popup

Submissions

No Date Request Urls Hosts IDS Rule Score Zero VT Player Etc
9676 2024-05-28 09:51 applovin_exo_ic_rewind.xml  

848904b2849c8ba0d3b780401ba616a7


AntiDebug AntiVM MSOffice File Code Injection RWX flags setting exploit crash unpack itself Windows utilities Windows Exploit DNS crashed 		3.8 guest

9677 2024-05-28 09:50 applovin_exo_ic_play_circle_fi...  

93728177a4e72b4085403c4b6351fd01


Downloader Create Service Socket DGA Http API ScreenShot Escalate priviledges Steal credential PWS Hijack Network Sniff Audio HTTP DNS Code injection Internet API persistence FTP KeyLogger P2P AntiDebug AntiVM MSOffice File Code Injection RWX flags setting exploit crash unpack itself Windows utilities malicious URLs Tofsee Windows Exploit DNS crashed 		2 4.8 guest

9678 2024-05-28 09:50 rooming.hta  

5f0dd9ef756c02785e681153c17ee786


Generic Malware Antivirus PowerShell powershell suspicious privilege Check memory Checks debugger Creates shortcut RWX flags setting unpack itself powershell.exe wrote Check virtual network interfaces suspicious process WriteConsoleW Tofsee Windows ComputerName DNS Cryptographic key 		3 3 7.6 M ZeroCERT

9679 2024-05-28 09:49 applovin_exo_ic_rewind.xml  

848904b2849c8ba0d3b780401ba616a7


AntiDebug AntiVM MSOffice File Code Injection RWX flags setting exploit crash unpack itself Windows utilities Windows Exploit DNS crashed 		3.8 guest

9680 2024-05-28 09:47 applovin_exo_ic_play_circle_fi...  

93728177a4e72b4085403c4b6351fd01


Downloader Create Service Socket DGA Http API ScreenShot Escalate priviledges Steal credential PWS Hijack Network Sniff Audio HTTP DNS Code injection Internet API persistence FTP KeyLogger P2P AntiDebug AntiVM MSOffice File Code Injection RWX flags setting exploit crash unpack itself Windows utilities malicious URLs Tofsee Windows Exploit DNS crashed 		2 4.8 guest

9681 2024-05-28 09:47 applovin_exo_ic_pause_circle_f...  

b9ef865965343c0f591a4148f2926432


AntiDebug AntiVM MSOffice File Code Injection RWX flags setting exploit crash unpack itself Windows utilities Windows Exploit DNS crashed 		3.8 guest

9682 2024-05-28 09:47 Zinck2.exe  

119f67b2ac7eb36c17560948015fbf89


Generic Malware Malicious Library UPX PE File PE32 OS Processor Check unpack itself RCE 		1.4 M ZeroCERT

9683 2024-05-28 09:46 room5.hta  

d3c362ce51282a6583d86fd69a578c89


Generic Malware Antivirus PowerShell powershell suspicious privilege Check memory Checks debugger Creates shortcut RWX flags setting unpack itself powershell.exe wrote Check virtual network interfaces suspicious process WriteConsoleW Tofsee Windows ComputerName DNS Cryptographic key 		1 5 1 8.0 M ZeroCERT

9684 2024-05-28 09:45 applovin_exo_ic_pause_circle_f...  

b9ef865965343c0f591a4148f2926432


Downloader Create Service Socket DGA Http API ScreenShot Escalate priviledges Steal credential PWS Hijack Network Sniff Audio HTTP DNS Code injection Internet API persistence FTP KeyLogger P2P AntiDebug AntiVM MSOffice File Code Injection RWX flags setting exploit crash unpack itself Windows utilities malicious URLs Tofsee Windows Exploit DNS crashed 		2 4.8 guest

9685 2024-05-28 09:45 applovin_exo_ic_fullscreen_exi...  

52543fa66fb64983f0e9be33bfc6aac8


AntiDebug AntiVM MSOffice File Code Injection RWX flags setting exploit crash unpack itself Windows utilities Windows Exploit DNS crashed 		3.8 guest

9686 2024-05-28 09:45 applovin_exo_ic_forward.xml  

c8ea0339e58736beb44f97c7b8b4532b


Downloader Create Service Socket DGA Http API ScreenShot Escalate priviledges Steal credential PWS Hijack Network Sniff Audio HTTP DNS Code injection Internet API persistence FTP KeyLogger P2P AntiDebug AntiVM MSOffice File Code Injection RWX flags setting exploit crash unpack itself Windows utilities malicious URLs Tofsee Windows Exploit DNS crashed 		2 4.8 guest

9687 2024-05-28 09:44 applovin_exo_ic_fullscreen_ent...  

49df0545897ea05b5a5747aaf4493df1


AntiDebug AntiVM MSOffice File Code Injection RWX flags setting exploit crash unpack itself Windows utilities Tofsee Windows Exploit DNS crashed 		2 3.8 guest

9688 2024-05-28 09:44 applovin_exo_ic_fullscreen_exi...  

52543fa66fb64983f0e9be33bfc6aac8


AntiDebug AntiVM MSOffice File Code Injection RWX flags setting exploit crash unpack itself Windows utilities Windows Exploit DNS crashed 		3.8 guest

9689 2024-05-28 09:43 applovin_exo_ic_forward.xml  

c8ea0339e58736beb44f97c7b8b4532b


Downloader Create Service Socket DGA Http API ScreenShot Escalate priviledges Steal credential PWS Hijack Network Sniff Audio HTTP DNS Code injection Internet API persistence FTP KeyLogger P2P AntiDebug AntiVM MSOffice File Code Injection RWX flags setting exploit crash unpack itself Windows utilities malicious URLs Tofsee Windows Exploit DNS crashed 		2 4.8 guest

9690 2024-05-28 09:43 twsyquusdi4TQGWYY527277727Q7QQ...  

7b044d66c7fcbc3d3bf6f5d52e96d3b2


MS_RTF_Obfuscation_Objects Anti_VM RTF File doc VirusTotal Malware buffers extracted exploit crash unpack itself Tofsee Exploit Tor DNS crashed 		1 5 5 4.6 M 35 ZeroCERT

keyword