Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Rule	Score	Zero	VT	Player
9511	2023-10-17 10:38	opt-71.js a5de8594f885a3ba4d8fdad1c9122c33 AntiDebug AntiVM Malware Code Injection Malicious Traffic wscript.exe payload download Windows utilities Check virtual network interfaces suspicious process WriteConsoleW Windows DNS	2 Keyword trend analysis	3	2		7.2			guest

9512	2023-10-17 10:19	HJGHJGHJJGFile.vbs 5ccfeb1c2b9afa98577b2d633b4b1166 Generic Malware Antivirus PowerShell VirusTotal Malware powershell suspicious privilege Check memory Checks debugger Creates shortcut unpack itself Check virtual network interfaces suspicious process WriteConsoleW Tofsee Windows ComputerName Cryptographic key	1 Keyword trend analysis	2	1		7.6		1	ZeroCERT

9513	2023-10-17 10:18	xxx.vbs 8565f26c1e4435a5645fee07d989e418 Generic Malware Antivirus PowerShell VirusTotal Malware powershell suspicious privilege Check memory Checks debugger Creates shortcut unpack itself Check virtual network interfaces suspicious process WriteConsoleW Tofsee Windows ComputerName Cryptographic key	1 Keyword trend analysis	2	1		7.6		1	ZeroCERT

9514	2023-10-17 10:12	test.hta db2fde02752a7a3ddcbf39589acdf815 Generic Malware Antivirus PowerShell VirusTotal Malware powershell suspicious privilege Malicious Traffic Check memory Checks debugger Creates shortcut Creates executable files RWX flags setting unpack itself powershell.exe wrote Check virtual network interfaces suspicious process WriteConsoleW Windows ComputerName DNS Cryptographic key	1 Keyword trend analysis	1	1	1	10.2	M	25	ZeroCERT

9515	2023-10-17 10:12	test.pdf.url ff6018379580a0f672c47e2051e514fa AntiDebug AntiVM Malware download VirusTotal Malware powershell Code Injection Malicious Traffic RWX flags setting exploit crash unpack itself Windows utilities Tofsee RedCurl Windows Exploit DNS crashed	1 Keyword trend analysis	1	4	1	4.6	M	4	ZeroCERT

9516	2023-10-17 10:10	main.bat 5508b50b110acf7a152316d5352da364 Generic Malware Downloader Antivirus Create Service Socket DGA Http API ScreenShot Escalate priviledges Steal credential PWS Sniff Audio HTTP DNS Code injection Internet API FTP KeyLogger P2P AntiDebug AntiVM powershell suspicious privilege Check memory Checks debugger Creates shortcut unpack itself powershell.exe wrote suspicious process WriteConsoleW Windows ComputerName Cryptographic key	1 Keyword trend analysis				4.6			ZeroCERT

9517	2023-10-17 10:09	dss.cmd 2b31d5fbd2c8b2014e741757c44b3503 Generic Malware Downloader Antivirus Create Service Socket DGA Http API ScreenShot Escalate priviledges Steal credential PWS Sniff Audio HTTP DNS Code injection Internet API FTP KeyLogger P2P AntiDebug AntiVM powershell suspicious privilege Check memory Checks debugger Creates shortcut unpack itself suspicious process WriteConsoleW Windows ComputerName Cryptographic key	1 Keyword trend analysis				4.0			ZeroCERT

9518	2023-10-17 10:08	doc.bat 5508b50b110acf7a152316d5352da364 Generic Malware Downloader Antivirus Create Service Socket DGA Http API ScreenShot Escalate priviledges Steal credential PWS Sniff Audio HTTP DNS Code injection Internet API FTP KeyLogger P2P AntiDebug AntiVM powershell suspicious privilege Check memory Checks debugger Creates shortcut unpack itself powershell.exe wrote suspicious process WriteConsoleW Windows ComputerName Cryptographic key	1 Keyword trend analysis				4.6			ZeroCERT

9519	2023-10-17 10:07	at.hta b3a69d39ea2f074e520077721b475d51 VirusTotal Malware crashed					1.0	M	26	ZeroCERT

9520	2023-10-17 10:07	555.bat 758138cf292edc7fc200b8853a34dce3 Generic Malware Downloader Antivirus Create Service Socket DGA Http API ScreenShot Escalate priviledges Steal credential PWS Sniff Audio HTTP DNS Code injection Internet API FTP KeyLogger P2P AntiDebug AntiVM PowerShell VirusTotal Malware powershell suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted Creates shortcut Creates executable files unpack itself Windows utilities Check virtual network interfaces suspicious process malicious URLs WriteConsoleW Tofsee Windows ComputerName DNS Cryptographic key	2 Keyword trend analysis	3	4	2	11.6	M	1	ZeroCERT

9521	2023-10-17 10:04	1 2a8cb72531364c728a5d258ae273f69e Generic Malware UPX Downloader PE File PE32 VirusTotal Malware Check memory crashed					1.6		2	ZeroCERT

9522	2023-10-17 10:04	2 aed1eb4ab37c9eac1b1108d9739f5903 ZIP Format VirusTotal Malware					0.6		12	ZeroCERT

9523	2023-10-17 10:02	bf85700e.exe 49c3a1783950fa165b770f6cf5cc0619 Malicious Library UPX PE File PE32 OS Processor Check VirusTotal Malware unpack itself					2.0		35	ZeroCERT

9524	2023-10-17 10:01	uwp4072801.png.exe e0154733596f482f5feff0f3b5b5cadf Malicious Library UPX .NET DLL PE File DLL PE32 OS Processor Check VirusTotal Malware PDB					1.4		22	ZeroCERT

9525	2023-10-17 09:44	j-16 2d544a42a3a073438330c81607df6ca7 Malicious Library Downloader PE File DLL PE32 Malware download VirusTotal Malware Malicious Traffic Checks debugger Creates executable files unpack itself AppData folder AntiVM_Disk sandbox evasion VM Disk Size Check GameoverP2P Zeus Windows DNS Downloader	1 Keyword trend analysis	1	9 Info ET MALWARE Likely Evil EXE download from dotted Quad by MSXMLHTTP M1 SURICATA HTTP Request abnormal Content-Encoding header ET POLICY PE EXE or DLL Windows file download HTTP ET MALWARE OneLouder EXE download possibly installing Zeus P2P ET MALWARE Likely Evil EXE download from dotted Quad by MSXMLHTTP M2 ET MALWARE Likely Evil EXE download from MSXMLHTTP non-exe extension M2 ET MALWARE JS/WSF Downloader Dec 08 2016 M6 ET HUNTING SUSPICIOUS Dotted Quad Host MZ Response ET INFO EXE - Served Attached HTTP		5.2	M	43	ZeroCERT