Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Score	Zero	VT	Player
8356	2021-05-26 17:48	edjpx01.zip 78b7c12458b63f284b2b0b4386351ddd VirusTotal Malware DNS				1.4		22	ZeroCERT

8357	2021-05-26 17:49	Lammer.exe 49545f0af79ded22054bfd851bb3d864 .NET EXE PE File PE32 VirusTotal Malware Check memory Checks debugger Creates executable files unpack itself WriteConsoleW DNS DDNS		2	1	5.8		36	ZeroCERT

8358	2021-05-26 17:50	vbc.exe 893f73e3c8296eb13964494da6157511 AsyncRAT backdoor PWS .NET framework Malicious Library SMTP KeyLogger AntiDebug AntiVM .NET EXE PE File PE32 VirusTotal Malware PDB suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself Windows ComputerName DNS Cryptographic key crashed				9.4	M	7	ZeroCERT

8359	2021-05-26 17:53	bmw1.exe e566e9b44e24135623225c6626391307 PE File OS Processor Check PE32 VirusTotal Malware PDB unpack itself Windows DNS crashed				2.8	M	20	ZeroCERT

8360	2021-05-26 17:57	vbc.exe 9fda9bae06e1705bc0baafb7ae723257 Malicious Packer PE File PE32 VirusTotal Malware Check memory RWX flags setting unpack itself				2.0	M	37	r0d

8361	2021-05-26 17:57	0BwVRYsmMqnmVek1UbU9tQnRjS28 d9b498a75f204feb90dbe7e6da25ea11							ZeroCERT

8362	2021-05-27 07:50	Zaplata.exe 4fd2df0f767d5db670bc28f9fff6b1f4 PE File OS Processor Check PE32 Browser Info Stealer VirusTotal Malware PDB Browser				1.8		46	ZeroCERT

8363	2021-05-27 09:03	PO 7080027.xls f1fcca46fd7af3f90aa67654250e7a05 VBA_macro MSOffice File VirusTotal Malware ICMP traffic unpack itself Tofsee	10 Keyword trend analysis Info https://bellaloveboutique.com/wp-content/themes/salient/includes/partials/tgTzKdqzGivuZ9.php https://forwei.com/image/cache/data/Varios/Cables/0YGwrERy.php https://surustore.com/image/cache/catalog/demo/banners/h0dD8T2aNRz.php https://ootashop.com/catalog/language/ar/extension/captcha/Iz40CaCFx.php https://bycec.in/wp-includes/js/tinymce/plugins/charmap/1MRWRA8z2S2Ajv.php https://marcoislandguidebook.com/wp-includes/js/tinymce/plugins/charmap/xltGrJWiK.php https://labrie-sabette.com/wp-includes/sodium_compat/namespaced/Core/ChaCha20/gp5yHrBp.php https://brandsites.gunwebhosting.com.au/site/wp-includes/Text/Diff/Engine/eUhebviTSOzDZ.php https://dinratnews.net/wp-content/uploads/2020/05/thumbnails/brCyRumj.php https://enlazador.com.es/wp-content/themes/twentynineteen/sass/blocks/mLrfH3gL5MqmI.php	20 Info marcoislandguidebook.com(192.185.79.55) brandsites.gunwebhosting.com.au(122.201.118.64) ootashop.com(199.188.205.57) forwei.com(217.160.0.5) - mailcious labrie-sabette.com(173.230.252.50) - mailcious enlazador.com.es(51.77.67.181) surustore.com(192.158.238.23) dinratnews.net(103.237.38.215) bycec.in(208.91.198.106) bellaloveboutique.com(107.180.58.44) 122.201.118.64 51.77.67.181 217.160.0.5 - malware 192.158.238.23 107.180.58.44 - mailcious 103.237.38.215 - mailcious 173.230.252.50 - mailcious 199.188.205.57 208.91.198.106 - malware 192.185.79.55 - mailcious	4	4.0	M	20	ZeroCERT

