Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Score	Zero	VT	Player
10291	2021-07-21 14:21	dmwa.jpg dc71ed81724056f7ee199d098356e155 Dbatloader Generic Malware Malicious Packer UPX Malicious Library DGA DNS Socket Create Service Sniff Audio Escalate priviledges KeyLogger Code injection HTTP Internet API FTP ScreenShot Http API Steal credential Downloader P2P AntiDebug AntiVM PE32 PE Fi Emotet VirusTotal Malware Buffer PE AutoRuns Code Injection buffers extracted Creates executable files RWX flags setting unpack itself Windows utilities suspicious process WriteConsoleW Tofsee Windows ComputerName	1 Keyword trend analysis Info https://76kepq.dm.files.1drv.com/y4mfYXFeTR_Ch4yMUxBhGGnwhDE7hgr_NuxbuYuPVCeHQHoWh9YKArGfacbCBDvkR9WkGyTZuAfTXvGsibWCLTCpi5ZBEJ2vWViiuzC4TRdZCCYa3RZSy_KCQvebj3xKHiDrqLp3jRaktZViQCukOnbaTxezR7YS3Q0sl7EEYxxInKAZMLwlPwzWEzwZwge7cDpF_cIkmU5Fn4epJr1NvBgJw/Ouioeespyllwrovblhytdqoivltnmwm?download&psid=1	4	1	10.0	M	21	r0d

10292	2021-07-21 14:58	SCSKAppLink_dll b3a8c88297daecdb9b0ac54a3c107797 Lazarus Family UPX Malicious Library PE32 OS Processor Check DLL PE File VirusTotal Malware Check memory Checks debugger unpack itself crashed				2.0		30	ZeroCERT

10293	2021-07-21 16:17	file12.bin.exe a3cdbeb1d41c114bee6784c02ca42cd6 PE32 PE File VirusTotal Malware PDB unpack itself Windows crashed				3.0	M	47	r0d

10294	2021-07-22 00:16	vitafoods.com Update.htm 20b9f99a81f6edbda4253942ad50ba17 Admin Tool (Sysinternals etc ...) AntiDebug AntiVM MSOffice File VirusTotal Malware Code Injection Creates executable files RWX flags setting exploit crash unpack itself Windows utilities Tofsee Windows Exploit DNS crashed	4 Keyword trend analysis	4	2	4.6		1	guest

10295	2021-07-22 03:54	Expiry Notification July 21 20... 7d8b845525ad8e4f8450065bb2a606f7 DGA Escalate priviledges KeyLogger HTTP Internet API ScreenShot Http API AntiDebug AntiVM MSOffice File PNG Format Email Client Info Stealer MachineGuid Checks debugger RWX flags setting unpack itself installed browsers check Windows Browser Email Cryptographic key		1		4.8			guest

10296	2021-07-22 03:54	Capture.PNG 83425938267eae3b1052b32ff82b03c8 DGA DNS Socket Create Service Sniff Audio Escalate priviledges KeyLogger Code injection HTTP Hijack Network Internet API FTP ScreenShot Http API Steal credential Downloader P2P persistence AntiDebug AntiVM PNG Format MSOffice File Code Injection RWX flags setting exploit crash unpack itself Windows utilities malicious URLs Tofsee Windows Exploit DNS crashed			2	4.2			guest

10297	2021-07-22 03:55	vitafoods.com Update.htm 20b9f99a81f6edbda4253942ad50ba17 BitCoin Admin Tool (Sysinternals etc ...) DGA DNS Socket Create Service Sniff Audio Escalate priviledges KeyLogger Code injection HTTP Hijack Network Internet API FTP ScreenShot Http API Steal credential Downloader P2P persistence AntiDebug AntiVM MSOffic Code Injection Creates executable files RWX flags setting exploit crash unpack itself Windows utilities malicious URLs Tofsee Windows Exploit DNS crashed	4 Keyword trend analysis	4	2	5.2		1	guest

10298	2021-07-22 04:01	Expiry Notification July 21 20... 7d8b845525ad8e4f8450065bb2a606f7 DGA Escalate priviledges KeyLogger HTTP Internet API ScreenShot Http API AntiDebug AntiVM MSOffice File Email Client Info Stealer MachineGuid Checks debugger RWX flags setting unpack itself installed browsers check Windows Browser Email Cryptographic key		1		4.8			guest

