Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Rule	Score	Zero	VT	Player
9286	2023-10-27 07:38	EasySup.exe 0630254696658572f31b822013f00a6a Malicious Library UPX Malicious Packer MPRESS PE File PE32 OS Processor Check URL Format PE64 VirusTotal Malware Malicious Traffic DNS crashed	1 Keyword trend analysis	1			3.4		32	ZeroCERT

9287	2023-10-27 07:38	202.exe 7102d2f457071b2c66c6c0ec3035ae7e Malicious Library UPX Malicious Packer PE File PE32 OS Processor Check Browser Info Stealer Malware download VirusTotal Malware Cryptocurrency wallets Cryptocurrency Malicious Traffic Check memory buffers extracted unpack itself Collect installed applications sandbox evasion installed browsers check Ransomware Lumma Stealer Browser ComputerName Firmware	1 Keyword trend analysis	3	2		7.8		31	ZeroCERT

9288	2023-10-27 03:58	main.js dda272d9991575c784d93deca75a14d8 crashed					0.2			guest

9289	2023-10-27 00:09	winrar-x64-700b1.exe ec258c62501e30c84217db59cd156e84 Emotet Gen1 Malicious Library UPX Malicious Packer Antivirus PE File PE64 OS Processor Check CHM Format DLL PE32 VirusTotal Malware PDB Check memory Creates executable files RWX flags setting unpack itself Remote Code Execution					2.8		2	guest

9290	2023-10-26 17:40	setup.exe 8a22c4b4e8b911a51322dfd78fe799c4 Themida Packer PE File PE64 VirusTotal Malware unpack itself Windows crashed					3.0	M	48	ZeroCERT

9291	2023-10-26 17:22	VIBINVES.vbs 0b92e010b599dc8280e4ab32c1ed02ed Generic Malware Antivirus PowerShell VirusTotal Malware powershell suspicious privilege Check memory Checks debugger buffers extracted Creates shortcut unpack itself Check virtual network interfaces suspicious process WriteConsoleW Tofsee Windows ComputerName Cryptographic key	3 Keyword trend analysis	3	1		9.0		2	ZeroCERT

9292	2023-10-26 17:21	HTMLcachesIE.vbs b70068430fab03962b3fe2d15588c894 Generic Malware Antivirus PowerShell VirusTotal Malware powershell suspicious privilege Check memory Checks debugger buffers extracted Creates shortcut unpack itself Check virtual network interfaces suspicious process WriteConsoleW Tofsee Windows ComputerName Cryptographic key	3 Keyword trend analysis	3	1		8.4		1	ZeroCERT

9293	2023-10-26 17:20	privateexploiteveningFile.vbs 5dc2c5a74a18f3b1e8d24101e8bac3cc Generic Malware Antivirus PowerShell VirusTotal Malware powershell suspicious privilege Check memory Checks debugger buffers extracted Creates shortcut unpack itself Check virtual network interfaces suspicious process WriteConsoleW Tofsee Windows ComputerName Cryptographic key	3 Keyword trend analysis	3	1		8.4		1	ZeroCERT

9294	2023-10-26 17:19	sbinzx.exe fc8b3a3005cdc80ce19af33a57010fa8 Formbook .NET framework(MSIL) PWS AntiDebug AntiVM PE File PE32 .NET EXE FormBook Malware download VirusTotal Malware PDB suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted unpack itself	2 Keyword trend analysis	6	1		9.2	M	24	ZeroCERT

9295	2023-10-26 17:16	pvtHTMLbroswer.dOC 541a8be00b26a27ed851731d47a0ae31 MS_RTF_Obfuscation_Objects RTF File doc VirusTotal Malware VBScript Malicious Traffic exploit crash unpack itself Tofsee Exploit DNS crashed	2 Keyword trend analysis	4	2		4.2	M	30	ZeroCERT

9296	2023-10-26 17:16	autolog.exe 5a7848fdbc0ca7bab05257e730497197 Formbook NSIS Malicious Library UPX PE File PE32 FormBook Malware download VirusTotal Malware suspicious privilege Malicious Traffic Check memory Creates executable files unpack itself	3 Keyword trend analysis Info http://www.sarthaksrishticreation.com/sy22/?tZUT=++s7hqRnDFs/g5YbNhmDQGydnZIcmR65wuKS6+wpOQxc/+r74UhYv08VjUB0PTEo7NuOximl&9r48E=FdC4E0Y - rule_id: 35905 http://www.dryadai.com/sy22/?tZUT=T4nku/U6fUoiT4V699ActYtDMjyavvK02m+fxEC1q0+DSMs1WUMajGSqA4Kum2DGC179VQvP&9r48E=FdC4E0Y - rule_id: 36541 http://www.sunspotplumbing.com/sy22/?tZUT=d6AqkGJ7bunbgmizHHRyxSnS+cE7N+DoqWC4nPxnpUsdFYm3pr534s62tX1C6jkDEl4YnzCY&9r48E=FdC4E0Y - rule_id: 36914	7	1	3	4.2	M	48	ZeroCERT

