Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Score	Zero	VT	Player
7741	2023-10-13 08:45	Setup.exe 635da4ec16e32532e4e1f6919dad1df3 Malicious Library UPX PE File PE64 OS Processor Check VirusTotal Malware PDB IP Check ComputerName DNS	1 Keyword trend analysis	51 Info ip-api.com(208.95.112.1) 64.26.60.153 104.21.50.138 172.67.129.18 - mailcious 185.208.164.106 172.67.181.113 172.67.140.52 104.26.0.82 104.26.12.244 172.67.148.35 - phishing 172.67.142.169 172.67.134.134 104.21.68.7 - mailcious 172.67.173.200 - mailcious 104.21.1.213 88.198.0.105 104.20.55.214 34.174.61.199 104.21.73.229 - mailcious 193.57.67.4 172.67.201.26 23.227.38.74 - mailcious 172.67.198.26 - phishing 104.21.76.140 193.231.236.124 185.63.228.45 172.67.70.22 46.242.233.27 104.26.10.81 141.193.213.20 - malware 172.67.150.80 - mailcious 104.21.27.205 - mailcious 208.95.112.1 172.67.33.252 186.230.14.42 104.21.92.170 104.21.55.151 - mailcious 104.26.2.124 172.67.209.11 - mailcious 103.54.250.99 104.21.77.146 172.67.212.131 172.67.199.57 172.67.193.133 200.40.52.151 80.147.223.166 83.56.13.220 81.22.97.159 104.21.79.166 76.223.54.146 172.67.156.49 - mailcious	1	4.0	M	5	ZeroCERT

7742	2023-10-13 08:41	svchost.exe c9abc0932559d7ecced02a9125acea05 Malicious Library UPX Malicious Packer PE File PE64 OS Processor Check VirusTotal Malware unpack itself crashed				1.8	M	13	ZeroCERT

7743	2023-10-13 08:41	owenzx.exe 47ea784b5aa582da550a12add7ccd74d PE File PE32 .NET EXE VirusTotal Malware PDB Check memory Checks debugger unpack itself DNS		3		3.2	M	47	ZeroCERT

7744	2023-10-13 08:40	stub.exe 7267c31ceaa3b35c96494360402a4788 Generic Malware Malicious Library UPX Malicious Packer PE File PE64 OS Processor Check Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware Telegram MachineGuid Windows utilities Tofsee Ransomware Windows Browser Email DNS Software crashed		85 Info clysma.com() actmin.com() api.telegram.org(149.154.167.220) 173.205.126.33 - mailcious 61.200.81.21 35.231.13.148 - mailcious 95.174.22.233 - mailcious 103.6.198.176 76.74.184.61 - mailcious 54.69.120.26 207.211.30.242 194.143.194.23 - mailcious 3.33.130.190 - phishing 195.128.140.29 - mailcious 34.224.10.110 - mailcious 185.230.63.107 - phishing 86.105.245.69 - mailcious 52.194.155.172 164.132.175.106 - mailcious 113.20.24.100 198.185.159.144 - mailcious 89.161.136.188 - mailcious 164.92.82.47 27.0.174.59 - mailcious 79.96.32.254 - mailcious 216.239.34.21 - mailcious 157.7.107.49 - malware 124.150.141.167 15.197.142.173 - mailcious 91.220.211.163 - mailcious 13.56.33.8 - mailcious 104.21.6.168 - mailcious 202.59.4.2 49.12.155.123 3.33.243.145 93.188.2.51 - malware 13.248.169.48 - mailcious 145.239.5.159 216.46.129.162 103.112.69.92 156.251.140.23 160.80.6.36 202.94.166.30 - mailcious 76.223.54.146 104.21.76.140 52.20.84.62 - mailcious 208.100.26.245 - phishing 110.173.135.226 76.223.35.103 - mailcious 199.34.228.78 - mailcious 65.52.128.33 - malware 104.21.46.148 79.96.161.192 31.15.12.103 - mailcious 89.161.163.246 - mailcious 85.128.55.51 - mailcious 153.126.211.112 - mailcious 205.149.134.32 - mailcious 62.122.170.171 92.42.191.40 46.242.238.60 - mailcious 192.124.249.9 - mailcious 35.214.171.193 83.223.113.46 - mailcious 93.189.66.202 - mailcious 75.2.70.75 - mailcious 5.134.4.115 - mailcious 154.201.225.123 192.124.249.15 - mailcious 198.49.23.145 - mailcious 192.124.249.13 - mailcious 192.124.249.12 - mailcious 91.201.52.102 149.154.167.220 185.33.216.22 3.64.163.50 - mailcious 76.223.27.102 211.1.226.67 77.72.4.226 - mailcious 157.7.107.38 - mailcious 195.201.246.38 178.249.70.75 - mailcious 133.125.38.187 - mailcious 177.73.143.59 185.230.63.186 - mailcious	4	6.6	M	10	ZeroCERT

