Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Score	Zero	VT	Player
7606	2021-04-27 07:36	ChIxV8ffRiFmEyg.exe fe6f9b6a8165ee515b270d316fca5f6d PWS .NET framework Malicious Library AsyncRAT backdoor VirusTotal Malware suspicious privilege Check memory Checks debugger unpack itself Windows DNS Cryptographic key crashed				3.8		21	ZeroCERT

7607	2021-04-27 07:44	PAa4O8FlG6VW063.exe b1149708e8e0bbe6d4c5817e3a14eed6 PWS .NET framework Malicious Library AsyncRAT backdoor VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself Windows utilities suspicious process WriteConsoleW Windows ComputerName DNS Cryptographic key crashed				11.6		22	ZeroCERT

7608	2021-04-27 07:46	nZ2hezPMXoxnZ1b.exe b698654db1dc5754e6e44cdfe5fa86c5 PWS .NET framework Malicious Library AsyncRAT backdoor VirusTotal Malware suspicious privilege Check memory Checks debugger unpack itself Windows DNS Cryptographic key crashed				4.0	M	34	ZeroCERT

7609	2021-04-27 08:00	ZyL7yM4Z6je3A8K.exe 9463178c1032fb981519b41b9de5b476 PWS .NET framework Malicious Library AsyncRAT backdoor VirusTotal Malware suspicious privilege Check memory Checks debugger unpack itself Windows DNS Cryptographic key				3.6		20	ZeroCERT

7610	2021-04-27 08:00	AGcjf4hZF7GWTYa.exe b3e1928a79fc2870037070e4910be463 PWS .NET framework Malicious Library AsyncRAT backdoor VirusTotal Malware suspicious privilege Check memory Checks debugger unpack itself Windows Cryptographic key				3.0		29	ZeroCERT

7611	2021-04-27 08:03	Wzze3eSA4thdJZc.exe daec9c824832ffc25734efb3fb4512e0 PWS .NET framework Malicious Library AsyncRAT backdoor VirusTotal Malware suspicious privilege Check memory Checks debugger unpack itself Windows Cryptographic key				3.2	M	30	ZeroCERT

7612	2021-04-27 08:05	RAUjORNtrpBMaXE.exe 7bb6c716a6119de0949bd18feabf492d PWS .NET framework Malicious Library AsyncRAT backdoor VirusTotal Malware suspicious privilege Check memory Checks debugger unpack itself Windows DNS Cryptographic key				4.6	M	28	ZeroCERT