10299	2021-07-22 04:01	Capture.PNG 83425938267eae3b1052b32ff82b03c8 DGA DNS Socket Create Service Sniff Audio Escalate priviledges KeyLogger Code injection HTTP Hijack Network Internet API FTP ScreenShot Http API Steal credential Downloader P2P persistence AntiDebug AntiVM PNG Format MSOffice File Code Injection RWX flags setting exploit crash unpack itself Windows utilities malicious URLs Tofsee Windows Exploit DNS crashed			2	4.2			guest

10300	2021-07-22 04:01	vitafoods.com Update.htm 20b9f99a81f6edbda4253942ad50ba17 BitCoin Admin Tool (Sysinternals etc ...) DGA DNS Socket Create Service Sniff Audio Escalate priviledges KeyLogger Code injection HTTP Hijack Network Internet API FTP ScreenShot Http API Steal credential Downloader P2P persistence AntiDebug AntiVM MSOffic Code Injection Creates executable files RWX flags setting exploit crash unpack itself Windows utilities malicious URLs Tofsee Windows Exploit DNS crashed	5 Keyword trend analysis Info https://code.jquery.com/jquery-1.12.4.min.js https://use.fontawesome.com/releases/v5.7.0/webfonts/fa-solid-900.eot https://use.fontawesome.com/releases/v5.7.0/webfonts/fa-regular-400.eot https://use.fontawesome.com/releases/v5.7.0/css/all.css https://sjwo.be/wp-includes/Requests/Auth/1/hot/1/g/contact.php	4	2	5.2		1	guest

10301	2021-07-22 04:02	vitafoods.com Update.htm 20b9f99a81f6edbda4253942ad50ba17 Admin Tool (Sysinternals etc ...) AntiDebug AntiVM MSOffice File VirusTotal Malware Code Injection Creates executable files RWX flags setting exploit crash unpack itself Windows utilities Tofsee Windows Exploit DNS crashed	5 Keyword trend analysis Info https://code.jquery.com/jquery-1.12.4.min.js https://use.fontawesome.com/releases/v5.7.0/webfonts/fa-solid-900.eot https://use.fontawesome.com/releases/v5.7.0/webfonts/fa-regular-400.eot https://use.fontawesome.com/releases/v5.7.0/css/all.css https://sjwo.be/wp-includes/Requests/Auth/1/hot/1/g/contact.php	4	1	4.6		1	guest

