Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Score	Zero	VT	Player
9931	2023-10-03 19:26	ngohms.txt.exe a4d3a2a7a7a67f335bbe0ea3d760bb7c Malicious Library UPX Malicious Packer PE File PE32 .NET EXE Browser Info Stealer FTP Client Info Stealer Email Client Info Stealer suspicious privilege Check memory Checks debugger unpack itself Browser Email ComputerName Software crashed				3.2			ZeroCERT

9932	2023-10-03 13:59	explorer.exe 76599bf790a73e2b744baf9a32e85f68 UPX PE File PE32 .NET EXE VirusTotal Malware AutoRuns suspicious privilege Malicious Traffic Checks debugger Creates executable files unpack itself Windows utilities Check virtual network interfaces suspicious process AppData folder WriteConsoleW Tofsee Windows ComputerName DNS crashed	1 Keyword trend analysis	3	1	10.4	M	54	ZeroCERT

9933	2023-10-03 13:58	nde.txt.exe 1c995704e0c0c3de5db167ea14339e7c AgentTesla Malicious Library UPX PE File PE32 .NET EXE Browser Info Stealer VirusTotal Email Client Info Stealer Malware suspicious privilege Check memory Checks debugger unpack itself Browser Email ComputerName crashed				3.8		57	ZeroCERT

9934	2023-10-03 13:58	apamaaktivozebas364.txt.exe fde1998a4f91b01722de069c5496560b AgentTesla Malicious Library UPX PE File PE32 .NET EXE Browser Info Stealer VirusTotal Email Client Info Stealer Malware suspicious privilege Check memory Checks debugger unpack itself Browser Email ComputerName crashed				3.8		59	ZeroCERT

9935	2023-10-03 13:55	i0iooi0i0IOI0IOI0i0ioioi0I0I0I... c525805107dafbab4307168b2544d08c MS_RTF_Obfuscation_Objects RTF File doc VirusTotal Malware exploit crash Tofsee Exploit crashed		2	1	2.4	M	30	ZeroCERT

9936	2023-10-03 13:51	ioi0i0i0ioioioio0ii0i000ii0ioo... 74244e004f53b8def29d5f6352f9a849 MS_RTF_Obfuscation_Objects RTF File doc VirusTotal Malware exploit crash Tofsee Exploit crashed		2	1	2.2	M	25	ZeroCERT

9937	2023-10-03 13:41	ioi0ioioooi000ioiooioioi000000... fb96a229f20223b7cb1850628519bb47 MS_RTF_Obfuscation_Objects RTF File doc VirusTotal Malware exploit crash Tofsee Exploit crashed		2	1	2.4	M	30	ZeroCERT

9938	2023-10-03 13:33	x.x.x.xx.x.xx.x.x.x.doc a4b026c2274bcf2ffe1d343d2eb3ff24 MS_RTF_Obfuscation_Objects RTF File doc exploit crash Tofsee Exploit crashed		2	1	1.4	M		ZeroCERT

9939	2023-10-03 13:24	sysuper.exe b038c77ebb4ab8e3e036a790b2b95c6d .NET framework(MSIL) PE File PE32 .NET EXE VirusTotal Malware Buffer PE suspicious privilege Check memory Checks debugger buffers extracted unpack itself Windows ComputerName Cryptographic key				4.0	M	30	ZeroCERT

9940	2023-10-03 13:23	%40Natsu338_alice.exe 7ade21e42a6f7039ac9b01c0b2954bc8 Malicious Library UPX AntiDebug AntiVM PE File PE32 OS Processor Check Browser Info Stealer RedLine Malware download FTP Client Info Stealer VirusTotal Malware Microsoft Buffer PE suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself Collect installed applications installed browsers check Stealer Windows Browser ComputerName DNS Cryptographic key Software crashed		1	5 Info ET INFO Microsoft net.tcp Connection Initialization Activity ET MALWARE [ANY.RUN] RedLine Stealer Related (MC-NMF Authorization) ET MALWARE Redline Stealer TCP CnC Activity - MSValue (Outbound) ET MALWARE Redline Stealer Activity (Response) ET MALWARE Redline Stealer TCP CnC Activity - MSValue (Response)	11.0	M	51	ZeroCERT

9941	2023-10-03 13:21	i0iooi0i0IOI0IOI0i0ioioi0I0I0I... c525805107dafbab4307168b2544d08c MS_RTF_Obfuscation_Objects RTF File doc VirusTotal Malware exploit crash unpack itself Tofsee Exploit crashed		2	1	2.8	M	30	ZeroCERT

9942	2023-10-03 13:21	rqrba.exe 965fcf373f3e95995f8ae35df758eca1 RedLine stealer Malicious Library UPX AntiDebug AntiVM PE File PE32 OS Processor Check VirusTotal Malware Buffer PE Code Injection Check memory Checks debugger buffers extracted unpack itself WriteConsoleW				7.4	M	51	ZeroCERT

9943	2023-10-03 13:19	build.exe 2bcee44e6dc3855e0b56231150d949e1 RedlineStealer RedLine Infostealer RedLine stealer UPX .NET framework(MSIL) PE File PE32 .NET EXE OS Processor Check Browser Info Stealer RedLine Malware download FTP Client Info Stealer VirusTotal Malware suspicious privilege Malicious Traffic Check memory Checks debugger buffers extracted unpack itself Collect installed applications Check virtual network interfaces installed browsers check Tofsee Stealer Windows Browser ComputerName DNS Cryptographic key Software crashed	2 Keyword trend analysis	3	5 Info SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) ET ATTACK_RESPONSE RedLine Stealer - CheckConnect Response ET MALWARE Redline Stealer Activity (Response) ET ATTACK_RESPONSE Win32/LeftHook Stealer Browser Extension Config Inbound SURICATA HTTP unable to match response to request	8.0	M	64	ZeroCERT

9944	2023-10-03 13:19	ioi0i0i0ioioioio0ii0i000ii0ioo... 74244e004f53b8def29d5f6352f9a849 MS_RTF_Obfuscation_Objects RTF File doc VirusTotal Malware exploit crash unpack itself Tofsee Exploit DNS crashed		3	1	3.2	M	25	ZeroCERT

9945	2023-10-03 13:17	audiodgs.exe 32c9208804cb6fe94d8f3d0d5f40a49a .NET framework(MSIL) PWS SMTP KeyLogger AntiDebug AntiVM PE File PE32 .NET EXE Browser Info Stealer Malware download FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware AgentTesla PDB suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself Check virtual network interfaces Browser Email ComputerName Software crashed		2	2	10.8	M	43	ZeroCERT