Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Rule	Score	Zero	VT	Player
9481	2023-10-18 09:51	Setup.exe a3b5e1774d3b1a182ca4bcfc100f3606 Malicious Library UPX PE File PE32 OS Processor Check Browser Info Stealer RedLine Malware download FTP Client Info Stealer VirusTotal Malware Microsoft suspicious privilege Check memory Checks debugger buffers extracted WMI unpack itself Collect installed applications installed browsers check Stealer Windows Browser ComputerName DNS Cryptographic key Software crashed		1	5		7.2		28	ZeroCERT

9482	2023-10-18 09:51	Order.pdf.exe 16ef2ceaac7e55803f35f33d84645e31 Malicious Library UPX .NET framework(MSIL) PE File PE32 OS Processor Check PNG Format .NET EXE VirusTotal Malware PDB Check memory Checks debugger Creates executable files unpack itself AppData folder Remote Code Execution					4.2		35	ZeroCERT

9483	2023-10-18 09:50	HTMLcache.dOC 5694fc60fe6d3e04dc6ac4e6b05b9a7a MS_RTF_Obfuscation_Objects RTF File doc VirusTotal Malware VBScript Malicious Traffic exploit crash unpack itself Tofsee Exploit DNS crashed	1 Keyword trend analysis	3	2		4.0	M	28	ZeroCERT

9484	2023-10-18 09:49	d-8 dc62653f9e2468f587b27fb7bb8857e2 Malicious Library Downloader PE File DLL PE32 Malware download VirusTotal Malware Malicious Traffic Checks debugger Creates executable files unpack itself AntiVM_Disk sandbox evasion VM Disk Size Check GameoverP2P Zeus Windows DNS Downloader	1 Keyword trend analysis	1	9 Info ET MALWARE Likely Evil EXE download from dotted Quad by MSXMLHTTP M1 SURICATA HTTP Request abnormal Content-Encoding header ET POLICY PE EXE or DLL Windows file download HTTP ET MALWARE OneLouder EXE download possibly installing Zeus P2P ET MALWARE Likely Evil EXE download from dotted Quad by MSXMLHTTP M2 ET MALWARE Likely Evil EXE download from MSXMLHTTP non-exe extension M2 ET MALWARE JS/WSF Downloader Dec 08 2016 M6 ET HUNTING SUSPICIOUS Dotted Quad Host MZ Response ET INFO EXE - Served Attached HTTP		4.8	M	49	ZeroCERT

9485	2023-10-18 09:48	HTMLcache.doc 0926d64a5e274efd84980e0a42963ef6 MS_RTF_Obfuscation_Objects RTF File doc VirusTotal Malware exploit crash unpack itself Tofsee Exploit crashed	1 Keyword trend analysis	2	1		3.2	M	31	ZeroCERT

9486	2023-10-18 08:00	audiodgse.exe 68c674b8751ee53b3dcb6d6f10b0bc0c Formbook NSIS Malicious Library UPX PE File PE32 FormBook Malware download Malware suspicious privilege Malicious Traffic Check memory Creates executable files unpack itself suspicious TLD DNS	1 Keyword trend analysis	5	2	1	3.4	M		ZeroCERT

9487	2023-10-18 07:57	raaa.exe 67eb75a7dd7ad718359513fad929eb62 .NET framework(MSIL) PE File PE32 .NET EXE Check memory Checks debugger unpack itself					1.2	M		ZeroCERT

9488	2023-10-18 07:55	silent.exe 8e0907f52947b06a7b2f4a3ff064ec2d PE File PE64 Cryptocurrency Miner Cryptocurrency DNS		6	2		0.8	M		ZeroCERT

9489	2023-10-18 07:55	Tues.....exe 4ce3fd8661138b0deadc1f3d5b8ca09b Malicious Library UPX Malicious Packer PE File PE32 .NET EXE Browser Info Stealer FTP Client Info Stealer Email Client Info Stealer AutoRuns suspicious privilege Check memory Checks debugger unpack itself Windows Browser Email ComputerName Software crashed keylogger					5.6	M		ZeroCERT

9490	2023-10-18 07:53	ezy.exe 68cf6b4b568cc8bcbfe7dc53607f0c90 LokiBot .NET framework(MSIL) PWS SMTP KeyLogger AntiDebug AntiVM PE File PE32 .NET EXE Browser Info Stealer FTP Client Info Stealer Email Client Info Stealer PDB suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself Check virtual network interfaces IP Check Tofsee Windows Browser Email ComputerName DNS Software crashed keylogger		2	4		10.2	M		ZeroCERT

9491	2023-10-18 07:53	DH.exe 98dd2038ebcfed11dd49c0e663babb41 .NET framework(MSIL) PE File PE32 .NET EXE VirusTotal Malware Check memory Checks debugger unpack itself					2.2	M	39	ZeroCERT

9492	2023-10-18 07:51	audiodgse.exe 9b40ae8c6dc8f35af3535a7b30c51d80 Malicious Library UPX PE File PE32 DLL VirusTotal Malware Check memory Creates executable files unpack itself AppData folder					2.4	M	28	ZeroCERT

9493	2023-10-18 07:51	txx.exe 7876bb77fa613b4bcea4b6f87330d686 .NET framework(MSIL) PE File PE32 .NET EXE VirusTotal Malware Check memory Checks debugger unpack itself					2.4	M	41	ZeroCERT

9494	2023-10-18 07:49	PO.pdf.exe 9d1dfc2adc6e191d54bcf23a43e221f9 Malicious Library UPX .NET framework(MSIL) PE File PE32 OS Processor Check .NET EXE PNG Format VirusTotal Malware PDB Check memory Checks debugger Creates executable files unpack itself AppData folder Remote Code Execution					4.2		33	ZeroCERT

9495	2023-10-18 07:49	aao.exe 13334f5c0eabe3d42da0645a606a1946 .NET framework(MSIL) PE File PE32 .NET EXE VirusTotal Malware Check memory Checks debugger unpack itself					2.4		43	ZeroCERT