Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Rule	Score	Zero	VT	Player
8896	2023-09-05 08:42	fotod780.exe c438ccb5facbc06a480f86f9a868287c Gen1 Emotet Malicious Library UPX CAB PE File PE32 AutoRuns PDB Check memory Creates executable files unpack itself Windows utilities suspicious process AntiVM_Disk WriteConsoleW VM Disk Size Check Windows Remote Code Execution					4.2	M		ZeroCERT

8897	2023-09-05 08:41	ORDER.js 70e483ab51c94cd2318fb5cb0de989fd Malicious Library UPX ZIP Format DLL PE File PE32 OS Processor Check VirusTotal Malware AutoRuns Check memory buffers extracted Creates executable files RWX flags setting unpack itself Windows utilities Check virtual network interfaces suspicious process AppData folder suspicious TLD Windows Java ComputerName DNS crashed	1 Keyword trend analysis	9	3	1	10.0	M	28	ZeroCERT

8898	2023-09-05 08:41	O0O0O0O0O0000o00000oo0000000%2... db249d5ebadd33900aa4d59303d53200 MS_RTF_Obfuscation_Objects RTF File doc Vulnerability VirusTotal Malware Malicious Traffic exploit crash unpack itself Tofsee Exploit DNS crashed	2 Keyword trend analysis	4	4		4.0	M	29	ZeroCERT

8899	2023-09-05 08:39	docu_o090099.url 1a21439ba0c25f3f8378b522b7bfdbe3 AntiDebug AntiVM URL Format Vulnerability VirusTotal Malware Code Injection Malicious Traffic unpack itself Windows utilities Tofsee Windows Exploit DNS	2 Keyword trend analysis	4	4		4.0		1	ZeroCERT

8900	2023-09-05 08:36	invoice-102131.html bf144f6c2447db451d66d8d4917f680f AntiDebug AntiVM MSOffice File Code Injection exploit crash unpack itself Windows utilities Tofsee Windows Exploit DNS crashed			2		3.4			ZeroCERT

8901	2023-09-05 08:36	OBRJPNIWfH.html 2c6430631f5aa5dfc4ce9788f95c238b AntiDebug AntiVM MSOffice File Code Injection exploit crash unpack itself Windows utilities Windows Exploit DNS crashed					3.4			ZeroCERT

8902	2023-09-05 08:36	77.pdf 7ddcbc65baca69173e41c8681deca383 PDF Suspicious Link PDF	1 Keyword trend analysis				1.0			ZeroCERT

8903	2023-09-05 08:36	FAX_20230728_9257373703_209.ht... beb30419455b27cdc5d053f7aa0643e5 AntiDebug AntiVM MSOffice File Code Injection exploit crash unpack itself Windows utilities Tofsee Windows Exploit DNS crashed			2		3.4			ZeroCERT

8904	2023-09-05 08:34	DhfPsdwMGG.html d6a01f4966bba0e30f3ab8c492c013f6 AntiDebug AntiVM MSOffice File Code Injection exploit crash unpack itself Windows utilities Windows Exploit DNS crashed					3.4			ZeroCERT

8905	2023-09-05 08:34	bLzVqypJrU.html fe078216cb1ca00f4878fda69d11692a AntiDebug AntiVM MSOffice File Code Injection exploit crash unpack itself Windows utilities Tofsee Windows Exploit DNS crashed			2		3.4			ZeroCERT

8906	2023-09-05 08:34	auth.html 48702aa2c044f951e2b491a7f4989168 AntiDebug AntiVM MSOffice File Code Injection RWX flags setting exploit crash unpack itself Windows utilities Tofsee Windows Exploit DNS crashed			2		3.8			ZeroCERT

8907	2023-09-05 03:20	http://api2.hcaptcha.com Downloader Create Service Socket P2P DGA Steal credential Http API Escalate priviledges PWS Hijack Network Sniff Audio HTTP DNS ScreenShot Code injection Internet API persistence FTP KeyLogger AntiDebug AntiVM PNG Format MSOffice File JPEG Format Code Injection RWX flags setting exploit crash unpack itself Windows utilities malicious URLs Tofsee Windows Exploit DNS crashed	2 Keyword trend analysis	2	2		4.2			guest

8908	2023-09-04 18:26	국세청 종합소득세 해명자료 제출 안내.hwp.lnk... 6f5e4b45ca0d8c1128d27a15421eea38 Generic Malware HWP PS PostScript Malicious Library Antivirus AntiDebug AntiVM Lnk Format GIF Format PowerShell MSOffice File PE File PE32 JPEG Format ZIP Format Malware download VirusTotal Malware Campaign powershell AutoRuns suspicious privilege MachineGuid Code Injection Malicious Traffic Check memory Checks debugger WMI Creates shortcut Creates executable files unpack itself Windows utilities Check virtual network interfaces suspicious process AntiVM_Disk WriteConsoleW VM Disk Size Check Konni Windows ComputerName DNS Cryptographic key	2 Keyword trend analysis	5	2		13.8		10	ZeroCERT

8909	2023-09-04 18:16	4500167469.exe fbbaf2b90ebad84ef5251ddbdb22612e Malicious Library UPX OS Processor Check PE File PE32 VirusTotal Malware unpack itself					2.2		33	ZeroCERT

8910	2023-09-04 17:15	gusan.exe 2b245ca7b7a91f0945275b6e77190e05 Malicious Library UPX AntiDebug AntiVM OS Processor Check PE File PE32 DLL VirusTotal Malware PDB Code Injection unpack itself suspicious process AppData folder Remote Code Execution					3.6	M	29	ZeroCERT