Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Rule	Score	Zero	VT	Player
9421	2023-10-19 18:38	HTMLcache8.dOC 2b81d6d754937ab82947a76d395df643 MS_RTF_Obfuscation_Objects RTF File doc VirusTotal Malware RWX flags setting exploit crash Exploit crashed					2.6	M	29	ZeroCERT

9422	2023-10-19 18:38	uwp4082989.png.exe 5913cdb1f8f9045b3e19987a08134771 Malicious Library UPX .NET DLL PE File DLL PE32 OS Processor Check VirusTotal Malware PDB					1.4		26	ZeroCERT

9423	2023-10-19 18:37	skx3hHI.exe aa97e84ddfed87f96092e40ae29e9a63 .NET framework(MSIL) Socket DNS persistence AntiDebug AntiVM PE File PE32 .NET EXE VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself Windows DNS Cryptographic key		1			10.8	M	28	ZeroCERT

9424	2023-10-19 18:35	plugmanzx.exe 2f7fc48c821a1ee87c7c95b069fe69ef DNS AntiDebug AntiVM PE File PE32 .NET EXE Malware download Nanocore Cobalt Strike NetWireRC VirusTotal Malware Buffer PE AutoRuns PDB suspicious privilege MachineGuid Code Injection Check memory Checks debugger buffers extracted unpack itself Windows utilities suspicious process WriteConsoleW human activity check Windows RAT ComputerName DNS DDNS		2	5		13.4	M	31	ZeroCERT

9425	2023-10-19 18:32	mtxwrwa.exe 03e41b95af64f8e4be9fcbd85df87673 .NET framework(MSIL) PE File PE32 .NET EXE VirusTotal Malware Check memory Checks debugger unpack itself ComputerName					2.4	M	39	ZeroCERT

9426	2023-10-19 18:30	sukonted2.1.exe ed1aef251adba4e47408db95bcf563cf NSIS Malicious Library UPX PE File PE32 OS Processor Check VirusTotal Malware suspicious privilege Check memory Creates executable files unpack itself AppData folder					4.4	M	35	ZeroCERT

9427	2023-10-19 18:30	plugmanzx.exe f4a329dff4849f902fe877e345e6d740 .NET framework(MSIL) PE File PE32 .NET EXE VirusTotal Malware PDB Check memory Checks debugger unpack itself					2.0	M	31	ZeroCERT

9428	2023-10-19 18:28	gfhdsggssdgfsFile.vbs 50530ad3f7a59a70e2ad275d8eca6e34 Generic Malware Antivirus PowerShell VirusTotal Malware powershell suspicious privilege Check memory Checks debugger Creates shortcut unpack itself Check virtual network interfaces suspicious process WriteConsoleW Tofsee Windows ComputerName Cryptographic key	2 Keyword trend analysis	2	1		7.6		5	ZeroCERT

9429	2023-10-19 18:28	westartagain.vbs a19e87eb4cfc892ad7ccf43fd3a2a114 Generic Malware Antivirus PowerShell VirusTotal Malware powershell suspicious privilege Check memory Checks debugger Creates shortcut unpack itself Check virtual network interfaces suspicious process WriteConsoleW Tofsee Windows ComputerName Cryptographic key	2 Keyword trend analysis	2	1		7.6		3	ZeroCERT

9430	2023-10-19 18:27	sevenththththththth.vbs f9145a219ca855c79279b94e9b902068 Generic Malware Antivirus PowerShell VirusTotal Malware powershell suspicious privilege Check memory Checks debugger Creates shortcut unpack itself Check virtual network interfaces suspicious process WriteConsoleW Tofsee Windows ComputerName Cryptographic key	2 Keyword trend analysis	2	1		7.6		4	ZeroCERT

9431	2023-10-19 11:02	7a54bdb20779c4359694feaa1398dd... c0696ad2162f2afab1dc1d70454a5353 Malicious Library UPX PE File PE32 ftp OS Processor Check VirusTotal Malware unpack itself					1.6		25	ZeroCERT

9432	2023-10-19 11:00	setup294.exe 0d1933c0074987f494c9023a9888da47 Malicious Library PE File PE32 DLL Check memory Checks debugger Creates executable files unpack itself AppData folder WriteConsoleW					2.2			ZeroCERT

9433	2023-10-19 11:00	baf14778c246e15550645e30ba78ce... f71cca8206e173f86a3c3fd1891ac4db Malicious Library UPX PE File PE32 ftp OS Processor Check VirusTotal Malware unpack itself DNS		1			2.2		26	ZeroCERT

9434	2023-10-19 10:49	himeffectivelyproress.exe fa9494dcb5bd42e61e89231dfc8eb0da Gen1 Emotet Malicious Library UPX AntiDebug AntiVM PE File PE64 CAB PE32 .NET EXE OS Processor Check PNG Format MSOffice File JPEG Format VirusTotal Malware AutoRuns PDB Code Injection Malicious Traffic Check memory Checks debugger buffers extracted Creates executable files RWX flags setting exploit crash unpack itself Windows utilities Check virtual network interfaces AppData folder Tofsee Windows Exploit Remote Code Execution DNS crashed	1 Keyword trend analysis	3	4	1	10.2	M	22	ZeroCERT

9435	2023-10-19 10:47	setup.exe 3111f8d446efd3c0a0e2c91cbf303998 Malicious Library PE File PE32 VirusTotal Malware WMI Creates executable files RWX flags setting Checks Bios anti-virtualization ComputerName					4.2	M	41	ZeroCERT