Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Rule	Score	Zero	VT	Player
7546	2024-07-30 09:36	event.php 61c5a8e414a47b8cc2c69e1ac4370a35 Generic Malware Malicious Library Malicious Packer UPX PE File PE64 OS Processor Check VirusTotal Malware AutoRuns Checks debugger Windows utilities suspicious process WriteConsoleW Windows ComputerName					3.6		50	ZeroCERT

7547	2024-07-30 09:27	heistheheroofnewthingstogetmeb... f7c34c11bb5d9cdcece78edae0beff42 MS_RTF_Obfuscation_Objects RTF File doc Malware download VirusTotal Malware Malicious Traffic RWX flags setting exploit crash Exploit DNS crashed	2 Keyword trend analysis	2	2	1	4.8	M	40	ZeroCERT

7548	2024-07-30 09:26	btpooxygenthingsrgreattonderst... 432a2f5af4e1bf29730f042f0d39178f MS_RTF_Obfuscation_Objects RTF File doc Malware download VirusTotal Malware Malicious Traffic exploit crash unpack itself Exploit DNS crashed	2 Keyword trend analysis	2	2	1	4.6	M	38	ZeroCERT

7549	2024-07-30 07:54	svchac.exe 60911c2b06b79fb3827c5ee11abc3eca Gen1 Generic Malware Malicious Library ASPack UPX Anti_VM PE File PE64 OS Processor Check DLL ZIP Format Check memory Creates executable files					1.0	M		ZeroCERT

7550	2024-07-30 07:54	zbi.exe 0534ab10184891cd61d262bfd79b7b4c Generic Malware Malicious Library Malicious Packer UPX PE File PE64 OS Processor Check PDB					0.2			ZeroCERT

7551	2024-07-30 07:54	uIZtAux.exe 8d14c4ba7260c61ecde30d97fd3c124a RedLine stealer RedlineStealer Malicious Library .NET framework(MSIL) UPX PE File .NET EXE PE32 OS Processor Check Browser Info Stealer RedLine Malware download FTP Client Info Stealer Malware Microsoft suspicious privilege Check memory Checks debugger buffers extracted unpack itself Collect installed applications installed browsers check Stealer Windows Browser ComputerName DNS Cryptographic key Software crashed		1	6 Info ET DROP Spamhaus DROP Listed Traffic Inbound group 30 ET INFO Microsoft net.tcp Connection Initialization Activity ET MALWARE Redline Stealer TCP CnC Activity ET MALWARE [ANY.RUN] RedLine Stealer/MetaStealer Family Related (MC-NMF Authorization) ET MALWARE Redline Stealer TCP CnC - Id1Response ET MALWARE Redline Stealer/MetaStealer Family Activity (Response)		5.0	M		ZeroCERT

7552	2024-07-30 07:49	build.exe 94ecbd522a17fe53a48486a00f748e64 Lumma Stealer UPX PE File PE32								ZeroCERT

7553	2024-07-30 07:47	PPGcgnyW.exe 670d1014ec5713d005f8ddfefc495a9e AsyncRAT task schedule Downloader Malicious Packer .NET framework(MSIL) UPX Create Service Socket DGA Http API ScreenShot Escalate priviledges Steal credential PWS Sniff Audio HTTP DNS Code injection Internet API FTP KeyLogger P2P AntiDebug AntiVM PE File AutoRuns Code Injection Windows utilities suspicious process AppData folder WriteConsoleW Windows ComputerName					4.0			ZeroCERT

7554	2024-07-30 07:47	svchost.exe 6ddd28445b8fc2485cb72f22d1adc936 Malicious Packer PE File PE32 MZP Format unpack itself Windows utilities suspicious process WriteConsoleW Windows ComputerName					3.0			ZeroCERT

7555	2024-07-29 23:52	main.exe 2d2f169d73a4d73bc16fe22e43d0bd8c Generic Malware Malicious Library UPX PE File PE32 MZP Format OS Processor Check Check memory Checks debugger buffers extracted RWX flags setting unpack itself suspicious process WriteConsoleW Windows Cryptographic key					3.4			guest

7556	2024-07-29 18:18	loveyou.exe 55e6cc81525f58cf81496b1f13f555b3 Malicious Library PE File PE64 Malware download Cobalt Strike Cobalt VirusTotal Malware RWX flags setting unpack itself ComputerName DNS	2 Keyword trend analysis	1	2		3.8		61	ZeroCERT

7557	2024-07-29 17:16	runner.exe d095b91d348e777c95b845c77246022f Generic Malware Malicious Library Malicious Packer UPX PE File PE64 VirusTotal Malware RCE crashed					2.0		41	ZeroCERT

7558	2024-07-29 17:16	payload.docm 840a3a122c7e418626500dd39ae492dc VBA_macro Doc XML Downloader Word 2007 file format(docx) ZIP Format VirusTotal Malware exploit crash unpack itself Exploit crashed	2 Keyword trend analysis				2.8		19	ZeroCERT

7559	2024-07-29 17:15	hvnc.ps1 4bee61710cce2761e3a01e0d7cb7da34 Generic Malware Antivirus powershell suspicious privilege Check memory Checks debugger Creates shortcut unpack itself Check virtual network interfaces suspicious process Windows ComputerName Cryptographic key	1 Keyword trend analysis	2			7.2			ZeroCERT

7560	2024-07-29 17:06	vnm2.txt.vbs 8b2d2b9a6d36abcb2b1b8a60f9898374 Generic Malware Antivirus PowerShell VirusTotal Malware powershell suspicious privilege Malicious Traffic Check memory Checks debugger Creates shortcut unpack itself Check virtual network interfaces suspicious process WriteConsoleW Tofsee Windows ComputerName DNS Cryptographic key	1 Keyword trend analysis	2	3		9.2	M	12	ZeroCERT