Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	IDS	Score	Zero	Player
9511	2024-05-29 07:34	svhost.exe bb1529af37bcc44a4d65ee8da4ab05be Malicious Library Antivirus UPX PE File .NET EXE PE32 OS Processor Check suspicious privilege MachineGuid Check memory Checks debugger unpack itself AntiVM_Disk VM Disk Size Check Windows ComputerName Cryptographic key		2.8	M	ZeroCERT

9512	2024-05-28 20:58	remotectl_dumpstate.txt 3dc6e96f5529d63f1633b68f372ef108 ScreenShot AntiDebug AntiVM		0.4		guest

9513	2024-05-28 20:57	remotectl_dumpstate.txt 3dc6e96f5529d63f1633b68f372ef108 ScreenShot AntiDebug AntiVM Check memory unpack itself DNS		1.6		guest

9514	2024-05-28 20:56	._TCC 2.db-wal 45eefdc390273286afcc07d798eb1807 Downloader Create Service Socket DGA Http API ScreenShot Escalate priviledges Steal credential PWS Hijack Network Sniff Audio HTTP DNS Code injection Internet API persistence FTP KeyLogger P2P AntiDebug AntiVM MSOffice File Code Injection RWX flags setting exploit crash unpack itself Windows utilities malicious URLs Tofsee Windows Exploit DNS crashed	2	4.8		guest

9515	2024-05-28 20:55	._TCC 2.db-wal 45eefdc390273286afcc07d798eb1807 AntiDebug AntiVM MSOffice File Code Injection RWX flags setting exploit crash unpack itself Windows utilities Windows Exploit DNS crashed		3.8		guest

9516	2024-05-28 20:55	TCC 2.db-wal af7d177cce594aed5916d443ab6d1833 Downloader Create Service Socket DGA Http API ScreenShot Escalate priviledges Steal credential PWS Hijack Network Sniff Audio HTTP DNS Code injection Internet API persistence FTP KeyLogger P2P AntiDebug AntiVM MSOffice File Code Injection RWX flags setting exploit crash unpack itself Windows utilities malicious URLs Tofsee Windows Exploit DNS crashed	2	4.2		guest

9517	2024-05-28 20:54	TCC 2.db-wal af7d177cce594aed5916d443ab6d1833 Downloader Create Service Socket DGA Http API ScreenShot Escalate priviledges Steal credential PWS Hijack Network Sniff Audio HTTP DNS Code injection Internet API persistence FTP KeyLogger P2P AntiDebug AntiVM MSOffice File Code Injection RWX flags setting exploit crash unpack itself Windows utilities malicious URLs Tofsee Windows Exploit DNS crashed	2	4.8		guest

9518	2024-05-28 20:54	._TCC 2.db-wal 45eefdc390273286afcc07d798eb1807 AntiDebug AntiVM MSOffice File Code Injection RWX flags setting exploit crash unpack itself Windows utilities Windows Exploit DNS crashed		3.8		guest

9519	2024-05-28 20:53	TCC 2.db-wal af7d177cce594aed5916d443ab6d1833 Downloader Create Service Socket DGA Http API ScreenShot Escalate priviledges Steal credential PWS Hijack Network Sniff Audio HTTP DNS Code injection Internet API persistence FTP KeyLogger P2P AntiDebug AntiVM MSOffice File Code Injection RWX flags setting exploit crash unpack itself Windows utilities malicious URLs Tofsee Windows Exploit DNS crashed	2	4.2		guest

9520	2024-05-28 20:52	._TCC 2.db-wal 45eefdc390273286afcc07d798eb1807 AntiDebug AntiVM MSOffice File Code Injection RWX flags setting exploit crash unpack itself Windows utilities Windows Exploit DNS crashed		3.8		guest

9521	2024-05-28 20:52	._TCC 2.db-wal 45eefdc390273286afcc07d798eb1807 Downloader Create Service Socket DGA Http API ScreenShot Escalate priviledges Steal credential PWS Hijack Network Sniff Audio HTTP DNS Code injection Internet API persistence FTP KeyLogger P2P AntiDebug AntiVM MSOffice File Code Injection RWX flags setting exploit crash unpack itself Windows utilities malicious URLs Tofsee Windows Exploit DNS crashed	2	4.8		guest

9522	2024-05-28 20:50	._TCC 2.db-wal 45eefdc390273286afcc07d798eb1807 Downloader Create Service Socket DGA Http API ScreenShot Escalate priviledges Steal credential PWS Hijack Network Sniff Audio HTTP DNS Code injection Internet API persistence FTP KeyLogger P2P AntiDebug AntiVM MSOffice File Code Injection RWX flags setting exploit crash unpack itself Windows utilities malicious URLs Tofsee Windows Exploit DNS crashed	2	4.2		guest

9523	2024-05-28 20:50	._TCC 2.db-wal 45eefdc390273286afcc07d798eb1807 AntiDebug AntiVM MSOffice File Code Injection RWX flags setting exploit crash unpack itself Windows utilities Windows Exploit DNS crashed		3.8		guest

9524	2024-05-28 20:48	TCC 2.db-wal af7d177cce594aed5916d443ab6d1833 AntiDebug AntiVM MSOffice File Code Injection RWX flags setting exploit crash unpack itself Windows utilities Windows Exploit DNS crashed		3.8		guest

9525	2024-05-28 20:47	TCC 2.db-wal af7d177cce594aed5916d443ab6d1833 AntiDebug AntiVM MSOffice File Code Injection RWX flags setting exploit crash unpack itself Windows utilities Windows Exploit DNS crashed		3.8		guest