10302	2021-07-22 04:25	http://www.minutoverde.cl 840006cb22684bf9760add2877ce940d DGA DNS Socket Sniff Audio KeyLogger HTTP Internet API ScreenShot Http API Downloader persistence Create Service Escalate priviledges Code injection Hijack Network FTP Steal credential P2P AntiDebug AntiVM PNG Format JPEG Format MSOffice File Code Injection Creates executable files RWX flags setting exploit crash unpack itself Windows utilities malicious URLs Tofsee Windows Exploit DNS crashed	32 Keyword trend analysis Info http://www.minutoverde.cl/wp-content/themes/minutoverde2016/images/compra-online.png http://www.google-analytics.com/analytics.js http://www.minutoverde.cl/wp-content/themes/minutoverde2016/js/jquery.easing.1.3.js http://www.minutoverde.cl/wp-includes/js/wp-emoji-release.min.js?ver=5.5.5 http://www.minutoverde.cl/ http://www.minutoverde.cl/wp-content/themes/minutoverde2016/js/vendor/jquery-1.11.2.min.js http://www.minutoverde.cl/wp-content/themes/minutoverde2016/img/af.png http://www.minutoverde.cl/wp-content/themes/minutoverde2016/css/main.css?v=45789 http://www.minutoverde.cl/?wordfence_lh=1&hid=CC3BB0162C8EB8A0676E1E63E7E5C181&r=0.10756288113803386 http://www.minutoverde.cl/wp-content/themes/minutoverde2016/js/isotope.pkgd.min.js http://www.minutoverde.cl/wp-content/themes/minutoverde2016/js/main.js?v=77341 http://www.minutoverde.cl/wp-content/themes/minutoverde2016/img/pagoonline.png http://www.minutoverde.cl/wp-content/themes/minutoverde2016/js/jpreloader.min.js http://www.minutoverde.cl/wp-content/themes/minutoverde2016/favicon.ico http://www.minutoverde.cl/wp-content/themes/minutoverde2016/js/animatescroll.min.js http://www.minutoverde.cl/wp-content/themes/minutoverde2016/img/logo-minutoverde.png http://www.minutoverde.cl/wp-content/themes/minutoverde2016/img/100-natural.png http://www.minutoverde.cl/wp-content/themes/minutoverde2016/img/fono-consulta.png http://www.minutoverde.cl/wp-content/themes/minutoverde2016/images/buscador-recetas.png http://www.minutoverde.cl/wp-includes/css/dist/block-library/style.min.css?ver=5.5.5 http://www.minutoverde.cl/wp-content/themes/minutoverde2016/images/bx_loader.gif http://www.minutoverde.cl/wp-content/themes/minutoverde2016/js/jquery.bxslider.min.js http://www.minutoverde.cl/wp-content/themes/minutoverde2016/fancybox/jquery.fancybox.pack.js http://www.minutoverde.cl/wp-content/themes/minutoverde2016/js/jquery.color.js https://cdn-global-mr.s3-sa-east-1.amazonaws.com/minutoverde/uploads/2016/03/home-seguridad.jpg https://cdn-global-mr.s3-sa-east-1.amazonaws.com/minutoverde/uploads/2016/06/productos-home.png https://cdn-global-mr.s3-sa-east-1.amazonaws.com/minutoverde/uploads/2016/03/home-quienes-somos.jpg https://cdn-global-mr.s3-sa-east-1.amazonaws.com/minutoverde/uploads/2016/03/home-contacto2.jpg https://cdn-global-mr.s3-sa-east-1.amazonaws.com/minutoverde/uploads/2019/06/mverdeg.png https://cdn-global-mr.s3-sa-east-1.amazonaws.com/minutoverde/uploads/2018/04/IMAGEN-DESTACADA-HOME_-1152x609-6.jpg https://cdn-global-mr.s3-sa-east-1.amazonaws.com/minutoverde/uploads/2017/12/IMAGEN-DESTACADA-HOME_-1152x609-3.jpg https://cdn-global-mr.s3-sa-east-1.amazonaws.com/minutoverde/uploads/2016/03/home-exportaciones.jpg	6	2	4.6			guest

10303	2021-07-22 04:42	http://www.enjoy.cl b1ec6d63aa3afbbeb1c9a17ab586b855 Generic Malware DGA DNS Socket Create Service Sniff Audio Escalate priviledges KeyLogger Code injection HTTP Hijack Network Internet API FTP ScreenShot Http API Steal credential Downloader P2P persistence AntiDebug AntiVM MSOffice File Code Injection Creates executable files ICMP traffic exploit crash unpack itself Windows utilities malicious URLs Tofsee Windows Exploit DNS crashed	11 Keyword trend analysis Info http://www.enjoy.cl/ https://www.enjoy.cl/favicon.ico https://www.enjoy.cl/scripts.2e07a73c48ebf6087b7b.js https://www.googletagmanager.com/gtag/js?id=UA-154862677-1 https://www.enjoy.cl/runtime.8d1fe426701d3882e027.js https://www.enjoy.cl/styles.5e6a0d6057f87ea05867.css https://www.enjoy.cl/ https://www.enjoy.cl/es2015-polyfills.d1231a5a877671dfc79b.js https://www.google-analytics.com/analytics.js https://www.enjoy.cl/polyfills.ca0ff4fb5fa4b0cc2c5d.js https://www.enjoy.cl/main.02731a02abe14e963b9b.js	6	2	5.6			guest

10304	2021-07-22 08:39	stin.exe 31e8c459191e48965eba2e6e50f9f70c Antivirus Malicious Library PE32 OS Processor Check PE File VirusTotal Malware sandbox evasion Browser		2		3.6		57	ZeroCERT

10305	2021-07-22 08:39	skin.exe 0dd3173feb2aad3ff8ea4ec119a88640 AntiDebug AntiVM PE32 PE File Malware download VirusTotal Malware AutoRuns Code Injection Malicious Traffic Windows utilities suspicious process AppData folder AntiVM_Disk WriteConsoleW VM Disk Size Check Windows Botnet	2 Keyword trend analysis	2	1	9.8		59	ZeroCERT