Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Rule	Score	Zero	VT	Player
7561	2021-04-24 17:57	43f4dab6d5ea1eecee44d7e673ab98... e94a29784a21f2d27a636a1c09cf399e Emotet Gen1 VirusTotal Malware Check memory Checks debugger unpack itself AppData folder AntiVM_Disk VM Disk Size Check ComputerName DNS					3.4		7	ZeroCERT

7562	2021-04-24 17:58	xpertee.exe 63a7dd2640491df5075a08bf335545a6 Malicious Packer VirusTotal Malware Buffer PE Code Injection Check memory Checks debugger buffers extracted RWX flags setting unpack itself Disables Windows Security Windows ComputerName crashed					9.6		10	ZeroCERT

7563	2021-04-24 17:59	vannyx.exe c1211693246ffe7d31958ae00991032c VirusTotal Malware suspicious privilege Check memory Checks debugger unpack itself DNS					3.6	M	39	ZeroCERT

7564	2021-04-24 18:01	godeth.exe e3b8893e65bdb0f42574c0f7e05ec8ce AsyncRAT backdoor VirusTotal Malware AutoRuns suspicious privilege MachineGuid Code Injection Check memory Checks debugger buffers extracted Creates executable files unpack itself Windows utilities suspicious process malicious URLs WriteConsoleW Windows ComputerName					12.8	M	41	ZeroCERT

7565	2021-04-24 18:02	Cacheman.txt ae8f9d9b8344d52f0872dfdc852e1dd4 Gen2 Gen1 VirusTotal Malware Check memory Creates executable files unpack itself AppData folder suspicious TLD DNS crashed		2			4.4		10	ZeroCERT

7566	2021-04-24 18:03	liamx.exe 78eb364d9506dcea9139b1de2896cc36 PWS .NET framework AsyncRAT backdoor Browser Info Stealer FTP Client Info Stealer VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself Windows Browser ComputerName Cryptographic key Software crashed					10.4	M	40	ZeroCERT

7567	2021-04-24 18:04	ze6p62.zip bcdb8892ade3fbcef1e017b8c8acca6a Gen2 Gen1 VirusTotal Malware PDB unpack itself DNS crashed					2.8	M	40	ZeroCERT

7568	2021-04-24 18:06	ntdw1.exe 2cf6144870e0ba1a5290316435125321 Cryptocurrency_miner Antivirus AsyncRAT backdoor VirusTotal Cryptocurrency Miner Malware Cryptocurrency AutoRuns PDB Malicious Traffic Check memory Checks debugger buffers extracted Creates executable files unpack itself Auto service Check virtual network interfaces suspicious process sandbox evasion Windows Browser DNS	1 Keyword trend analysis	3	7 Info ET INFO Executable Download from dotted-quad Host ET HUNTING Suspicious csrss.exe in URI ET INFO Packed Executable Download ET POLICY PE EXE or DLL Windows file download HTTP ET INFO Executable Retrieved With Minimal HTTP Headers - Potential Second Stage Download ET HUNTING SUSPICIOUS Dotted Quad Host MZ Response ET POLICY Cryptocurrency Miner Checkin	1	9.0	M	47	ZeroCERT

7569	2021-04-24 18:07	bd4e3yw.tar e6b7ec0dd1cd7b8f7c08ec2d4d369d8d Gen2 Gen1 VirusTotal Malware PDB unpack itself DNS crashed					2.6	M	34	ZeroCERT

7570	2021-04-24 18:14	ind.html 474212e701552f22566f71a1585e8e94 VirusTotal Malware AutoRuns Code Injection Check memory Checks debugger buffers extracted Creates executable files unpack itself Windows utilities suspicious process AppData folder sandbox evasion WriteConsoleW Windows ComputerName DNS		1			9.4	M	29	ZeroCERT

7571	2021-04-24 18:20	documents-631320621.xlsm 6f72c84993020114d1ff0002d3717498 VirusTotal Malware unpack itself Tofsee DNS		4	2		3.4		4	ZeroCERT

7572	2021-04-24 18:20	documents-634555987.xlsm 14a592b56e28f22cb1405846193b308b VirusTotal Malware Check memory unpack itself Tofsee crashed		4	2		3.2		5	ZeroCERT

7573	2021-04-24 18:22	documents-627949424.xlsm 16a1eca6fb8eb48e67bcfe30beb28dca VirusTotal Malware Check memory unpack itself Tofsee DNS crashed		4	2		3.8		4	ZeroCERT

7574	2021-04-24 18:22	documents-633524133.xlsm a14c32fc53b0c42e12a563838d67526b VirusTotal Malware Check memory unpack itself Tofsee crashed		4	2		3.2		4	ZeroCERT

7575	2021-04-24 20:46	zedd.exe 2d90ea8eb1a32927db2bbbfceb08f6a5 Malicious Packer VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself Windows ComputerName crashed					8.4	M	6	ZeroCERT