Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Score	Zero	VT	Player
7921	2021-05-07 11:43	o2.exe 5f1de1b48258ba6f813ceda56967aa7c Antivirus SMTP KeyLogger AntiDebug AntiVM .NET EXE PE File PE32 Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware powershell AutoRuns suspicious privilege Code Injection Check memory Checks debugger buffers extracted Creates shortcut unpack itself Disables Windows Security powershell.exe wrote suspicious process WriteConsoleW Windows Browser Email ComputerName Cryptographic key Software crashed keylogger				15.8	M	20	ZeroCERT

7922	2021-05-07 11:45	ster.exe 5cef87c65c9a2545eb8c9151a5fa1e1d PE64 OS Processor Check PE File VirusTotal Malware ComputerName				1.6	M	13	ZeroCERT

7923	2021-05-07 12:18	cred.dll 95cf3fb1bee9a2cf50d999142e6b6b4c PWS Loki[b] Loki[m] DLL PE File PE32 FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware Malicious Traffic Check memory Checks debugger unpack itself Email Remote Code Execution DNS Software	1 Keyword trend analysis	1	1	5.6	M	38	ZeroCERT

7924	2021-05-07 12:18	20201117.rar bdfa523e5a06c417e30f0daecb6215f3 DLL PE File PE32 VirusTotal Malware Checks debugger unpack itself crashed				2.6	M	51	ZeroCERT

7925	2021-05-07 12:20	obi.exe 2a2ea12a3be49a9237c9fcd2094f5ea9 Malicious Packer .NET EXE PE File PE32 VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger unpack itself DNS				5.6	M	27	ZeroCERT

7926	2021-05-07 12:23	ktrl.exe 6c77a3dc9459bf6356d08dc9d29498a6 Antivirus SMTP KeyLogger AntiDebug AntiVM .NET EXE PE File PE32 Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware powershell AutoRuns suspicious privilege Code Injection Check memory Checks debugger buffers extracted Creates shortcut unpack itself Disables Windows Security powershell.exe wrote suspicious process AppData folder WriteConsoleW Windows Browser Email ComputerName DNS Cryptographic key Software crashed keylogger				16.2	M	20	ZeroCERT

7927	2021-05-07 12:25	akon.exe 0690de55a2a4081dd2ebc1f658bba4da PWS .NET framework Malicious Library AntiDebug AntiVM .NET EXE PE File PE32 VirusTotal Malware PDB suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted unpack itself malicious URLs Tofsee Windows DNS Cryptographic key	2 Keyword trend analysis	2	4	10.0	M	32	ZeroCERT

7928	2021-05-07 14:49	msoffice.exe 4834277170bcb025809c6bcd8c967bc2 Malicious Library OS Processor Check PE File PE32 VirusTotal Malware unpack itself Remote Code Execution				2.2	M	36	r0d

7929	2021-05-10 12:21	BankStatement009810.xlsb 4bedb6631269e591cdfe5c981cd4d219 VBA_macro VirusTotal Malware unpack itself Tofsee	1 Keyword trend analysis	2	2	3.2	M	27	ZeroCERT

7930	2021-05-10 12:21	scr.dll 8fb5cc19a4b3784c602be19efe34555c Amadey DLL PE File PE32 JPEG Format VirusTotal Malware Malicious Traffic Checks debugger buffers extracted unpack itself Remote Code Execution DNS	1 Keyword trend analysis	1	1	4.2	M	51	ZeroCERT

7931	2021-05-11 07:38	Mcnzurtic.exe 6989acbd9d6104b59fdbf6cb0473cd35 AsyncRAT backdoor AgentTesla SMTP KeyLogger AntiDebug AntiVM .NET EXE PE File PE32 Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware suspicious privilege Malicious Traffic Check memory Checks debugger unpack itself Check virtual network interfaces malicious URLs IP Check Tofsee Windows Browser Email ComputerName DNS Cryptographic key DDNS Software crashed	2 Keyword trend analysis	4	4	8.8	M	31	ZeroCERT

7932	2021-05-11 08:44	한국사_교과서(smdv).js 9ea397a03f2e5f3b0bfbd8f70f9f82cd VirusTotal Malware DNS				1.0		4	ZeroCERT

7933	2021-05-11 09:00	한국사_교과서(smdv).js 9ea397a03f2e5f3b0bfbd8f70f9f82cd AntiDebug AntiVM MSOffice File VirusTotal Malware Code Injection RWX flags setting exploit crash unpack itself Windows utilities Tofsee Windows Exploit DNS crashed			2	4.2		4	ZeroCERT

7934	2021-05-11 09:10	HxYnDK2UQPV8rvj.exe 0e5fbe4c8041060dec2d52de04503c44 AsyncRAT backdoor PWS .NET framework Malicious Library .NET EXE PE File PE32 VirusTotal Malware Check memory Checks debugger unpack itself Windows DNS Cryptographic key crashed				2.8		16	ZeroCERT

7935	2021-05-11 09:10	ALXxGkCQUwQUkab.exe 3bde41238c5520477847ab69aa014366 AsyncRAT backdoor PWS .NET framework Malicious Library .NET EXE PE File PE32 VirusTotal Malware PDB Check memory Checks debugger unpack itself Windows Cryptographic key				3.4	M	23	ZeroCERT