2 Keyword trend analysis	2	1		8.8		17	ZeroCERT

7536	2023-10-23 09:43	audiodgse.exe df247bbfaf91dbe0da4d79a04cfb5ca3 Formbook NSIS Malicious Library UPX PE File PE32 FormBook Malware download VirusTotal Malware suspicious privilege Malicious Traffic Check memory Creates executable files unpack itself	4 Keyword trend analysis Info http://www.jizihao1.com/sy22/?GVW8=3PKlaCPIzU4vEpSTCliM62U/p7q8/wgFKC2xum1ddk3IfpDEo7oK1Mr0Jaw/Go0sFzx2J7Yb&uzuD=Zld0rPDHNj - rule_id: 36544 http://www.displayfridges.fun/sy22/?GVW8=aXg/rmbVwlFwwtnhCbViqZ1yX+MILNYt2xJKgyzLKbDp+5cOMXOnKyz8SWn7ESolc4/lQPeb&uzuD=Zld0rPDHNj - rule_id: 37104 http://www.podplugca.com/sy22/?GVW8=1SbEEVOB0X5p51zw8Y9tIyj0s4wRGWDD/YTF5BQf3aGuyUlv8rzVEk4tRHrNdM/Dikld30uR&uzuD=Zld0rPDHNj - rule_id: 36546 http://www.qixservice.online/sy22/?GVW8=VBKd4i1TBAeTlYBnm9tWLCP4ww2vn+XVFOQPMnsW4AFxqlBX+KApyR5y0aXQ0sSyxSIvT0ne&uzuD=Zld0rPDHNj - rule_id: 35938	8	1	4	4.2	M	45	ZeroCERT

7537	2023-10-23 09:42	fra.exe ba3cc252387fd4f90201c371bd3e0190 Generic Malware Malicious Library UPX Malicious Packer PE File PE32 OS Processor Check Browser Info Stealer RedLine Malware download VirusTotal Malware Microsoft suspicious privilege Check memory Checks debugger buffers extracted unpack itself Collect installed applications WriteConsoleW installed browsers check Stealer Windows Browser ComputerName DNS Cryptographic key crashed		1	4		5.8	M	48	ZeroCERT

7538	2023-10-23 09:36	chungzx.exe 1471855e22fc3165fffc6e371bc01feb Client SW User Data Stealer Backdoor RemcosRAT browser info stealer Downloader Google Chrome User Data .NET framework(MSIL) Create Service Socket DGA Http API ScreenShot Escalate priviledges Steal credential PWS Sniff Audio HTTP DNS Code injection Interne VirusTotal Malware Buffer PE AutoRuns PDB suspicious privilege Code Injection Check memory Checks debugger buffers extracted Creates executable files unpack itself Windows utilities WriteConsoleW Windows					10.8	M	54	ZeroCERT

7539	2023-10-23 09:33	ca.exe 3963c955a34f058077d9010e4950c9b7 Generic Malware Malicious Library UPX Malicious Packer PE File PE32 OS Processor Check Browser Info Stealer RedLine Malware download VirusTotal Malware Microsoft suspicious privilege Check memory Checks debugger buffers extracted unpack itself Collect installed applications installed browsers check Stealer Windows Browser ComputerName DNS Cryptographic key crashed		1	4		5.6	M	51	ZeroCERT

7540	2023-10-23 09:31	HTMLcachies.dOC e8277a6ee73ffeb63f76e8343e1ac5e4 MS_RTF_Obfuscation_Objects RTF File doc VirusTotal Malware VBScript Malicious Traffic RWX flags setting exploit crash Tofsee Exploit DNS crashed	1 Keyword trend analysis	3	2		4.2	M	34	ZeroCERT

7541	2023-10-23 09:31	Aviso%20de%20Pago_Banco%20BCP_... 6f9a2815395092a00026fb6ef6ea6ba5 .NET framework(MSIL) PE File PE32 .NET EXE VirusTotal Malware Check memory Checks debugger unpack itself ComputerName					2.2	M	52	ZeroCERT

7542	2023-10-23 09:29	Veeam.Backup.Service.exe 03aa72059e81beaaf61c76488cbebd4c Malicious Library UPX Malicious Packer PE File PE32 OS Processor Check VirusTotal Malware Check memory crashed					0.8		7	ZeroCERT

7543	2023-10-23 09:28	msedge.exe 8deea0c4169b1d9d343201b39e8e1478 PE File PE32 .NET EXE VirusTotal Malware PDB Check memory Checks debugger unpack itself ComputerName					2.8	M	44	ZeroCERT

7544	2023-10-21 18:34	Tr4nsf3r.pcapng 910a772ad5925b5951830b85bbd96563 AntiDebug AntiVM Email Client Info Stealer suspicious privilege Checks debugger Creates shortcut unpack itself installed browsers check Browser Email ComputerName					3.4			guest

7545	2023-10-20 18:43	7725eaa6592c80f8124e769b4e8a07... 55dcac727da37d5a80e10443624af68e Malicious Library UPX PE File PE32 OS Processor Check VirusTotal Malware unpack itself					1.6	M	24	ZeroCERT