Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Score	Zero	VT	Player
8956	2023-09-02 18:28	softtool.exe 94a6c3b42400c62f37c3e09781478ee1 Malicious Library PE File PE32 VirusTotal Malware PDB Remote Code Execution				1.8	M	38	ZeroCERT

8957	2023-09-02 18:27	fast(U)(local-EN)win.url 77642b1a837500d33140f823d248a6d2 AntiDebug AntiVM URL Format VirusTotal Malware Code Injection Malicious Traffic Creates shortcut RWX flags setting unpack itself Windows utilities suspicious process WriteConsoleW Tofsee Windows DNS	4 Keyword trend analysis	1	2	5.6	M	4	ZeroCERT

8958	2023-09-02 18:26	start-of-proccess.lnk 967ce2ea470663c97d40742f982c9914 Generic Malware AntiDebug AntiVM Lnk Format GIF Format VirusTotal Malware Code Injection Creates shortcut suspicious process WriteConsoleW	1 Keyword trend analysis			2.4		5	ZeroCERT

8959	2023-09-02 18:25	lolcaljefosijfoesnofiegoiesgno... 63cdb37e2bf2928a36eafe3705d30284 VirusTotal Malware crashed				0.8		14	ZeroCERT

8960	2023-09-02 15:00	http://208.67.222.222 Downloader Create Service Socket P2P DGA Steal credential Http API Escalate priviledges PWS Hijack Network Sniff Audio HTTP DNS ScreenShot Code injection Internet API persistence FTP KeyLogger AntiDebug AntiVM MSOffice File Malware Code Injection Malicious Traffic RWX flags setting exploit crash unpack itself Windows utilities malicious URLs Tofsee Windows Exploit DNS crashed	1 Keyword trend analysis	1	2	5.2			guest

8961	2023-09-02 14:35	http://baconredirects-elb-1w79... Downloader Create Service Socket P2P DGA Steal credential Http API Escalate priviledges PWS Hijack Network Sniff Audio HTTP DNS ScreenShot Code injection Internet API persistence FTP KeyLogger AntiDebug AntiVM PNG Format MSOffice File JPEG Format Code Injection RWX flags setting exploit crash unpack itself Windows utilities malicious URLs Tofsee Windows Exploit DNS crashed	1 Keyword trend analysis	2	2	4.2			guest

8962	2023-09-02 11:20	http://usercontent.one.webstat... 023d3e80e770dbf44fe122745d4089a7 Downloader Create Service Socket P2P DGA Steal credential Http API Escalate priviledges PWS Hijack Network Sniff Audio HTTP DNS ScreenShot Code injection Internet API persistence FTP KeyLogger AntiDebug AntiVM PNG Format MSOffice File JPEG Format Code Injection RWX flags setting exploit crash unpack itself Windows utilities malicious URLs Tofsee Windows Exploit DNS crashed	1 Keyword trend analysis	2	2	4.2			guest

8963	2023-09-01 23:34	4bb27314c40bc57356f9085ae57804... dd94e1f27b0d590ed9a913b7c913eec1 AntiDebug AntiVM Email Client Info Stealer suspicious privilege Checks debugger Creates shortcut unpack itself installed browsers check Browser Email ComputerName				3.4			guest

8964	2023-09-01 09:21	ghhh.exe 12a844240687cfae8966153da9d10e87 Malicious Library UPX OS Processor Check PE File PE32 Browser Info Stealer RedLine Malware download FTP Client Info Stealer VirusTotal Malware Microsoft suspicious privilege Check memory Checks debugger buffers extracted unpack itself Collect installed applications installed browsers check Stealer Windows Browser ComputerName DNS Cryptographic key Software crashed		1	5	6.2	M	20	ZeroCERT

8965	2023-09-01 09:17	d4360699.exe c44e70f5543625ca259753e5c0919591 Malicious Library UPX OS Processor Check PE File PE32 unpack itself				1.2	M		ZeroCERT

8966	2023-09-01 09:13	PO_88392_Specifications.hta 13c2828f17212f57d0fac282ef771132 AntiDebug AntiVM MSOffice File Code Injection exploit crash unpack itself Windows utilities Tofsee Windows Exploit DNS crashed			2	3.4			ZeroCERT

8967	2023-09-01 09:11	UMR.exe 60301a5126ba6d2e73b867b53ac977de Generic Malware Malicious Library Antivirus UPX ScreenShot KeyLogger AntiDebug AntiVM PE File PE64 OS Processor Check VirusTotal Malware powershell Buffer PE suspicious privilege MachineGuid Code Injection Check memory Checks debugger buffers extracted Creates shortcut unpack itself Disables Windows Security Auto service powershell.exe wrote suspicious process malicious URLs Windows ComputerName Cryptographic key crashed				10.8	M	43	ZeroCERT

8968	2023-09-01 09:10	wagner.rtf ffd0eb0625cb4fef6d482f06628872d2 MS_RTF_Obfuscation_Objects RTF File doc VirusTotal Malware RWX flags setting exploit crash Tofsee Exploit crashed		2	2	2.4	M	33	ZeroCERT

8969	2023-09-01 09:09	k-AMqan907JetwLo8K.exe bf1807ec443b76a12ad675f7cb6bf23a Malicious Library UPX OS Processor Check PE File PE32 Browser Info Stealer RedLine Malware download FTP Client Info Stealer VirusTotal Malware Microsoft suspicious privilege Check memory Checks debugger buffers extracted unpack itself Collect installed applications installed browsers check Stealer Windows Browser ComputerName DNS Cryptographic key Software crashed		1	5	6.2		26	ZeroCERT

8970	2023-09-01 09:07	wwlib aa1188eb63e988676a78adf858d8a887 Malicious Library UPX OS Processor Check DLL PE File PE32 VirusTotal Malware PDB Remote Code Execution				1.4		17	ZeroCERT