7613	2021-04-27 08:05	https://p8hj.blogspot.com/p/44... 5b0175dd30bd407af2915d017f1f4e90 Antivirus VirusTotal Malware Code Injection Creates executable files RWX flags setting exploit crash unpack itself Windows utilities Tofsee Windows Exploit DNS crashed	27 Keyword trend analysis Info https://resources.blogblog.com/blogblog/data/1kt/simple/gradients_light.png https://p8hj.blogspot.com/favicon.ico https://resources.blogblog.com/blogblog/data/1kt/simple/body_gradient_tile_light.png https://fonts.googleapis.com/css?family=Open+Sans:300 https://www.blogger.com/static/v1/widgets/1564291244-widgets.js https://ssl.gstatic.com/gb/images/p1_c9bc74a1.png https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmWUlfBBc-.woff https://www.google-analytics.com/analytics.js https://www.blogger.com/static/v1/v-css/281434096-static_pages.css https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxM.woff https://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UN_r8OUuhv.woff https://accounts.google.com/ServiceLogin?continue=https://www.blogger.com/blogin.g?blogspotURL%3Dhttps://p8hj.blogspot.com/p/44.html%26type%3Dblog%26bpli%3D1&followup=https://www.blogger.com/blogin.g?blogspotURL%3Dhttps://p8hj.blogspot.com/p/44.html%26type%3Dblog%26bpli%3D1&passive=true&go=true https://www.google.com/css/maia.css https://www.gstatic.com/images/branding/googlelogo/svg/googlelogo_clr_74x24px.svg https://fonts.googleapis.com/css?lang=ko&family=Product+Sans\|Roboto:400,700 https://www.blogger.com/img/blogger-logotype-color-black-1x.png https://www.blogger.com/dyn-css/authorization.css?targetBlogID=3922155243674983324&zx=8a61e2f3-37c8-4d3a-8fe4-f6b29f03e618 https://www.blogger.com/static/v1/jsbin/3101730221-analytics_autotrack.js https://www.blogger.com/blogin.g?blogspotURL=https://p8hj.blogspot.com/p/44.html&type=blog https://www.gstatic.com/og/_/js/k=og.qtm.en_US.3gGou_DPQGQ.O/rt=j/m=q_d,qawd,qmd,qsd,qmutsd,qapid/exm=qaaw,qabr,qadd,qaid,qalo,qebr,qein,qhaw,qhbr,qhch,qhga,qhid,qhin,qhlo,qhmn,qhpc,qhpr,qhsf,qhtt/d=1/ed=1/rs=AA2YrTuZTrLZ4SHM1gfcCFFxdZIZ-5oj0Q https://www.blogger.com/blogin.g?blogspotURL=https%3A%2F%2Fp8hj.blogspot.com%2Fp%2F44.html&type=blog&bpli=1 https://www.blogger.com/static/v1/jsbin/1277698886-ieretrofit.js https://apis.google.com/_/scs/abc-static/_/js/k=gapi.gapi.en.jcYff4gdSOQ.O/m=gapi_iframes,googleapis_client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_CvAHQybwQAZJQL2tdeysMj0HgHw/cb=gapi.loaded_0 https://www.blogger.com/static/v1/widgets/115981500-css_bundle_v2.css https://resources.blogblog.com/img/icon18_wrench_allbkg.png https://p8hj.blogspot.com/p/44.html https://www.gstatic.com/og/_/ss/k=og.qtm.IkH5OKdqKO4.L.I9.O/m=qawd,qmd/excm=qaaw,qabr,qadd,qaid,qalo,qebr,qein,qhaw,qhbr,qhch,qhga,qhid,qhin,qhlo,qhmn,qhpc,qhpr,qhsf,qhtt/d=1/ed=1/ct=zgms/rs=AA2YrTt8q6VIKYZCBV2SKDFkL7YCc5evsA	22 Info fonts.googleapis.com(172.217.26.42) resources.blogblog.com(216.58.220.105) www.google.com(142.250.196.132) www.gstatic.com(142.250.196.99) ssl.gstatic.com(172.217.174.99) accounts.google.com(216.58.197.173) www.google-analytics.com(172.217.25.238) fonts.gstatic.com(216.58.220.131) apis.google.com(172.217.26.46) p8hj.blogspot.com(172.217.25.97) www.blogger.com(216.58.220.105) 142.250.204.141 216.58.199.1 172.217.161.142 172.217.24.78 172.217.161.138 216.58.200.73 142.250.204.68 172.217.174.195 142.250.66.73 142.250.66.67 142.250.204.67	2	4.6			ZeroCERT

7614	2021-04-27 08:07	nB41BIelTsP4FLI.exe dadffda4bf041605a5230e8d4b623115 PWS .NET framework Malicious Library AsyncRAT backdoor VirusTotal Malware suspicious privilege Check memory Checks debugger unpack itself Windows DNS Cryptographic key				3.6	M	26	ZeroCERT

7615	2021-04-27 09:13	JNhUwWi6 1f76d9e2358dcba1670b35ce61d7bd96 Antivirus VirusTotal Malware powershell suspicious privilege MachineGuid Code Injection Check memory Checks debugger Creates shortcut unpack itself Windows utilities powershell.exe wrote Check virtual network interfaces suspicious process Tofsee Windows ComputerName Cryptographic key	1 Keyword trend analysis	2	1	7.8		7	ZeroCERT

7616	2021-04-27 09:14	JNhUwWi6.html 1f76d9e2358dcba1670b35ce61d7bd96 Antivirus VirusTotal Malware powershell suspicious privilege MachineGuid Code Injection Check memory Checks debugger Creates shortcut unpack itself Windows utilities powershell.exe wrote Check virtual network interfaces suspicious process Tofsee Windows ComputerName DNS Cryptographic key	1 Keyword trend analysis	2	1	8.4		7	guest

7617	2021-04-27 09:15	ashleyx.scr 778deeb02865595a94ac7d745dd066f9 AsyncRAT backdoor VirusTotal Malware Malicious Traffic Check memory Checks debugger unpack itself Check virtual network interfaces ComputerName DNS crashed	1 Keyword trend analysis	2	1	3.2		29	ZeroCERT

7618	2021-04-27 09:47	tgix.exe e9f9ad8c275d3dc6e61424fdffec51d0 Malicious Library VirusTotal Malware suspicious privilege Check memory Checks debugger unpack itself DNS				3.2		17	ZeroCERT

7619	2021-04-27 09:47	africax.exe 753875f7180e853377d6cdcb247f8625 PWS .NET framework Loki Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware suspicious privilege MachineGuid Code Injection Check memory Checks debugger buffers extracted unpack itself malicious URLs installed browsers check Browser Email ComputerName Software		2		13.0	M	21	ZeroCERT

7620	2021-04-27 09:49	ALL.TXT 52552b7037fd640317f7d2de1b854288 VirusTotal Malware Check memory unpack itself DNS				2.2		12	ZeroCERT