Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Score	Zero	VT	Player
10186	2023-07-19 07:25	summ.exe 221b4dce039b2a7feaa20a87cffc4dc0 AgentTesla Generic Malware .NET framework(MSIL) Antivirus KeyLogger AntiDebug AntiVM .NET EXE PE File PE32 Browser Info Stealer Email Client Info Stealer PDB suspicious privilege Code Injection Check memory Checks debugger buffers extracted Creates shortcut unpack itself Windows utilities Check virtual network interfaces suspicious process WriteConsoleW IP Check Tofsee Windows Browser Email ComputerName Cryptographic key crashed		2	2	10.8			ZeroCERT

10187	2023-07-19 07:25	g.exe fcb781be932607dada8058c92633997c Malicious Library PE File PE32 PDB Remote Code Execution				1.2			ZeroCERT

10188	2023-07-19 07:23	msvs.exe e1cd1c30f4761a2bf4c878ef0a723435 Emotet UPX MPRESS PE64 PE File Remote Code Execution crashed				1.4			ZeroCERT

10189	2023-07-19 07:22	ggg.exe ea83b0db7b3030a818b412479afe2bc2 Admin Tool (Sysinternals etc ...) .NET EXE PE File PE32 PDB Check memory Checks debugger unpack itself Windows DNS Cryptographic key crashed		1		4.0			ZeroCERT

10190	2023-07-19 07:22	msmnr.exe c74b706ecaa058e6e71e7b4b64dff9df Themida Packer Generic Malware UPX Admin Tool (Sysinternals etc ...) PE64 PE File unpack itself Windows crashed				1.8			ZeroCERT

10191	2023-07-19 07:21	theoryabilitypro.exe 5b4e9c25ebf1d7e5a91e85be8c2e4594 Gen1 Emotet UPX Malicious Library CAB PE64 PE File .NET EXE PE32 OS Processor Check AutoRuns PDB Check memory Checks debugger Creates executable files unpack itself Check virtual network interfaces AppData folder Tofsee Windows Remote Code Execution Cryptographic key		2	2	4.8	M		ZeroCERT

10192	2023-07-19 07:19	rockol.exe df7a39c6a0b49b73bb6acd435f073166 RedLine Infostealer RedLine stealer UPX .NET framework(MSIL) Confuser .NET OS Processor Check .NET EXE PE File PE32 Check memory Checks debugger unpack itself ComputerName				1.0	M		ZeroCERT

10193	2023-07-18 23:45	map_cache[1].db-wal 9382b18504baaa68f43fa352553a16d9 AntiDebug AntiVM Email Client Info Stealer suspicious privilege Checks debugger Creates shortcut unpack itself installed browsers check Browser Email ComputerName				3.4			guest

10194	2023-07-18 21:42	wininit.exe 210b741e2da121370c2521e56fd1a1c6 NSIS UPX Malicious Library PE File PE32 PNG Format DLL VirusTotal Malware Check memory Creates shortcut Creates executable files unpack itself AppData folder Windows crashed				3.2	M	6	guest

10195	2023-07-18 21:14	IBMCIBMCIBMCIBMCIBMCIBMCIBMCIB... 25068e7e1aa46963af6dad59f42592bb MS_RTF_Obfuscation_Objects RTF File doc Malware download VirusTotal Malware Malicious Traffic buffers extracted RWX flags setting exploit crash Tofsee Windows Exploit DNS crashed	1 Keyword trend analysis	3	7 Info ET INFO Executable Download from dotted-quad Host ET MALWARE Likely Evil EXE download from dotted Quad by MSXMLHTTP M1 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) ET INFO TLS Handshake Failure ET POLICY PE EXE or DLL Windows file download HTTP ET MALWARE Likely Evil EXE download from dotted Quad by MSXMLHTTP M2 ET HUNTING SUSPICIOUS Dotted Quad Host MZ Response	4.6		30	ZeroCERT

10196	2023-07-18 21:10	wininit.exe 210b741e2da121370c2521e56fd1a1c6 NSIS UPX Malicious Library PE File PE32 PNG Format DLL VirusTotal Malware Check memory Creates shortcut Creates executable files unpack itself AppData folder Windows crashed				3.2		6	ZeroCERT

10197	2023-07-18 21:09	InvictaStealer.exe bb3ca7c1c010c41508edcf5b15ef0995 UPX Malicious Library OS Processor Check PE64 PE File VirusTotal Malware anti-virtualization				2.2		39	ZeroCERT

10198	2023-07-18 21:01	William_blake_Tax_2022.pdf dafe828e83a9797c5645d988034ae070 PDF VirusTotal Malware				0.4		1	ZeroCERT

10199	2023-07-18 18:42	win32.exe 6a3154595de5779cf6f0facb0c8c3cec NSIS UPX Malicious Library PE File PE32 DLL VirusTotal Email Client Info Stealer Malware AutoRuns Check memory Creates executable files RWX flags setting unpack itself AppData folder Windows Email ComputerName crashed	1 Keyword trend analysis	4	2	7.0		43	ZeroCERT

10200	2023-07-18 18:41	Project15.exe 2f8a3dfa7e89ffc2fd4166dc2db5bbe7 UPX Downloader Malicious Library OS Processor Check PE64 PE File VirusTotal Open Directory Malware MachineGuid Malicious Traffic Creates executable files Windows Exploit DNS	1 Keyword trend analysis	2	6 Info ET INFO Executable Download from dotted-quad Host ET HUNTING Rejetto HTTP File Sever Response ET POLICY PE EXE or DLL Windows file download HTTP ET EXPLOIT_KIT DRIVEBY Likely Evil EXE with no referer from HFS webserver (used by Unknown EK) ET HUNTING SUSPICIOUS Dotted Quad Host MZ Response ET INFO EXE - Served Attached HTTP	3.4		28	ZeroCERT