Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Score	Zero	VT	Player
10186	2024-04-25 10:25	pros.scr 097b18a8698466754be20ba312481236 AgentTesla Malicious Library PWS SMTP KeyLogger AntiDebug AntiVM PE File .NET EXE PE32 Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware Buffer PE suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself Browser Email ComputerName Software crashed				10.0	M	32	ZeroCERT

10187	2024-04-25 10:23	ireallywanthoimportantthisgirl... 956ae61939b3dc9f9bbaed850423740b MS_RTF_Obfuscation_Objects RTF File doc Malware download VirusTotal Malware Malicious Traffic exploit crash unpack itself Tofsee Windows Exploit DNS crashed	1 Keyword trend analysis	3	7 Info ET DROP Spamhaus DROP Listed Traffic Inbound group 17 ET INFO Executable Download from dotted-quad Host ET MALWARE Likely Evil EXE download from dotted Quad by MSXMLHTTP M1 ET POLICY PE EXE or DLL Windows file download HTTP ET MALWARE Likely Evil EXE download from dotted Quad by MSXMLHTTP M2 ET HUNTING SUSPICIOUS Dotted Quad Host MZ Response SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	4.6	M	37	ZeroCERT

10188	2024-04-25 10:22	HJC.exe da7c2473b5c455f25f420827af596286 Malicious Library UPX PE File DllRegisterServer dll PE32 MZP Format VirusTotal Malware RWX flags setting unpack itself Tofsee Interception crashed		2	1	4.2		52	ZeroCERT

10189	2024-04-24 13:21	ireallywanthowimportantthisgir... b4b0c10dc8fb59ed963fe34b31f6da3e MS_RTF_Obfuscation_Objects RTF File doc Malware download VirusTotal Malware Malicious Traffic exploit crash unpack itself Tofsee Windows Exploit DNS crashed	1 Keyword trend analysis	3	7 Info ET DROP Spamhaus DROP Listed Traffic Inbound group 17 ET INFO Executable Download from dotted-quad Host ET MALWARE Likely Evil EXE download from dotted Quad by MSXMLHTTP M1 ET POLICY PE EXE or DLL Windows file download HTTP ET MALWARE Likely Evil EXE download from dotted Quad by MSXMLHTTP M2 ET HUNTING SUSPICIOUS Dotted Quad Host MZ Response SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	4.6		33	ZeroCERT

10190	2024-04-24 09:24	45692.exe 5f0bd8c5cc15d405a006bd023b8d3a6c Malicious Library UPX PE File .NET EXE PE32 VirusTotal Malware Check memory Checks debugger unpack itself				1.6	M	28	ZeroCERT

10191	2024-04-24 09:23	BNPParibasRemittanceAdvice.exe 94f2ae1b5174532d81d5ea169b7f7726 AgentTesla Generic Malware Malicious Library Antivirus PWS SMTP KeyLogger AntiDebug AntiVM PE File .NET EXE PE32 Browser Info Stealer VirusTotal Email Client Info Stealer Malware suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted WMI Creates shortcut unpack itself Check virtual network interfaces suspicious process WriteConsoleW IP Check Tofsee Windows Browser Email ComputerName DNS Cryptographic key crashed keylogger	2 Keyword trend analysis	4	4	16.2	M	35	ZeroCERT

10192	2024-04-24 09:20	45690.exe 7c7a60a2b1ba76a894db318993c69bfe Malicious Library UPX PE File .NET EXE PE32 VirusTotal Malware Check memory Checks debugger unpack itself				1.8		30	ZeroCERT

10193	2024-04-24 09:18	45697.exe 91bc63bbaeb58a07374126002e6fef62 Malicious Library UPX PE File .NET EXE PE32 VirusTotal Malware MachineGuid Check memory Checks debugger unpack itself				1.8	M	26	ZeroCERT

10194	2024-04-24 09:18	degrado-lavacrypt-dfgs.exe 7d5053287343d71bf9e3b913d4e4e551 PE64 PE File VirusTotal Malware Buffer PE PDB suspicious privilege Check memory Checks debugger buffers extracted unpack itself				3.2	M	28	ZeroCERT

10195	2024-04-24 09:16	steamworks.exe 91ab4023c2870d3adbc35385a9ea882a Generic Malware EnigmaProtector PE File PE32 VirusTotal Malware unpack itself suspicious TLD sandbox evasion ComputerName RCE DNS crashed		1	1	3.6		23	ZeroCERT

10196	2024-04-24 09:16	softcore-shd-lavacrypt.exe f1de359b4cb3e98d01e03f7f4aff75d7 PE64 PE File VirusTotal Malware Buffer PE PDB suspicious privilege Check memory Checks debugger buffers extracted unpack itself				3.2		28	ZeroCERT

10197	2024-04-24 09:14	noncryptedmainstub.exe 9eab8c5d7b1f4659a787cc77d571f03b PE64 PE File VirusTotal Malware MachineGuid Check memory Checks debugger unpack itself Windows ComputerName Cryptographic key crashed				3.2		47	ZeroCERT

10198	2024-04-24 09:14	krummy-lavacrypt-gfhd.exe af1082c667a09a0f1f6adb041ca37d34 UPX PE64 PE File OS Processor Check VirusTotal Malware Buffer PE PDB suspicious privilege Check memory Checks debugger buffers extracted unpack itself				3.2	M	28	ZeroCERT

10199	2024-04-24 09:12	qausarneedscrypted.exe 4d8cb64db6b9ae4663bb23229a6e9d16 Malicious Library .NET framework(MSIL) UPX PE File .NET EXE PE32 OS Processor Check VirusTotal Malware Check memory Checks debugger unpack itself				2.0		52	ZeroCERT

10200	2024-04-24 09:11	hajde-lavacrypt-dfgs.exe f561ee026ad652bed5d2dbca19b0f6da UPX PE64 PE File OS Processor Check VirusTotal Malware Buffer PE PDB suspicious privilege Check memory Checks debugger buffers extracted unpack itself				3.4	M	35	ZeroCERT