7745	2023-10-13 08:39	ansi.exe ca838ae291296ed4c06535f48a35bf32 Malicious Library UPX PE File PE32 OS Processor Check VirusTotal Malware unpack itself				1.8	M	43	ZeroCERT

7746	2023-10-13 08:36	audiodgse.exe 6f78ea4133f958f8f064071729a12c3b PE File PE32 .NET EXE VirusTotal Malware PDB Check memory Checks debugger unpack itself				2.2	M	23	ZeroCERT

7747	2023-10-13 05:58	NMemo1Setp.exe f12aa4983f77ed85b3a618f7656807c2 Confuser .NET PE File PE32 .NET EXE VirusTotal Malware MachineGuid Check memory Checks debugger unpack itself Check virtual network interfaces Tofsee Ransomware DNS		3	3	3.8	M	59	guest

7748	2023-10-13 04:24	NMemo1Setp.exe f12aa4983f77ed85b3a618f7656807c2 Confuser .NET PE File PE32 .NET EXE VirusTotal Malware MachineGuid Check memory Checks debugger unpack itself Check virtual network interfaces Tofsee Ransomware DNS		3	3	3.8	M	59	guest

7749	2023-10-13 01:05	Password_ps1.txt 975d7d238a824cf37893450cc62d2b9f AntiDebug AntiVM MSOffice File Code Injection RWX flags setting exploit crash unpack itself Windows utilities Windows Exploit DNS crashed				3.8			guest

7750	2023-10-13 01:05	Password_dll.txt 21567881b3d5d574a5ef76c7bda521dc Downloader Create Service Socket DGA Http API ScreenShot Escalate priviledges Steal credential PWS Hijack Network Sniff Audio HTTP DNS Code injection Internet API persistence FTP KeyLogger P2P AntiDebug AntiVM MSOffice File Code Injection RWX flags setting exploit crash unpack itself Windows utilities malicious URLs Tofsee Windows Exploit DNS crashed			2	4.8			guest

7751	2023-10-13 01:05	LBB_PS1_pass.ps1 f9407d83dea3626282b5fbbb9127c7dc Generic Malware task schedule Downloader Antivirus Socket DGA Http API ScreenShot Escalate priviledges PWS SMTP DNS KeyLogger Create Service Steal credential Sniff Audio HTTP Code injection Internet API persistence FTP P2P AntiDebug AntiVM Check memory unpack itself malicious URLs WriteConsoleW Windows Cryptographic key crashed				2.6			guest

7752	2023-10-13 01:04	Password_exe.txt 0bfc8082533654edacb07337a575b119 Downloader Create Service Socket DGA Http API ScreenShot Escalate priviledges Steal credential PWS Hijack Network Sniff Audio HTTP DNS Code injection Internet API persistence FTP KeyLogger P2P AntiDebug AntiVM MSOffice File Code Injection RWX flags setting exploit crash unpack itself Windows utilities malicious URLs Tofsee Windows Exploit DNS crashed			2	4.2			guest

7753	2023-10-13 01:04	LBB_Rundll32.dll cf9b606e14c2a720052da5d84e22bd9b BlackMatter Ransomware PE File DLL PE32				0.6			guest

7754	2023-10-13 01:03	LBB_PS1_obfuscated.ps1 e3c6fb29f3bea55756031a6571215cb9 Generic Malware Antivirus Check memory unpack itself Windows Cryptographic key				0.8			guest

7755	2023-10-13 01:03	LBB_PS1.ps1 9e1efd43fcb4cde660f44c7dde33c673 Generic Malware Antivirus Check memory unpack itself Windows Cryptographic key				0.8			guest