Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Rule	Score	Zero	VT	Player
9376	2023-10-23 12:18	adyfriday.vbs 288d724f6234e9a79e54451391e158fe Generic Malware Antivirus PWS KeyLogger AntiDebug AntiVM PowerShell Browser Info Stealer VirusTotal Email Client Info Stealer Malware powershell suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted Creates shortcut unpack itself Check virtual network interfaces suspicious process WriteConsoleW Tofsee EXPLOIT_KIT Windows Exploit Browser Email ComputerName DNS Cryptographic key crashed	2 Keyword trend analysis	3	2		16.0	M	3	ZeroCERT

9377	2023-10-23 12:18	droidwednesdayyyFile.vbs c6cc9287c08464bfe297be623543d72d Generic Malware Antivirus PowerShell VirusTotal Malware powershell suspicious privilege Check memory Checks debugger buffers extracted Creates shortcut unpack itself Check virtual network interfaces suspicious process WriteConsoleW Tofsee Windows ComputerName Cryptographic key	2 Keyword trend analysis	2	1		8.6		4	ZeroCERT

9378	2023-10-23 12:18	abyx.vbs a4b27b7143e37f8c1c3d038e22fab7e5 Generic Malware Antivirus PowerShell VirusTotal Malware powershell suspicious privilege Check memory Checks debugger buffers extracted Creates shortcut unpack itself Check virtual network interfaces suspicious process WriteConsoleW Tofsee Windows ComputerName Cryptographic key	2 Keyword trend analysis	2	1		8.8		17	ZeroCERT

9379	2023-10-23 09:43	audiodgse.exe df247bbfaf91dbe0da4d79a04cfb5ca3 Formbook NSIS Malicious Library UPX PE File PE32 FormBook Malware download VirusTotal Malware suspicious privilege Malicious Traffic Check memory Creates executable files unpack itself	4 Keyword trend analysis Info http://www.jizihao1.com/sy22/?GVW8=3PKlaCPIzU4vEpSTCliM62U/p7q8/wgFKC2xum1ddk3IfpDEo7oK1Mr0Jaw/Go0sFzx2J7Yb&uzuD=Zld0rPDHNj - rule_id: 36544 http://www.displayfridges.fun/sy22/?GVW8=aXg/rmbVwlFwwtnhCbViqZ1yX+MILNYt2xJKgyzLKbDp+5cOMXOnKyz8SWn7ESolc4/lQPeb&uzuD=Zld0rPDHNj - rule_id: 37104 http://www.podplugca.com/sy22/?GVW8=1SbEEVOB0X5p51zw8Y9tIyj0s4wRGWDD/YTF5BQf3aGuyUlv8rzVEk4tRHrNdM/Dikld30uR&uzuD=Zld0rPDHNj - rule_id: 36546 http://www.qixservice.online/sy22/?GVW8=VBKd4i1TBAeTlYBnm9tWLCP4ww2vn+XVFOQPMnsW4AFxqlBX+KApyR5y0aXQ0sSyxSIvT0ne&uzuD=Zld0rPDHNj - rule_id: 35938	8	1	4	4.2	M	45	ZeroCERT

9380	2023-10-23 09:42	fra.exe ba3cc252387fd4f90201c371bd3e0190 Generic Malware Malicious Library UPX Malicious Packer PE File PE32 OS Processor Check Browser Info Stealer RedLine Malware download VirusTotal Malware Microsoft suspicious privilege Check memory Checks debugger buffers extracted unpack itself Collect installed applications WriteConsoleW installed browsers check Stealer Windows Browser ComputerName DNS Cryptographic key crashed		1	4		5.8	M	48	ZeroCERT

9381	2023-10-23 09:36	chungzx.exe 1471855e22fc3165fffc6e371bc01feb Client SW User Data Stealer Backdoor RemcosRAT browser info stealer Downloader Google Chrome User Data .NET framework(MSIL) Create Service Socket DGA Http API ScreenShot Escalate priviledges Steal credential PWS Sniff Audio HTTP DNS Code injection Interne VirusTotal Malware Buffer PE AutoRuns PDB suspicious privilege Code Injection Check memory Checks debugger buffers extracted Creates executable files unpack itself Windows utilities WriteConsoleW Windows					10.8	M	54	ZeroCERT

9382	2023-10-23 09:33	ca.exe 3963c955a34f058077d9010e4950c9b7 Generic Malware Malicious Library UPX Malicious Packer PE File PE32 OS Processor Check Browser Info Stealer RedLine Malware download VirusTotal Malware Microsoft suspicious privilege Check memory Checks debugger buffers extracted unpack itself Collect installed applications installed browsers check Stealer Windows Browser ComputerName DNS Cryptographic key crashed		1	4		5.6	M	51	ZeroCERT

9383	2023-10-23 09:31	HTMLcachies.dOC e8277a6ee73ffeb63f76e8343e1ac5e4 MS_RTF_Obfuscation_Objects RTF File doc VirusTotal Malware VBScript Malicious Traffic RWX flags setting exploit crash Tofsee Exploit DNS crashed	1 Keyword trend analysis	3	2		4.2	M	34	ZeroCERT

9384	2023-10-23 09:31	Aviso%20de%20Pago_Banco%20BCP_... 6f9a2815395092a00026fb6ef6ea6ba5 .NET framework(MSIL) PE File PE32 .NET EXE VirusTotal Malware Check memory Checks debugger unpack itself ComputerName					2.2	M	52	ZeroCERT

9385	2023-10-23 09:29	Veeam.Backup.Service.exe 03aa72059e81beaaf61c76488cbebd4c Malicious Library UPX Malicious Packer PE File PE32 OS Processor Check VirusTotal Malware Check memory crashed					0.8		7	ZeroCERT

9386	2023-10-23 09:28	msedge.exe 8deea0c4169b1d9d343201b39e8e1478 PE File PE32 .NET EXE VirusTotal Malware PDB Check memory Checks debugger unpack itself ComputerName					2.8	M	44	ZeroCERT

9387	2023-10-21 18:34	Tr4nsf3r.pcapng 910a772ad5925b5951830b85bbd96563 AntiDebug AntiVM Email Client Info Stealer suspicious privilege Checks debugger Creates shortcut unpack itself installed browsers check Browser Email ComputerName					3.4			guest

9388	2023-10-20 18:43	7725eaa6592c80f8124e769b4e8a07... 55dcac727da37d5a80e10443624af68e Malicious Library UPX PE File PE32 OS Processor Check VirusTotal Malware unpack itself					1.6	M	24	ZeroCERT

9389	2023-10-20 18:41	7725eaa6592c80f8124e769b4e8a07... 55f3d435fa139692ab54318a15eb1272 Malicious Library UPX PE File PE32 OS Processor Check VirusTotal Malware unpack itself					1.8	M	34	ZeroCERT

9390	2023-10-20 18:39	baf14778c246e15550645e30ba78ce... 41eb8d05203261240efd56a12fe40997 Malicious Library UPX PE File PE32 OS Processor Check unpack itself					0.8	M		ZeroCERT