9297	2023-10-26 17:16	audiodgse.exe 699b84a4a3c73a574bc51f461ad209db .NET framework(MSIL) AntiDebug AntiVM PE File PE32 .NET EXE Browser Info Stealer VirusTotal Malware PDB suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself AppData folder Browser	16 Keyword trend analysis Info http://www.bradslinkard.com/oqhk/?bako0dX=N4ucd4g4l1dZ2qGFTw7idyXvyaW+Ee16SQSADc8X19YTlucSrBjmFKf/w61t+cVDZF+Cv3nXd37ImMhdkLLkqGCWD7dYz7Y/PDlK8E0=&greuv=_l0UeH-j http://www.mantap89.online/oqhk/?bako0dX=S2m6rfkUSom5w0b7Ipxh2DNk1m9IPJXz3fqcnXIby6Ndme1p43G34NGcdGAoCpYc86T+rPxS+KXiNPcERtIPtWsYq4ye6AkIsFSj9I4=&greuv=_l0UeH-j http://www.sqlite.org/2018/sqlite-dll-win32-x86-3250000.zip http://www.lesresort.shop/oqhk/ http://www.bradslinkard.com/oqhk/ http://www.sqlite.org/2017/sqlite-dll-win32-x86-3180000.zip http://www.sqlite.org/2018/sqlite-dll-win32-x86-3230000.zip http://www.lesresort.shop/oqhk/?bako0dX=ff4ZaO4z0LwhFY634jl7gcCh+ZETZf8CF+luNTd+hEDA5tqtaOX6gCfC+V0Se8kHkKwe9I+4UGuDQOYQqBkPDKNc7C4IxytBHGBC2MU=&greuv=_l0UeH-j http://www.viteview.com/oqhk/?bako0dX=eG34oexJxfnLxzWwFjfA8qxnzIyhxwbIg0NkFT4wXzFcXqEyizbaCmhnbj96/dF1qfqKIUS0mD3JGP9hvWi/zxGK9PvSMu57UFl2s1E=&greuv=_l0UeH-j http://www.hotelunivers84.com/oqhk/ http://www.sqlite.org/2021/sqlite-dll-win32-x86-3350000.zip http://www.mantap89.online/oqhk/ http://www.hotelunivers84.com/oqhk/?bako0dX=ny2+kNq0TTwUQoT+yWcRsV0rrofOZAprZEjYBUSORFlkl7yyw3wHAwikv9M/XIb7Vb9CydmgU81jxMUJpZZfGxmCA4effnpQvUqRpws=&greuv=_l0UeH-j http://www.dulcestipicos.madrid/oqhk/ http://www.viteview.com/oqhk/ http://www.dulcestipicos.madrid/oqhk/?bako0dX=/ThYvMNrvRucvt4J1E9RqsGocIgAqtVW1h5dNoGQzRAGxYBOFkp+4ID6/OO1Kr6OXXhhFgVnaqvWabqpbYkKzr+Ho2WxC82XWJdkzHw=&greuv=_l0UeH-j	14 Info www.hotelunivers84.com(38.60.119.195) www.viteview.com(91.195.240.19) www.mantap89.online(104.21.68.166) www.yektakhodro.com(94.130.16.79) www.dulcestipicos.madrid(217.76.128.47) www.lesresort.shop(195.24.68.17) www.bradslinkard.com(192.64.119.8) 91.195.240.19 - mailcious 217.76.128.47 - mailcious 192.64.119.8 38.60.119.195 195.24.68.17 45.33.6.223 172.67.196.229 - phishing	1		11.4	M	43	ZeroCERT

9298	2023-10-26 17:14	updates_installer.exe 898cb4fca84ad5e7009d15b2ec04f3a6 UPX Malicious Library Http API ScreenShot Internet API AntiDebug AntiVM PE File PE32 .NET EXE OS Processor Check DLL Browser Info Stealer Malware download VirusTotal Malware Cryptocurrency wallets Cryptocurrency PDB Code Injection Malicious Traffic Check memory Checks debugger buffers extracted Creates executable files unpack itself Windows utilities Collect installed applications suspicious process AppData folder sandbox evasion WriteConsoleW installed browsers check Tofsee Ransomware Lumma Stealer Windows Browser ComputerName Firmware Cryptographic key	1 Keyword trend analysis	4	4		15.8		34	ZeroCERT

9299	2023-10-26 17:14	teste2.jpg e41099316a6272c73e80c90972c3203e Generic Malware Admin Tool (Sysinternals etc ...) Malicious Library UPX Antivirus AntiDebug AntiVM PE File PE32 .NET EXE DLL OS Processor Check VirusTotal Malware powershell AutoRuns PDB suspicious privilege Code Injection Check memory Checks debugger buffers extracted Creates shortcut Creates executable files unpack itself Windows utilities powershell.exe wrote suspicious process AppData folder WriteConsoleW Windows ComputerName DNS Cryptographic key DDNS crashed		2	1		14.2	M	26	ZeroCERT

9300	2023-10-26 17:12	HTMLcacheIEsession.dOC 55588a5b96ec028485a99a5bcd648d0e MS_RTF_Obfuscation_Objects RTF File doc VirusTotal Malware exploit crash unpack itself Tofsee Exploit crashed		2	3		2.8	M	30	ZeroCERT