Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Rule	Score	Zero	VT	Player
9691	2021-07-05 09:42	The_Progress_and_Promise_of_th... 6ead104743be6575e767986a71cf4bd9 VBA_macro Vulnerability VirusTotal Malware unpack itself DNS					3.6		41	ZeroCERT

9692	2021-07-05 11:35	M0031.cab 71a1abd86b86a398d4bfc7beee3f2a02 Escalate priviledges KeyLogger AntiDebug AntiVM suspicious privilege Check memory Checks debugger unpack itself DNS					2.2			ZeroCERT

9693	2021-07-05 11:40	dl.php1.ps1 3e3eb21ab466fb5bb99ada3d8e04851f Antivirus Check memory unpack itself DNS					1.2			ZeroCERT

9694	2021-07-05 11:46	dl.php2.ps1 37e324c9592564254bff90850b926610 Antivirus Check memory unpack itself DNS					1.2			ZeroCERT

9695	2021-07-05 15:26	포트폴리오_210628(경력사항도 같이 기재하였습니다 ... 586d6732d8c8d4045b05276f2a0cbf53 PE File PE32 VirusTotal Malware Check memory unpack itself					2.0		42	guest

9696	2021-07-05 15:27	포트폴리오_210628(경력사항도 같이 기재하였습니다 ... 586d6732d8c8d4045b05276f2a0cbf53 PE File PE32 VirusTotal Malware Check memory unpack itself					2.0		42	guest

9697	2021-07-06 07:55	wininit.exe 4514496c4cf0e101ec375b76ff5baee2 PWS Loki[b] Loki[m] Generic Malware Admin Tool (Sysinternals etc ...) DNS Socket AntiDebug AntiVM PE File .NET EXE PE32 Browser Info Stealer LokiBot Malware download FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware c&c suspicious privilege MachineGuid Code Injection Malicious Traffic Check memory Checks debugger buffers extracted unpack itself malicious URLs AntiVM_Disk VM Disk Size Check installed browsers check Windows Browser Email ComputerName DNS Cryptographic key Software crashed	1 Keyword trend analysis	1	6 Info ET MALWARE LokiBot User-Agent (Charon/Inferno) ET MALWARE LokiBot Checkin ET MALWARE LokiBot Request for C2 Commands Detected M1 ET MALWARE LokiBot Request for C2 Commands Detected M2 ET MALWARE LokiBot Application/Credential Data Exfiltration Detected M1 ET MALWARE LokiBot Application/Credential Data Exfiltration Detected M2	1	15.2	M	20	ZeroCERT

9698	2021-07-06 09:16	wgxzz.exe 01490ab32f1ad006ae806cb2ce3221db PWS .NET framework RAT Generic Malware PE File .NET EXE OS Processor Check PE32 Browser Info Stealer VirusTotal Malware suspicious privilege Malicious Traffic Check memory Checks debugger buffers extracted unpack itself Collect installed applications Check virtual network interfaces installed browsers check Tofsee Windows Browser ComputerName DNS Cryptographic key crashed	2 Keyword trend analysis	3	1	1	6.6	M	37	ZeroCERT

9699	2021-07-06 09:24	vbc.exe 57610dbede5cd8832cddd051891a62d7 Generic Malware Admin Tool (Sysinternals etc ...) AntiDebug AntiVM PE File .NET EXE PE32 VirusTotal Malware Code Injection Check memory Checks debugger buffers extracted unpack itself Windows utilities suspicious process WriteConsoleW Tofsee Windows ComputerName DNS Cryptographic key crashed		3	1		10.6		20	ZeroCERT

9700	2021-07-06 09:24	zxvdsww.exe 7a6b75bfae4859ceb1188139e14a6822 PWS .NET framework RAT Generic Malware PE File .NET EXE OS Processor Check PE32 Browser Info Stealer VirusTotal Malware suspicious privilege Malicious Traffic Check memory Checks debugger buffers extracted unpack itself Collect installed applications Check virtual network interfaces installed browsers check Tofsee Windows Browser ComputerName DNS Cryptographic key crashed	2 Keyword trend analysis	3	1	1	6.6	M	35	ZeroCERT

9701	2021-07-06 09:24	Harpy.exe 9f0dc0e19db1a767abddeb2e0c728d86 RAT BitCoin Generic Malware AntiDebug AntiVM PE File .NET EXE PE32 Browser Info Stealer FTP Client Info Stealer VirusTotal Malware suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted unpack itself Collect installed applications Check virtual network interfaces IP Check installed browsers check Tofsee Windows Browser ComputerName Cryptographic key Software crashed	3 Keyword trend analysis	10	2		11.6		23	ZeroCERT

9702	2021-07-06 09:26	Client-built.exe 4c35b1756289e507682aa375acda9978 PWS .NET framework RAT Generic Malware PE File .NET EXE PE32 VirusTotal Malware Malicious Traffic Check memory Checks debugger unpack itself WriteConsoleW IP Check Tofsee Windows ComputerName DNS	3 Keyword trend analysis	5	5		4.6	M	58	ZeroCERT

9703	2021-07-06 09:27	vbc.exe 7b2599a8cfa0f094012b546bdde76ee1 PWS .NET framework Generic Malware Admin Tool (Sysinternals etc ...) Malicious Library PE File .NET EXE PE32 VirusTotal Malware WriteConsoleW ComputerName DNS		4			4.2	M	54	ZeroCERT

9704	2021-07-06 09:30	lv.exe 46f65f82bc5f16b70fc5c22b0232097c Gen1 Gen2 Malicious Library UPX DGA DNS Socket Create Service Sniff Audio HTTP Escalate priviledges KeyLogger FTP Hijack Network Code injection Http API Internet API Steal credential ScreenShot Downloader P2P persistence AntiDebug AntiVM PE File PE32 DLL VirusTotal Malware Code Injection Check memory Checks debugger Creates executable files unpack itself Windows utilities suspicious process AppData folder malicious URLs AntiVM_Disk WriteConsoleW VM Disk Size Check Windows DNS		2			7.4	M	45	ZeroCERT

9705	2021-07-06 10:00	1.exe 03b05d8cc99932a1a6e476927be4e70a Generic Malware PE File PE32 VirusTotal Malware AutoRuns unpack itself AntiVM_Disk VM Disk Size Check Windows Remote Code Execution DNS		1	1		4.2	M	44	r0d