Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Score	Zero	VT	Player
8491	2023-09-19 18:33	HTML.hta f9214c3d4e39b7d7dad6703fd62a5dea Generic Malware Antivirus AntiDebug AntiVM MSOffice File VirusTotal Malware powershell suspicious privilege MachineGuid Code Injection Check memory Checks debugger Creates shortcut exploit crash unpack itself Windows utilities suspicious process Tofsee Windows Exploit ComputerName DNS Cryptographic key crashed	1 Keyword trend analysis		2	7.8	M	11	ZeroCERT

8492	2023-09-19 18:32	2d18413c.exe 05f27d8d2e782012e4abc7b62b19bce7 Malicious Library UPX PE File PE32 OS Processor Check VirusTotal Malware unpack itself				1.4	M	32	ZeroCERT

8493	2023-09-19 18:15	winrar-x64-623.hta eaca14cc7d8933f7876ae1b8373679bc AntiDebug AntiVM MSOffice File VirusTotal Malware Code Injection RWX flags setting exploit crash unpack itself Windows utilities Tofsee Windows Exploit DNS crashed			2	4.4		15	ZeroCERT

8494	2023-09-19 18:15	WinRar.hta f5ab8d63e1e276dcec448620ac5c83a8 AntiDebug AntiVM MSOffice File VirusTotal Malware Code Injection RWX flags setting exploit crash unpack itself Windows utilities Tofsee Windows Exploit DNS crashed			2	4.6		20	ZeroCERT

8495	2023-09-19 18:15	updater.exe 95c3df5b6840fc840c329011aa1a1afd Ave Maria WARZONE RAT Generic Malware Malicious Library UPX Downloader Malicious Packer Antivirus PE File PE32 OS Processor Check DLL PE64 Malware download AveMaria NetWireRC VirusTotal Malware powershell AutoRuns suspicious privilege MachineGuid Code Injection Check memory Checks debugger buffers extracted WMI Creates shortcut Creates executable files unpack itself Windows utilities powershell.exe wrote suspicious process AppData folder WriteConsoleW Firewall state off human activity check Tofsee Windows RAT ComputerName Remote Code Execution DNS Cryptographic key DDNS	1 Keyword trend analysis	6	4	12.8	M	63	ZeroCERT

8496	2023-09-19 18:06	UDG.vbs d72f9497eb6dd687d2ed170aea09c985 Generic Malware Antivirus Hide_URL PowerShell VirusTotal Malware powershell suspicious privilege Check memory Checks debugger buffers extracted Creates shortcut unpack itself Check virtual network interfaces suspicious process WriteConsoleW Tofsee Windows ComputerName Cryptographic key	3 Keyword trend analysis	3	1	9.0		7	ZeroCERT

8497	2023-09-19 18:06	TiWorker.hta 641f5cc1f7858be8774ec7dc33948914 Generic Malware Antivirus AntiDebug AntiVM VirusTotal Malware powershell suspicious privilege MachineGuid Code Injection Check memory Checks debugger Creates shortcut RWX flags setting unpack itself Windows utilities powershell.exe wrote suspicious process Windows ComputerName Cryptographic key	1 Keyword trend analysis			7.2		13	ZeroCERT

8498	2023-09-19 18:06	Readme.hta 96a3850e5ed18978a1cd70ec0af6b4fb AntiDebug AntiVM MSOffice File VirusTotal Malware Code Injection RWX flags setting exploit crash unpack itself Windows utilities Tofsee Windows Exploit DNS crashed			2	4.4		17	ZeroCERT

8499	2023-09-19 17:58	dl.exe 7f0896a41cb033b9b9892db59dad9d54 Malicious Library UPX PE File PE64 OS Processor Check VirusTotal Malware				1.0	M	7	ZeroCERT

8500	2023-09-19 17:56	Vvdsupbjet.exe 5ca8de5b7c87d36341f0578a03615aee email stealer Downloader Escalate priviledges PWS DNS Code injection persistence KeyLogger AntiDebug AntiVM PE File PE32 .NET EXE VirusTotal Malware Buffer PE AutoRuns suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself Windows DNS Cryptographic key crashed		1		12.0	M	47	ZeroCERT

8501	2023-09-19 17:54	nellyzx.exe 768519b9acde8cf0fb5d43e0ffdbbfd4 Formbook .NET framework(MSIL) AntiDebug AntiVM PE File PE32 .NET EXE FormBook Malware download VirusTotal Malware PDB suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted unpack itself	2 Keyword trend analysis	4	1	8.4	M	31	ZeroCERT

8502	2023-09-19 17:53	file.exe bfc61a1de75ca4ef9671609a6ac9f514 Malicious Library UPX PE File PE32 OS Processor Check VirusTotal Malware unpack itself DNS		1		2.0	M	30	ZeroCERT

8503	2023-09-19 17:52	obizx.exe 0a5cc75ce0f06f4333b57414146eb14c .NET framework(MSIL) PWS SMTP KeyLogger AntiDebug AntiVM PE File PE32 .NET EXE Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware PDB suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself Check virtual network interfaces IP Check Tofsee Windows Browser Email ComputerName DNS Software crashed keylogger		2	4	11.6	M	34	ZeroCERT

8504	2023-09-19 17:51	qqdownloadftnv5.xls a0939fe019485426ee55b070d62b7352 VBA_macro Generic Malware PWS ScreenShot KeyLogger AntiDebug AntiVM MSOffice File VirusTotal Malware Code Injection unpack itself				3.2	M	48	ZeroCERT

8505	2023-09-19 17:51	arinzezx.exe c723224047bd5faa0430b2707e784dde .NET framework(MSIL) PWS SMTP KeyLogger AntiDebug AntiVM PE File PE32 .NET EXE Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware PDB suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself Check virtual network interfaces Tofsee Browser Email ComputerName Software crashed		2	2	11.4	M	29	ZeroCERT