Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Score	Zero	VT	Player
10066	2023-09-27 13:22	documentblur.exe 5fac40a82226f46504aef22f79233ad7 XWorm WebCam KeyLogger AntiDebug AntiVM PE File PE32 .NET EXE VirusTotal Malware AutoRuns suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself Windows utilities suspicious process AntiVM_Disk VM Disk Size Check Windows ComputerName Cryptographic key keylogger				11.4	M	50	r0d

10067	2023-09-27 10:55	9Z.pdf.lnk 3d2651a982fff4f68e6cef1f94ce5ee4 Generic Malware UPX AntiDebug AntiVM GIF Format Lnk Format PE File DLL PE64 OS Processor Check IcedID Malware download Malware Code Injection Malicious Traffic Checks debugger buffers extracted Creates shortcut suspicious process WriteConsoleW Windows DNS	2 Keyword trend analysis	3	5	4.0			ZeroCERT

10068	2023-09-27 10:54	KMWC.pdf.lnk 878ac1ae23f72d11af4239c8d86f3f65 Generic Malware UPX AntiDebug AntiVM GIF Format Lnk Format PE File DLL PE64 OS Processor Check IcedID Malware download Malware Code Injection Malicious Traffic Checks debugger buffers extracted Creates shortcut unpack itself suspicious process WriteConsoleW Windows DNS	2 Keyword trend analysis	3	5	4.4			ZeroCERT

10069	2023-09-27 10:54	ST3.pdf.lnk f2dee7265c1d540d0701faa3e1797902 Generic Malware AntiDebug AntiVM GIF Format Lnk Format Code Injection Creates shortcut ICMP traffic Windows utilities suspicious process WriteConsoleW Windows DNS	1 Keyword trend analysis	1		4.8			ZeroCERT

10070	2023-09-27 10:41	tienphouk.pdf.lnk a71d17ba96e1ee0d9f024535858e7b3d Generic Malware Antivirus AntiDebug AntiVM GIF Format Lnk Format VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger Creates shortcut unpack itself suspicious process WriteConsoleW Windows ComputerName Cryptographic key	1 Keyword trend analysis			4.2		18	ZeroCERT

10071	2023-09-27 10:41	Payload.lnk 43efb83e1d56e903d06ed74df2a5f859 Generic Malware AntiDebug AntiVM GIF Format Lnk Format VirusTotal Malware Code Injection Creates shortcut suspicious process WriteConsoleW Windows	1 Keyword trend analysis	2		5.2		30	ZeroCERT

10072	2023-09-27 10:41	ntp.doc.lnk 10a485b8c65306f6e992e68ab96bd6b6 Generic Malware AntiDebug AntiVM GIF Format Lnk Format VirusTotal Malware Code Injection Creates shortcut suspicious process WriteConsoleW Windows	1 Keyword trend analysis	2		5.0		23	ZeroCERT

10073	2023-09-27 10:07	3ntp.docx.lnk 10f3245bc055a7e6eec1bedd7d12e711 Generic Malware task schedule Downloader Create Service Socket P2P DGA Steal credential Http API Escalate priviledges PWS Sniff Audio HTTP DNS ScreenShot Code injection Internet API FTP KeyLogger AntiDebug AntiVM GIF Format Lnk Format VirusTotal Malware Code Injection Malicious Traffic Check memory Checks debugger Creates shortcut unpack itself suspicious process WriteConsoleW Windows DNS	1 Keyword trend analysis	1	4	6.2	M	29	ZeroCERT

10074	2023-09-27 10:06	INVOICE.lnk 1066f5ad77cc1f7aadcb6685567b806c Generic Malware Antivirus AntiDebug AntiVM GIF Format Lnk Format powershell suspicious privilege Code Injection Check memory Checks debugger Creates shortcut unpack itself suspicious process WriteConsoleW Windows ComputerName Cryptographic key	1 Keyword trend analysis			4.2			ZeroCERT

10075	2023-09-27 10:04	new.ps1 1e4270b46727180cc7533843a128d7d9 Generic Malware Antivirus unpack itself WriteConsoleW Windows Cryptographic key	1 Keyword trend analysis			0.8			ZeroCERT

10076	2023-09-27 10:04	bazila.hta 085f5a95ff83ee0a711882dfbd5b0d1b Emotet Gen1 Generic Malware Antivirus Malicious Library UPX AntiDebug AntiVM PowerShell MSOffice File PE File PE32 DllRegisterServer dll OS Processor Check Malware powershell suspicious privilege MachineGuid Code Injection Malicious Traffic Check memory Checks debugger buffers extracted heapspray Creates shortcut Creates executable files exploit crash unpack itself Windows utilities powershell.exe wrote Check virtual network interfaces suspicious process AppData folder Tofsee Windows Exploit ComputerName DNS Cryptographic key crashed	1 Keyword trend analysis	4	4	14.0			ZeroCERT

10077	2023-09-27 10:01	d98ecac34d79d3cf31e2fa504b327f... d98ecac34d79d3cf31e2fa504b327ff3 Malicious Library UPX Antivirus .NET framework(MSIL) Malicious Packer PE File PE32 .NET EXE OS Processor Check AsyncRAT VirusTotal Malware Check memory Checks debugger unpack itself				2.0		48	ZeroCERT

10078	2023-09-27 09:59	84c28541e9f2bdd1d7b5d3858c3199... 84c28541e9f2bdd1d7b5d3858c319972 njRAT backdoor PE File PE32 .NET EXE VirusTotal Malware WriteConsoleW DNS DDNS		2	2	2.8		62	ZeroCERT

10079	2023-09-27 09:59	usertp.exe 638a7f41333819c3b0aa03e6f6aca90c Malicious Library UPX Antivirus .NET framework(MSIL) Malicious Packer PE File PE32 .NET EXE OS Processor Check AsyncRAT VirusTotal Malware Check memory Checks debugger unpack itself				2.0		55	ZeroCERT

10080	2023-09-27 09:58	ntpvip.exe f93c6cb12717866ccd7de457c0d2dbce Malicious Library UPX Antivirus .NET framework(MSIL) Malicious Packer PE File PE32 .NET EXE OS Processor Check AsyncRAT VirusTotal Malware Check memory Checks debugger unpack itself				2.4		58	ZeroCERT