Submissions

No Date Request Urls Hosts IDS Rule Score Zero VT Player Etc
8686 2023-11-29 14:30 supstrim.exe  

eace63ea1948f012941dd4a9b3ac3c94


AntiDebug AntiVM PE File PE64 VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself Windows Cryptographic key
7.8 M 49 ZeroCERT

8687 2023-11-29 14:30 microsoftdeletedEdgehistorycac...  

45cc2f78479e7eb29a063a5034a962c5


MS_RTF_Obfuscation_Objects RTF File doc Malware download VirusTotal Malware Malicious Traffic buffers extracted exploit crash unpack itself Windows Exploit DNS crashed
18 18 7 4.8 M 28 ZeroCERT

8688 2023-11-29 14:28 O.ini  

15909167c6a125757e0a931c7c486269


Emotet AgentTesla Malicious Library Malicious Packer UPX PE32 PE File .NET EXE Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware suspicious privilege Check memory Checks debugger unpack itself Check virtual network interfaces IP Check Tofsee Windows Browser Email ComputerName DNS Cryptographic key Software crashed
2 4 5.4 M 49 ZeroCERT

8689 2023-11-29 14:26 strim.exe  

0d1e3266a1bc3b62f0523e10b5170337


PE File PE64 VirusTotal Malware Check memory Checks debugger unpack itself
2.4 M 46 ZeroCERT

8690 2023-11-29 14:24 Klkypmnqw.exe  

6c9f3e248382f389d17d308ad5350d6d


AntiDebug AntiVM PE File PE64 .NET EXE VirusTotal Malware suspicious privilege MachineGuid Code Injection Check memory Checks debugger buffers extracted unpack itself Windows ComputerName Cryptographic key
8.6 M 45 ZeroCERT

8691 2023-11-29 14:23 microsoftEdgedeletedentirehist...  

ad19c30e8fc0f89004a1f960b477707f


MS_RTF_Obfuscation_Objects RTF File doc VirusTotal Malware Malicious Traffic buffers extracted RWX flags setting exploit crash Exploit DNS crashed
1 1 1 4.6 M 36 ZeroCERT

8692 2023-11-29 11:27 wlanext.exe  

eb951bc883b87a58ffa82ab793d7e4b0


.NET framework(MSIL) PWS AntiDebug AntiVM PE32 PE File .NET EXE Browser Info Stealer VirusTotal Malware PDB Code Injection Check memory Checks debugger buffers extracted unpack itself AppData folder suspicious TLD Browser ComputerName DNS
22 18 2 11.2 M 43 ZeroCERT

8693 2023-11-29 11:25 build.exe  

69a2817a41b97ee8f1917646723312bf


Malicious Library UPX PE32 PE File OS Processor Check VirusTotal Malware PDB unpack itself
2.0 M 30 ZeroCERT

8694 2023-11-29 11:25 wlanext.exe  

09b88ab4bf59c36094bafec7a32bafed


Formbook .NET framework(MSIL) PWS AntiDebug AntiVM PE32 PE File .NET EXE Browser Info Stealer VirusTotal Malware PDB Code Injection Check memory Checks debugger buffers extracted unpack itself AppData folder Browser ComputerName DNS
16 24 5 12 10.6 M 35 ZeroCERT

8695 2023-11-29 11:23 wininit.exe  

8ec1ce0895188a09e0f43d999cf34cac


PE32 PE File .NET EXE VirusTotal Malware PDB Check memory Checks debugger unpack itself Windows Cryptographic key
2.6 M 38 ZeroCERT

8696 2023-11-29 11:21 kung.exe  

2b1319e5ae1ed2c33f766c482d2b68e2


Malicious Library UPX PE32 PE File OS Processor Check VirusTotal Malware unpack itself Windows crashed
3.2 M 55 ZeroCERT

8697 2023-11-29 11:19 build.exe  

d013d961e6b71c1d844589c7efef0f36


Malicious Library UPX PE32 PE File OS Processor Check VirusTotal Malware PDB unpack itself
2.0 M 30 ZeroCERT

8698 2023-11-29 00:11 .rels  

69984e911a8e36d7f6eab75bf36c6d01


AntiDebug AntiVM MSOffice File Code Injection RWX flags setting exploit crash unpack itself Windows utilities Windows Exploit DNS crashed
3.8 guest

8699 2023-11-29 00:10 .rels  

69984e911a8e36d7f6eab75bf36c6d01


Downloader Create Service Socket DGA Http API ScreenShot Escalate priviledges Steal credential PWS Hijack Network Sniff Audio HTTP DNS Code injection Internet API persistence FTP KeyLogger P2P AntiDebug AntiVM MSOffice File Code Injection RWX flags setting exploit crash unpack itself Windows utilities malicious URLs Tofsee Windows Exploit DNS crashed
2 4.8 guest

8700 2023-11-29 00:10 [Content_Types].xml  

10720bd1e11273d47d78cc6f2d215894


Downloader Create Service Socket DGA Http API ScreenShot Escalate priviledges Steal credential PWS Hijack Network Sniff Audio HTTP DNS Code injection Internet API persistence FTP KeyLogger P2P AntiDebug AntiVM MSOffice File Code Injection RWX flags setting exploit crash unpack itself Windows utilities malicious URLs Tofsee Windows Exploit DNS crashed
2 4.2 guest