Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Rule	Score	Zero	Player
8911	2023-11-14 17:27	cl.exe 2b7f57acb70c816b7d1f4dd6adf7a708 UPX PE File PE64 .NET EXE unpack itself Windows Remote Code Execution crashed					2.4	M	ZeroCERT

8912	2023-11-14 17:25	software.exe 2b0ca4edd1b9b7c6c627798503e9805f UPX Malicious Library PWS Anti_VM AntiDebug AntiVM PE32 PE File .NET EXE OS Processor Check PNG Format DLL Browser Info Stealer Malware download FTP Client Info Stealer Malware PDB suspicious privilege Code Injection Check memory Checks debugger buffers extracted WMI Creates executable files unpack itself Windows utilities Collect installed applications Check virtual network interfaces AppData folder installed browsers check SectopRAT Windows Browser Backdoor ComputerName Remote Code Execution DNS Cryptographic key Software crashed		1	1		15.0	M	ZeroCERT

8913	2023-11-14 17:25	secondumma.exe 4a160637f5d25483b11a823ca58c93a9 Malicious Library UPX PE32 PE File OS Processor Check unpack itself Remote Code Execution					1.0	M	ZeroCERT

8914	2023-11-14 17:23	is.exe 16ef8b5b3fe9fcca6b37396f264f74f7 Malicious Library UPX PWS SMTP AntiDebug AntiVM PE32 PE File OS Processor Check Browser Info Stealer RedLine Malware download FTP Client Info Stealer Malware Microsoft suspicious privilege Code Injection Check memory Checks debugger buffers extracted WMI unpack itself Collect installed applications installed browsers check Stealer Windows Browser ComputerName DNS Cryptographic key Software crashed		1	4		11.6	M	ZeroCERT

8915	2023-11-14 17:22	Purchase_Order_N°055-05623pdf.... 36502252e6844b5881d0f7d216a49626 .NET framework(MSIL) PE32 PE File .NET EXE PDB Check memory Checks debugger unpack itself					1.4		ZeroCERT

8916	2023-11-14 17:21	PO..exe 897c78d5b9c1bf368fbfbb4f33c9caaf Client SW User Data Stealer Backdoor RemcosRAT browser info stealer Generic Malware Google Chrome User Data Downloader .NET framework(MSIL) Antivirus Create Service Socket ScreenShot Escalate priviledges PWS Sniff Audio DNS Internet API KeyLogger AntiDebu powershell AutoRuns PDB suspicious privilege Code Injection Check memory Checks debugger buffers extracted Creates shortcut unpack itself Windows utilities powershell.exe wrote suspicious process WriteConsoleW Windows ComputerName DNS Cryptographic key DDNS keylogger		2	1		12.4		ZeroCERT

8917	2023-11-14 17:19	fridayexploit.hta d4970c65d0fc813816a54460705705cc AgentTesla Generic Malware Antivirus KeyLogger AntiDebug AntiVM PowerShell Malware powershell suspicious privilege MachineGuid Code Injection Malicious Traffic Check memory Checks debugger buffers extracted heapspray Creates shortcut RWX flags setting unpack itself Windows utilities powershell.exe wrote Check virtual network interfaces suspicious process WriteConsoleW Tofsee Windows Exploit ComputerName Cryptographic key	3 Keyword trend analysis	4	2	2	13.8	M	ZeroCERT

8918	2023-11-14 14:53	HtaieBrowserhistorycleanercach... 8a8ad36f9aba5977a145a338be170265 MS_RTF_Obfuscation_Objects RTF File doc Vulnerability Malware Malicious Traffic buffers extracted exploit crash unpack itself Tofsee Exploit crashed	3 Keyword trend analysis	4	4	1	3.0	M	ZeroCERT

8919	2023-11-14 08:11	Allergy_Test_Results.pdf.exe a8b48d2e9a3d042a28001d46923f03e7 UPX PWS SMTP AntiDebug AntiVM PE32 PE File .NET EXE Code Injection Check memory Checks debugger buffers extracted unpack itself Windows DNS Cryptographic key		1			7.8	M	ZeroCERT

8920	2023-11-14 08:08	latestmar.exe 5e2d0831dae832def43705bc89220040 NPKI HermeticWiper Generic Malware Suspicious_Script NSIS Malicious Library UPX Antivirus Malicious Packer Admin Tool (Sysinternals etc ...) Anti_VM Javascript_Blob PE32 PE File .NET EXE PNG Format JPEG Format OS Processor Check ZIP Format icon BMP Format Malware Check memory Checks debugger Creates executable files unpack itself AppData folder AntiVM_Disk VM Disk Size Check Ransomware Windows crashed					7.6	M	ZeroCERT

8921	2023-11-14 08:08	taskeng.exe 8cd79908aa72e2f763392a9fe45b46db Malicious Library UPX PE32 PE File OS Processor Check WMI ComputerName					1.0	M	ZeroCERT

8922	2023-11-14 08:06	WinSCP-6.1.2-Setup.exe 17c8b1be1c8c7812785bbb6defd10b87 Malicious Library UPX PE32 PE File OS Processor Check unpack itself Windows DNS crashed		1			2.2	M	ZeroCERT

8923	2023-11-14 08:05	ummanew.exe 57e0cde42e1f91a39c73cdb17f48f03e Generic Malware NSIS Malicious Library UPX Antivirus Malicious Packer Admin Tool (Sysinternals etc ...) Anti_VM PE32 PE File .NET EXE PNG Format OS Processor Check ZIP Format JPEG Format BMP Format CHM Format DLL icon PE64 CAB MZP Format MSOffice File Wor Malware Check memory Checks debugger Creates executable files unpack itself AppData folder AntiVM_Disk VM Disk Size Check Ransomware Windows DNS crashed		1			7.2	M	ZeroCERT

8924	2023-11-14 08:04	TrueCrypt_tvCfZF.exe 95357230a99689a58f8d89c1acdc6bf2 Generic Malware Malicious Library Malicious Packer UPX PE File PE64 crashed					0.6	M	ZeroCERT

8925	2023-11-14 08:04	traffico.exe f1510fe47cc99552fcf94ddf5dc7a615 Malicious Library Malicious Packer PE32 PE File Browser Info Stealer RedLine Malware download FTP Client Info Stealer Malware Microsoft suspicious privilege Check memory Checks debugger buffers extracted unpack itself Collect installed applications installed browsers check Stealer Windows Browser ComputerName DNS Cryptographic key Software crashed		1	4		5.0	M	ZeroCERT