Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Score	Zero	VT	Player
10006	2023-07-26 07:54	CMSHCMSHCMSHCMSHCMSHCMSH%23%23... 0697564d77f5fbf7c18d046b70afecb1 MS_RTF_Obfuscation_Objects RTF File doc Vulnerability VirusTotal Malware Malicious Traffic buffers extracted exploit crash unpack itself Exploit DNS crashed	1 Keyword trend analysis	1	3	4.6		30	ZeroCERT

10007	2023-07-26 07:54	file.exe cae4ece4402014c0e2527c2a277c6e04 UPX Malicious Library OS Processor Check PE File PE32 VirusTotal Malware unpack itself				1.6	M	25	ZeroCERT

10008	2023-07-26 07:54	ChromeSetup.exe 22866422e864635234b55a5d84fae10c NSIS UPX Malicious Library PE File PE32 OS Processor Check DLL FormBook Malware download VirusTotal Malware suspicious privilege Malicious Traffic Check memory Creates executable files ICMP traffic unpack itself AppData folder	2 Keyword trend analysis	5	1	5.2	M	30	ZeroCERT

10009	2023-07-26 07:52	INIBINBINBINBINBINBINBINIBINIB... de51c804940b6cfd398361b2145f3d3e MS_RTF_Obfuscation_Objects RTF File doc VirusTotal Malware VBScript Malicious Traffic buffers extracted exploit crash unpack itself Tofsee Exploit DNS crashed	1 Keyword trend analysis	3	2	4.6	M	30	ZeroCERT

10010	2023-07-26 07:51	sw9u9z1xm9z43h.exe 9b90639e6d0fe5ca34c15011adc922b1 RedLine stealer RedLine Infostealer RedlineStealer UPX Malicious Library .NET framework(MSIL) Confuser .NET PWS AntiDebug AntiVM OS Processor Check PE File PE32 .NET EXE Browser Info Stealer RedLine Malware download FTP Client Info Stealer VirusTotal Malware Buffer PE PDB suspicious privilege Code Injection Check memory Checks debugger buffers extracted WMI Creates executable files unpack itself Collect installed applications AppData folder malicious URLs WriteConsoleW installed browsers check Stealer Windows Browser ComputerName DNS Cryptographic key Software crashed		2	3	14.4	M	43	ZeroCERT

10011	2023-07-26 07:49	bobbyzx.exe 4c393a4ddc1b9e6307bc172e071d88b7 UPX Malicious Library OS Processor Check PE File PE32 VirusTotal Malware unpack itself				1.6	M	29	ZeroCERT

10012	2023-07-26 07:47	wininit.exe 66a020cc3acbd4f1badbff616662ce02 UPX Malicious Library PE File PE32 DLL VirusTotal Malware Check memory Creates executable files unpack itself AppData folder				2.2		12	ZeroCERT

10013	2023-07-26 07:47	calc.exe ca3048f3c3dfc5345968cbfed67cf23d UPX Malicious Library OS Processor Check PE File PE32 VirusTotal Malware unpack itself				1.6		29	ZeroCERT

10014	2023-07-26 07:45	kkkk.exe 9139f048f1e79aa4b85629c03ecd1c77 RedLine Infostealer RedLine stealer UPX .NET framework(MSIL) Confuser .NET OS Processor Check .NET EXE PE File PE32 Browser Info Stealer RedLine Malware download FTP Client Info Stealer VirusTotal Malware suspicious privilege Check memory Checks debugger buffers extracted unpack itself Collect installed applications installed browsers check Stealer Windows Browser ComputerName DNS Cryptographic key Software crashed		1	3	6.2	M	47	ZeroCERT

10015	2023-07-26 07:45	franktraff.exe 3af762123fb3e732ba82d565b90da272 RedLine Infostealer RedLine stealer UPX .NET framework(MSIL) Confuser .NET OS Processor Check .NET EXE PE File PE32 Browser Info Stealer RedLine Malware download VirusTotal Malware suspicious privilege Check memory Checks debugger buffers extracted unpack itself Collect installed applications installed browsers check Stealer Windows Browser ComputerName DNS Cryptographic key crashed		1	1	5.4		39	ZeroCERT

10016	2023-07-25 19:46	build.exe e71ef2f3f2cd8205edd79c5befa2f36a Generic Malware UPX Malicious Library Malicious Packer OS Processor Check PE64 PE File VirusTotal Malware crashed				1.4	M	52	ZeroCERT

10017	2023-07-25 19:40	DOC7756184861Ͱ.exe 438c0cf9055cd5cec88f31deef18911e NSIS UPX Malicious Library PE File PE32				0.2			ZeroCERT

10018	2023-07-25 19:40	DOC7756184861Ͱ.exe 438c0cf9055cd5cec88f31deef18911e NSIS UPX Malicious Library PE File PE32				0.2			ZeroCERT

10019	2023-07-25 19:19	m4HBom6QaF.exe b4f60407cc688d2327c5bc8dd39c0b00 Malicious Library PE64 PE File VirusTotal Malware Check memory Checks debugger unpack itself				2.0	M	26	ZeroCERT

10020	2023-07-25 19:17	heaoyam78.exe 48761f8b0576e7bed627120ff51b4863 Generic Malware UPX Malicious Library Malicious Packer OS Processor Check PE File PE32 PE64 Browser Info Stealer RedLine Malware download FTP Client Info Stealer VirusTotal Malware suspicious privilege Malicious Traffic Check memory Checks debugger buffers extracted Creates executable files unpack itself Collect installed applications Check virtual network interfaces installed browsers check Stealer Windows Browser ComputerName DNS Cryptographic key Software crashed	1 Keyword trend analysis	2	8 Info ET MALWARE RedLine Stealer TCP CnC net.tcp Init ET MALWARE Redline Stealer TCP CnC Activity ET MALWARE Redline Stealer TCP CnC - Id1Response ET INFO Executable Download from dotted-quad Host ET INFO Packed Executable Download ET POLICY PE EXE or DLL Windows file download HTTP ET INFO Executable Retrieved With Minimal HTTP Headers - Potential Second Stage Download ET HUNTING SUSPICIOUS Dotted Quad Host MZ Response	9.6	M	25	ZeroCERT