Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Score	VT	Player
9526	2023-10-17 09:43	artwork.hta b3a69d39ea2f074e520077721b475d51 Generic Malware Antivirus PowerShell VirusTotal Malware powershell suspicious privilege Malicious Traffic Check memory Checks debugger Creates shortcut Creates executable files RWX flags setting unpack itself Windows utilities powershell.exe wrote Check virtual network interfaces suspicious process WriteConsoleW Tofsee Windows ComputerName DNS Cryptographic key	2 Keyword trend analysis	3	2	10.6	26	ZeroCERT

9527	2023-10-17 07:46	macwelter2.1.exe 5dc9185191d639c955367a880101e252 NSIS Malicious Library UPX PE File PE32 FormBook Malware download Malware suspicious privilege Malicious Traffic Check memory Creates executable files unpack itself	4 Keyword trend analysis Info http://www.zeropointenergyhvac.com/t6tg/?jDKP8=vAEcViLLfRnXrvGHJGOy3S0oM5KgJr+WLGiVWET49+NKpGPyCcxnbWSVNLBpcRBJoM/m8+js&8p0=IbtHbJ http://www.domumix.com/t6tg/?jDKP8=NCr4hxvH2ezd5PnFQvFe4UNVT4u8oc6t8Rf/c3KW26/rudMQ46jCsaNfWBhm2pOWUClrv1g3&8p0=IbtHbJ http://www.ssongg13026.cfd/t6tg/?jDKP8=Nmqux/666XlLtJ3WEKzUk3EHj+ftlkJxJixPq7eQ/k8b2WLLehoT1axEI2nKmBLwOwlBSnRz&8p0=IbtHbJ http://www.tugerdi.site/t6tg/?jDKP8=Za8NgA951HtgEMA/N1pbqY3Eng45w2byd25/9jAsmGZLSXWq5l9klRymntmNRw3MeMdtayU2&8p0=IbtHbJ	8	1	3.4		ZeroCERT

9528	2023-10-17 07:46	HQR8391000.pdf.exe dc36e4d8f1c2b8447a5dfb31c6ec9330 Generic Malware Malicious Library UPX Malicious Packer .NET framework(MSIL) PE File PE32 OS Processor Check .NET EXE PNG Format PDB Check memory Checks debugger Creates executable files unpack itself AppData folder Remote Code Execution				3.2		ZeroCERT

9529	2023-10-17 07:44	pqAlGyUFhqdKYsx.exe 991a0243b129e2086d31127247f0c630 LokiBot Generic Malware .NET framework(MSIL) Antivirus PWS SMTP KeyLogger AntiDebug AntiVM PE File PE32 .NET EXE Browser Info Stealer FTP Client Info Stealer Email Client Info Stealer powershell PDB suspicious privilege Code Injection Check memory Checks debugger buffers extracted Creates shortcut unpack itself Windows utilities powershell.exe wrote Check virtual network interfaces suspicious process WriteConsoleW IP Check Tofsee Windows Browser Email ComputerName DNS Cryptographic key Software crashed		2	4	12.0		ZeroCERT

9530	2023-10-17 07:44	ChromeSetup.exe 8bada859ba3d8bb71df1e74e4e630b9f Malicious Library UPX PE File PE32 OS Processor Check unpack itself				1.0		ZeroCERT

9531	2023-10-16 21:30	jazz pcto.pdf 36399fff264f2e4ee3cfcd4f794ee9ce PDF						guest

9532	2023-10-16 18:57	setup.exe 3ced118256af2b36b3b07ca4af5711b6 Malicious Library PE File PE32 VirusTotal Malware WMI Creates executable files RWX flags setting Windows utilities Checks Bios anti-virtualization Windows ComputerName				4.2	24	ZeroCERT

9533	2023-10-16 18:44	sihost.exe 0855867efc0b10ff80a9237b8ee9ba3d .NET framework(MSIL) PWS SMTP KeyLogger AntiDebug AntiVM PE File PE32 .NET EXE Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware PDB suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself Check virtual network interfaces Tofsee Browser Email ComputerName Software crashed		2	2	11.0	24	ZeroCERT

9534	2023-10-16 18:42	Preparing.exe 8fda57ed69bc4c9827a92f417f2caa13 Malicious Library UPX Malicious Packer Admin Tool (Sysinternals etc ...) .NET framework(MSIL) PWS SMTP AntiDebug AntiVM PE File PE32 .NET EXE Browser Info Stealer RedLine Malware download FTP Client Info Stealer VirusTotal Malware Microsoft PDB suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself Collect installed applications installed browsers check Stealer Windows Browser ComputerName DNS Cryptographic key Software crashed		1	5 Info ET INFO Microsoft net.tcp Connection Initialization Activity ET MALWARE [ANY.RUN] RedLine Stealer Related (MC-NMF Authorization) ET MALWARE Redline Stealer TCP CnC Activity - MSValue (Outbound) ET MALWARE Redline Stealer Activity (Response) ET MALWARE Redline Stealer TCP CnC Activity - MSValue (Response)	10.6	14	ZeroCERT

9535	2023-10-16 18:41	clip64.dll 27ff8e12b152ccf47b293d5375ea5d96 Amadey Malicious Library UPX Admin Tool (Sysinternals etc ...) PE File DLL PE32 OS Processor Check VirusTotal Malware PDB Checks debugger unpack itself				2.0	57	ZeroCERT

9536	2023-10-16 18:39	cred64.dll a83604e32360e2b32ece536021559f13 Browser Login Data Stealer Malicious Library UPX PE File DLL PE64 OS Processor Check VirusTotal Malware PDB Checks debugger unpack itself installed browsers check Browser ComputerName DNS crashed		1		3.4	51	ZeroCERT

9537	2023-10-16 18:38	Ihtfxltx.exe f3234097fc5189cd1e558550ba0617fc PE File PE64 VirusTotal Malware MachineGuid Check memory Checks debugger unpack itself				2.4	30	ZeroCERT

9538	2023-10-16 18:37	smss.exe 6e8215eee3034d6dcf18d79d397e5715 Malicious Library UPX PE File PE32 DLL VirusTotal Malware Check memory Creates executable files unpack itself AppData folder				3.0	33	ZeroCERT

9539	2023-10-16 18:36	setup-lightshot.exe 416c97ae7efb1385cf83a5fd277e68ee Generic Malware PE File PE32 .NET EXE VirusTotal Malware Malicious Traffic Check memory Checks debugger Creates executable files unpack itself Tofsee ComputerName	1 Keyword trend analysis	2	2	3.6	39	ZeroCERT

9540	2023-10-16 18:35	Roblox_Level_4_Exploit.exe 01af0cd59dfa4e45fc8cb5d9ecbd6de3 Generic Malware PE File PE32 .NET EXE VirusTotal Malware Malicious Traffic Check memory Checks debugger Creates executable files unpack itself AppData folder Tofsee ComputerName	1 Keyword trend analysis	2	2	4.0	39	ZeroCERT