8364	2021-05-27 09:18	Document%20777622.xls a7b63000938bbeb31722acac4a96b004 VBA_macro MSOffice File VirusTotal Malware unpack itself Tofsee	10 Keyword trend analysis Info https://supereclinica.com.br/gestor/ckfinder/plugins/fileeditor/codemirror/Mad1mAVF6Vla1IY.php https://www.ktateeb.vision-building.com/public/graph/uploads/200x300/content_images/CByVubhIO51.php https://smtp.computeraccess.co.in/8Lj6KntHS.php https://donboscoschoolbd.com/fdoMMqJznv.php https://coeniglich.de/oVWjOr1Z3Z.php https://bypuzzle.com.br/avada/wp-content/themes/twentyfifteen/css/5clwWvDJgRsTKvW.php https://proterra.med.br/wp-includes/js/tinymce/themes/advanced/Zg1TbiK17uVn.php https://agentsv2.ivm.mv/user_guide/_static/css/rjWMenNTq.php https://clinicasaludmasculina.com/phone/css/AvGj1IrWszA5cUW.php https://bonsventosnautica.com.br/xhpxAHxeWeE6lH3.php	19 Info supereclinica.com.br(162.241.203.185) - mailcious donboscoschoolbd.com(138.201.27.66) - mailcious proterra.med.br(192.185.217.211) - mailcious smtp.computeraccess.co.in(192.185.154.138) - mailcious coeniglich.de(172.104.152.37) - mailcious clinicasaludmasculina.com(192.185.131.33) - mailcious bonsventosnautica.com.br(162.241.203.116) - mailcious agentsv2.ivm.mv(192.185.36.231) - mailcious www.ktateeb.vision-building.com() bypuzzle.com.br(192.185.215.103) - mailcious 192.185.131.33 - malware 192.185.217.211 - mailcious 138.201.27.66 - mailcious 192.185.36.231 - mailcious 162.241.203.185 - malware 192.185.215.103 - mailcious 162.241.203.116 - mailcious 192.185.154.138 - mailcious 172.104.152.37 - mailcious	4	2.8		20	ZeroCERT

8365	2021-05-27 09:18	covid.exe a7a8c3e6b8854ab03b71a5b128d7b9ce Malicious Library DNS AntiDebug AntiVM .NET EXE PE File PE32 Buffer PE suspicious privilege MachineGuid Code Injection Check memory Checks debugger buffers extracted unpack itself Windows utilities suspicious process WriteConsoleW human activity check Windows ComputerName DNS DDNS		2		13.6			ZeroCERT

8366	2021-05-27 09:20	vbc.exe 81fbda3909166d5283aa85295b8c3394 AsyncRAT backdoor PWS .NET framework Malicious Library .NET EXE PE File OS Processor Check PE32 VirusTotal Malware Check memory Checks debugger unpack itself Windows Cryptographic key				2.2		27	ZeroCERT

8367	2021-05-27 09:20	file23.exe 4c9bb1adf101943c077c224a224ed490 PE64 PE File VirusTotal Malware unpack itself DNS				3.0		13	ZeroCERT

8368	2021-05-27 09:54	file19.exe 131296e016a70ea67760fa6eec3dca8f Anti_VM PE File PE32 VirusTotal Malware unpack itself Checks Bios Detects VirtualBox Detects VMWare VMware anti-virtualization Tofsee Windows Firmware DNS crashed	2 Keyword trend analysis	2	1	5.8	M	38	ZeroCERT

8369	2021-05-27 09:56	file1.exe a21e5912c536d5fde51b5269bcfb356b PE File OS Processor Check PE32 VirusTotal Malware PDB unpack itself crashed				2.0	M	22	ZeroCERT

8370	2021-05-27 09:56	z9rNC7mJo4hH 24c28c9b3777b278fb4f05fbd7241a16 VBA_macro MSOffice File Vulnerability VirusTotal Malware Malicious Traffic unpack itself DNS	6 Keyword trend analysis Info http://everhappen.com/wp-content/ja/ http://susumiller.com/wp-admin/1/ http://leadercleverinvestissement.com/wp-admin/Ud/ http://www.leadercleverinvestissement.com/wp-admin/Ud/ http://laladiwanchandmodernwrestlingandyogacentre.com/wp-content/yuI/ http://kavensports.com/wp-includes/o/	14 Info susumiller.com(91.195.240.13) - malware kavensports.com(173.212.251.233) - malware laladiwanchandmodernwrestlingandyogacentre.com(68.66.226.86) - malware wordpress-330097-1043717.cloudwaysapps.com() www.leadercleverinvestissement.com(46.182.4.120) everhappen.com(165.22.107.214) - malware leadercleverinvestissement.com(46.182.4.120) - malware ec2-52-56-233-157.eu-west-2.compute.amazonaws.com(52.56.233.157) - malware 68.66.226.86 - malware 91.195.240.13 - phishing 46.182.4.120 - malware 52.56.233.157 - malware 165.22.107.214 - malware 173.212.251.233 - mailcious		5.0	M	43	ZeroCERT