Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Score	Zero	VT	Player
10096	2023-07-22 21:43	elevator.exe 5f6c86ec159f2b0d99f88bc3c3c6a641 UPX Malicious Library OS Processor Check PE64 PE File VirusTotal Malware WriteConsoleW				1.0	M	19	ZeroCERT

10097	2023-07-21 20:59	nn.jpg.ps1 d62ac51b09e36647f7355e5aa2b7f18c Hide_EXE Generic Malware Antivirus VirusTotal Malware powershell Check memory Creates executable files unpack itself Windows utilities powershell.exe wrote suspicious process WriteConsoleW Windows ComputerName Cryptographic key				4.0	M	7	ZeroCERT

10098	2023-07-21 20:55	agodzx.doc 6030cd58a055f41ca34a74afb4581598 MS_RTF_Obfuscation_Objects RTF File doc Malware download VirusTotal Malware Malicious Traffic exploit crash unpack itself Tofsee Windows Exploit DNS crashed	1 Keyword trend analysis	3	7 Info ET INFO Executable Download from dotted-quad Host SURICATA Applayer Detect protocol only one direction ET MALWARE Likely Evil EXE download from dotted Quad by MSXMLHTTP M1 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) ET POLICY PE EXE or DLL Windows file download HTTP ET MALWARE Likely Evil EXE download from dotted Quad by MSXMLHTTP M2 ET HUNTING SUSPICIOUS Dotted Quad Host MZ Response	4.6	M	35	ZeroCERT

10099	2023-07-21 20:53	Typeouts.exe 690674952ef72ecff19d7ba07b08c9b6 Gen1 NSIS Generic Malware UPX Malicious Library Malicious Packer PE File PE32 OS Processor Check DLL PE64 VirusTotal Malware AppData folder				1.8	M	40	ZeroCERT

10100	2023-07-21 20:51	ChromeSetup.exe 492d80094e553a4d75e2922a847f1314 UPX Malicious Library PE File PE32 DLL VirusTotal Malware Check memory Creates shortcut Creates executable files unpack itself AppData folder				4.0	M	42	ZeroCERT

10101	2023-07-21 20:51	ChromeSetup.exe dede170df1b43a3d2e0095af1e16f7d5 UPX Malicious Library PE File PE32 DLL VirusTotal Malware Check memory Creates shortcut Creates executable files unpack itself AppData folder				4.8	M	38	ZeroCERT

10102	2023-07-21 20:51	agodzx.exe 1b0e8808dad9fee0781b032e320944e4 SMTP KeyLogger AntiDebug AntiVM .NET EXE PE File PE32 Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware PDB suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself Check virtual network interfaces Tofsee Windows Browser Email ComputerName DNS Cryptographic key Software crashed		3	2	11.2	M	22	ZeroCERT

10103	2023-07-21 20:49	nigazxbb.vbs 00fc0681c42b83fd24dea79fe6c04cf1 Generic Malware Antivirus PowerShell VirusTotal Malware suspicious privilege Check memory Checks debugger Creates shortcut unpack itself suspicious process WriteConsoleW Windows ComputerName Cryptographic key				5.4	M	16	ZeroCERT

10104	2023-07-21 20:46	s.exe c9741d5bdc3286eff5ad5f9d86f83613 AsyncRAT UPX .NET framework(MSIL) Malicious Packer OS Processor Check .NET EXE PE File PE32		2					ZeroCERT

10105	2023-07-21 20:46	secagodzx.exe ad438aca83c354060f3684d8801582ed .NET EXE PE File PE32 VirusTotal Malware PDB suspicious privilege Code Injection Check memory Checks debugger unpack itself				5.0		19	ZeroCERT

10106	2023-07-21 20:44	secagodzx.doc 47921ac5925698e152ca4c2563713a91 MS_RTF_Obfuscation_Objects RTF File doc Malware download VirusTotal Malware AgentTesla Malicious Traffic exploit crash unpack itself Windows Exploit DNS crashed	1 Keyword trend analysis	3	7 Info ET INFO Executable Download from dotted-quad Host ET MALWARE Likely Evil EXE download from dotted Quad by MSXMLHTTP M1 ET POLICY PE EXE or DLL Windows file download HTTP ET MALWARE Likely Evil EXE download from dotted Quad by MSXMLHTTP M2 ET HUNTING SUSPICIOUS Dotted Quad Host MZ Response SURICATA Applayer Detect protocol only one direction ET MALWARE AgentTesla Exfil Via SMTP	5.2	M	34	ZeroCERT

10107	2023-07-21 20:44	kellyzx.exe 2a62617f0980edd4a35ad538e3f30eb6 LokiBot Socket PWS DNS AntiDebug AntiVM .NET EXE PE File PE32 Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware PDB suspicious privilege MachineGuid Code Injection Check memory Checks debugger buffers extracted unpack itself malicious URLs AntiVM_Disk VM Disk Size Check installed browsers check Browser Email ComputerName DNS Software		1		14.6	M	47	ZeroCERT

10108	2023-07-21 18:41	0.dotm 583489e24bfba0289d80fb987724d581 VBA_macro AntiDebug AntiVM ZIP Format Word 2007 file format(docx) MSOffice File VirusTotal Malware Code Injection unpack itself Tofsee	1 Keyword trend analysis	2	1	5.6		41	ZeroCERT

10109	2023-07-21 18:41	cmshcmchsmchsmcshcmcshmcshcmsc... 29866001ff4de9dee0ca9c3d4d3eafff MS_RTF_Obfuscation_Objects RTF File doc Vulnerability VirusTotal Malware Malicious Traffic buffers extracted RWX flags setting exploit crash Exploit DNS crashed	1 Keyword trend analysis	1	3	4.4		27	ZeroCERT

10110	2023-07-21 13:31	file.pdf.exe 63faba3aff1b5d9cc631bb722bf6c00e UPX .NET framework(MSIL) OS Processor Check .NET EXE PE File PE32 VirusTotal Malware PDB Check memory Checks debugger unpack itself Windows Cryptographic key				2.8		40	r0d