Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Score	Zero	VT	Player
8191	2023-09-27 13:33	documentblur.exe 5fac40a82226f46504aef22f79233ad7 XWorm WebCam KeyLogger AntiDebug AntiVM PE File PE32 .NET EXE VirusTotal Malware AutoRuns suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself Windows utilities suspicious process AntiVM_Disk VM Disk Size Check Windows ComputerName Cryptographic key keylogger				11.4	M	50	r0d

8192	2023-09-27 13:22	documentblur.exe 5fac40a82226f46504aef22f79233ad7 XWorm WebCam KeyLogger AntiDebug AntiVM PE File PE32 .NET EXE VirusTotal Malware AutoRuns suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself Windows utilities suspicious process AntiVM_Disk VM Disk Size Check Windows ComputerName Cryptographic key keylogger				11.4	M	50	r0d

8193	2023-09-27 10:55	9Z.pdf.lnk 3d2651a982fff4f68e6cef1f94ce5ee4 Generic Malware UPX AntiDebug AntiVM GIF Format Lnk Format PE File DLL PE64 OS Processor Check IcedID Malware download Malware Code Injection Malicious Traffic Checks debugger buffers extracted Creates shortcut suspicious process WriteConsoleW Windows DNS	2 Keyword trend analysis	3	5	4.0			ZeroCERT

8194	2023-09-27 10:54	KMWC.pdf.lnk 878ac1ae23f72d11af4239c8d86f3f65 Generic Malware UPX AntiDebug AntiVM GIF Format Lnk Format PE File DLL PE64 OS Processor Check IcedID Malware download Malware Code Injection Malicious Traffic Checks debugger buffers extracted Creates shortcut unpack itself suspicious process WriteConsoleW Windows DNS	2 Keyword trend analysis	3	5	4.4			ZeroCERT

8195	2023-09-27 10:54	ST3.pdf.lnk f2dee7265c1d540d0701faa3e1797902 Generic Malware AntiDebug AntiVM GIF Format Lnk Format Code Injection Creates shortcut ICMP traffic Windows utilities suspicious process WriteConsoleW Windows DNS	1 Keyword trend analysis	1		4.8			ZeroCERT

8196	2023-09-27 10:41	tienphouk.pdf.lnk a71d17ba96e1ee0d9f024535858e7b3d Generic Malware Antivirus AntiDebug AntiVM GIF Format Lnk Format VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger Creates shortcut unpack itself suspicious process WriteConsoleW Windows ComputerName Cryptographic key	1 Keyword trend analysis			4.2		18	ZeroCERT

8197	2023-09-27 10:41	Payload.lnk 43efb83e1d56e903d06ed74df2a5f859 Generic Malware AntiDebug AntiVM GIF Format Lnk Format VirusTotal Malware Code Injection Creates shortcut suspicious process WriteConsoleW Windows	1 Keyword trend analysis	2		5.2		30	ZeroCERT

8198	2023-09-27 10:41	ntp.doc.lnk 10a485b8c65306f6e992e68ab96bd6b6 Generic Malware AntiDebug AntiVM GIF Format Lnk Format VirusTotal Malware Code Injection Creates shortcut suspicious process WriteConsoleW Windows	1 Keyword trend analysis	2		5.0		23	ZeroCERT

8199	2023-09-27 10:07	3ntp.docx.lnk 10f3245bc055a7e6eec1bedd7d12e711 Generic Malware task schedule Downloader Create Service Socket P2P DGA Steal credential Http API Escalate priviledges PWS Sniff Audio HTTP DNS ScreenShot Code injection Internet API FTP KeyLogger AntiDebug AntiVM GIF Format Lnk Format VirusTotal Malware Code Injection Malicious Traffic Check memory Checks debugger Creates shortcut unpack itself suspicious process WriteConsoleW Windows DNS	1 Keyword trend analysis	1	4	6.2	M	29	ZeroCERT

8200	2023-09-27 10:06	INVOICE.lnk 1066f5ad77cc1f7aadcb6685567b806c Generic Malware Antivirus AntiDebug AntiVM GIF Format Lnk Format powershell suspicious privilege Code Injection Check memory Checks debugger Creates shortcut unpack itself suspicious process WriteConsoleW Windows ComputerName Cryptographic key	1 Keyword trend analysis			4.2			ZeroCERT

8201	2023-09-27 10:04	new.ps1 1e4270b46727180cc7533843a128d7d9 Generic Malware Antivirus unpack itself WriteConsoleW Windows Cryptographic key	1 Keyword trend analysis			0.8			ZeroCERT

8202	2023-09-27 10:04	bazila.hta 085f5a95ff83ee0a711882dfbd5b0d1b Emotet Gen1 Generic Malware Antivirus Malicious Library UPX AntiDebug AntiVM PowerShell MSOffice File PE File PE32 DllRegisterServer dll OS Processor Check Malware powershell suspicious privilege MachineGuid Code Injection Malicious Traffic Check memory Checks debugger buffers extracted heapspray Creates shortcut Creates executable files exploit crash unpack itself Windows utilities powershell.exe wrote Check virtual network interfaces suspicious process AppData folder Tofsee Windows Exploit ComputerName DNS Cryptographic key crashed	1 Keyword trend analysis	4	4	14.0			ZeroCERT

8203	2023-09-27 10:01	d98ecac34d79d3cf31e2fa504b327f... d98ecac34d79d3cf31e2fa504b327ff3 Malicious Library UPX Antivirus .NET framework(MSIL) Malicious Packer PE File PE32 .NET EXE OS Processor Check AsyncRAT VirusTotal Malware Check memory Checks debugger unpack itself				2.0		48	ZeroCERT

8204	2023-09-27 09:59	84c28541e9f2bdd1d7b5d3858c3199... 84c28541e9f2bdd1d7b5d3858c319972 njRAT backdoor PE File PE32 .NET EXE VirusTotal Malware WriteConsoleW DNS DDNS		2	2	2.8		62	ZeroCERT

8205	2023-09-27 09:59	usertp.exe 638a7f41333819c3b0aa03e6f6aca90c Malicious Library UPX Antivirus .NET framework(MSIL) Malicious Packer PE File PE32 .NET EXE OS Processor Check AsyncRAT VirusTotal Malware Check memory Checks debugger unpack itself				2.0		55	ZeroCERT