Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Score	Zero	VT	Player
8701	2023-09-12 17:05	hell.exe b78af5ee929ecb939ecd3bbb7a09996e RedLine Infostealer RedLine stealer UPX .NET framework(MSIL) Confuser .NET PE File .NET EXE PE32 OS Processor Check Browser Info Stealer RedLine Malware download FTP Client Info Stealer VirusTotal Malware Microsoft suspicious privilege Check memory Checks debugger buffers extracted unpack itself Collect installed applications installed browsers check Stealer Windows Browser ComputerName DNS Cryptographic key Software crashed		1	5	6.2	M	41	ZeroCERT

8702	2023-09-12 10:04	4d5a_1.exe 4e34b4531e08ee1f415386edad449217 AsyncRAT Malicious Library UPX .NET framework(MSIL) Malicious Packer PE File .NET EXE PE32 OS Processor Check Malware download AsyncRAT NetWireRC Malware DNS DDNS		2	3	0.4			ZeroCERT

8703	2023-09-12 10:02	4d5a_2.exe 2c61a7034a9263db96813262f0dffb80 .NET DLL DLL PE File PE32 VirusTotal Malware				0.6		16	ZeroCERT

8704	2023-09-12 09:48	.rree.txt.ps1 306cf48dd8c776f68b0f37b1570283c9 Generic Malware Antivirus powershell AutoRuns suspicious privilege Check memory Checks debugger Creates shortcut Creates executable files unpack itself Windows utilities suspicious process WriteConsoleW Windows ComputerName Cryptographic key				7.4	M		ZeroCERT

8705	2023-09-12 09:19	dv4o7f8.exe 86aec1d77c3b004c38d5ee246499728c Malicious Library UPX ScreenShot AntiDebug AntiVM PE File PE32 OS Processor Check VirusTotal Malware Buffer PE PDB Code Injection buffers extracted unpack itself Firmware crashed				7.8	M	44	ZeroCERT

8706	2023-09-12 09:17	O0o0oo000O0O0O0o0O0o0O0Oo0o000... cb17a5b6698940f8e13a982a99d7a8d8 MS_RTF_Obfuscation_Objects RTF File doc Vulnerability VirusTotal Malware Malicious Traffic RWX flags setting exploit crash Exploit DNS crashed	1 Keyword trend analysis	1	3	4.0		29	ZeroCERT

8707	2023-09-12 09:16	Klodina_Sadiku_Tax_2022.js 52ecb81fed4ad669d45c90f7b856fc93 Generic Malware Antivirus VirusTotal Malware powershell suspicious privilege Check memory Checks debugger Creates shortcut unpack itself suspicious process WriteConsoleW Windows ComputerName Cryptographic key	2 Keyword trend analysis			5.2		1	ZeroCERT

8708	2023-09-12 09:15	cryptnobaa.exe 41bdf3bbb8d27902f5f22e9b5a88a25b Malicious Library UPX ASPack PE File PE64 OS Processor Check VirusTotal Malware MachineGuid Check memory Checks debugger unpack itself Check virtual network interfaces		1		2.6		12	ZeroCERT

8709	2023-09-12 09:13	IE_Cache.hta e8fa112b91c1297187713059d481f0c8 Generic Malware Antivirus AntiDebug AntiVM PowerShell VirusTotal Malware powershell suspicious privilege MachineGuid Code Injection Check memory Checks debugger Creates shortcut RWX flags setting unpack itself Windows utilities powershell.exe wrote suspicious process Windows ComputerName Cryptographic key	1 Keyword trend analysis			7.2		16	ZeroCERT

8710	2023-09-12 09:12	WUDFHost.hta fc03281320e21c988773e1c2f8389d0f Generic Malware Antivirus Hide_URL AntiDebug AntiVM PowerShell VirusTotal Malware powershell suspicious privilege MachineGuid Code Injection Check memory Checks debugger buffers extracted Creates shortcut RWX flags setting unpack itself Windows utilities powershell.exe wrote Check virtual network interfaces suspicious process WriteConsoleW Tofsee Windows ComputerName Cryptographic key	3 Keyword trend analysis	3	1	10.6		13	ZeroCERT

8711	2023-09-12 07:50	o0o0o0ooio0oio0io0i0oOIO0OI0OI... 5cec67a92cedeec575d4e5e2f82e3b69 MS_RTF_Obfuscation_Objects RTF File doc Vulnerability VirusTotal Malware Malicious Traffic RWX flags setting exploit crash Tofsee Exploit DNS crashed	2 Keyword trend analysis	4	5 Info ET POLICY Possible HTA Application Download ET INFO Dotted Quad Host HTA Request ET EXPLOIT SUSPICIOUS Possible CVE-2017-0199 IE7/NoCookie/Referer HTA dl ET EXPLOIT MSXMLHTTP Download of HTA (Observed in CVE-2017-0199) SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	4.0		29	ZeroCERT

8712	2023-09-12 07:46	igucc.exe 919f4ad18943cbfbaa1d5f4555b37808 NSIS Suspicious_Script_Bin Malicious Library UPX PE File PE32 DLL VirusTotal Malware Check memory Creates shortcut Creates executable files unpack itself AppData folder Windows DNS crashed		1		4.6		24	ZeroCERT

8713	2023-09-12 07:44	WUDFHost.exe 12cd1835961c603957c2a740689664b1 Browser Login Data Stealer Generic Malware Malicious Library UPX Downloader Malicious Packer ScreenShot AntiDebug AntiVM PE File PE32 OS Processor Check Browser Info Stealer Remcos VirusTotal Email Client Info Stealer Malware suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted unpack itself AntiVM_Disk sandbox evasion VM Disk Size Check installed browsers check Windows Browser Email ComputerName DNS DDNS keylogger	1 Keyword trend analysis	4	3	11.6	M	58	ZeroCERT

8714	2023-09-12 07:41	WUDFHost.exe 43d6aa62427fda7e63d503d069c22f63 Malicious Library PE File PE32 VirusTotal Malware PDB				1.8		47	ZeroCERT

8715	2023-09-12 07:41	igucc.exe 35951704bf97c135fec65cca9bc2e1c1 NSIS Suspicious_Script_Bin Malicious Library UPX PE File PE32 DLL VirusTotal Malware Check memory Creates shortcut Creates executable files unpack itself AppData folder Windows crashed				4.2		34	ZeroCERT