Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Score	Zero	VT	Player
1021	2024-08-16 17:49	adob024.msi acd50da7436621368061abc2ca6193fe Generic Malware Malicious Library MSOffice File CAB OS Processor Check VirusTotal Malware Buffer PE suspicious privilege Malicious Traffic Check memory Checks debugger buffers extracted unpack itself AntiVM_Disk VM Disk Size Check Tofsee ComputerName	15 Keyword trend analysis Info http://ocsp.digicert.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBTfIs%2BLjDtGwQ09XEB1Yeq%2BtX%2BBgQQU7NfjgtJxXWRM3y5nP%2Be6mK4cD08CEAitQLJg0pxMn17Nqb2Trtk%3D http://ocsp.digicert.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBSRXerF0eFeSWRripTgTkcJWMm7iQQUaDfg67Y7%2BF8Rhvv%2BYXsIiGX0TkICEAooSZl45YmN9AojjrilUug%3D http://ocsp.digicert.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBT3xL4LQLXDRDM9P665TW442vrsUQQUReuir%2FSSy4IxLVGLp6chnfNtyA8CEA6bGI750C3n79tQ4ghAGFo%3D http://cacerts.digicert.com/DigiCertTrustedG4CodeSigningRSA4096SHA3842021CA1.crt http://cacerts.digicert.com/DigiCertTrustedRootG4.crt https://ps.pndsn.com/v2/subscribe/sub-c-a02ceca8-a958-11e5-bd8c-0619f8945a4f/e00905d4-3856-4887-b595-3b102a6ce467/0?heartbeat=93&pnsdk=NET45CSharp6.13.0.0&requestid=12d00e9f-90ed-42bb-bf8d-a4cee20a83cf&tr=34&tt=17237979717852454&uuid=e00905d4-3856-4887-b595-3b102a6ce467 https://ps.pndsn.com/time/0?pnsdk=NET45CSharp6.13.0.0&requestid=c09e2018-679b-4892-8c17-f018f66a11f3&uuid=e00905d4-3856-4887-b595-3b102a6ce467 https://ps.pndsn.com/v2/presence/sub_key/sub-c-a02ceca8-a958-11e5-bd8c-0619f8945a4f/channel/e00905d4-3856-4887-b595-3b102a6ce467/heartbeat?heartbeat=93&pnsdk=NET45CSharp6.13.0.0&requestid=33bc53d7-b38d-4443-ad4c-fe2237b03869&uuid=e00905d4-3856-4887-b595-3b102a6ce467 https://ps.atera.com/agentpackagesnet45/AgentPackageAgentInformation/37.2/AgentPackageAgentInformation.zip?kHE0a4AHPD06sRT5dNr8CEGDDgxItT/NNHjAvqtYD5Vp1AfUa8Y22WAUqOM87JT+ https://ps.pndsn.com/time/0?pnsdk=NET45CSharp6.13.0.0&requestid=cd541e6a-2ba4-4a03-a00f-094ee2b67135&uuid=e00905d4-3856-4887-b595-3b102a6ce467 https://ps.pndsn.com/time/0?pnsdk=NET45CSharp6.13.0.0&requestid=37d5c33a-d873-4f9c-819f-519051737e0b&uuid=e00905d4-3856-4887-b595-3b102a6ce467 https://ps.pndsn.com/v2/subscribe/sub-c-a02ceca8-a958-11e5-bd8c-0619f8945a4f/e00905d4-3856-4887-b595-3b102a6ce467/0?heartbeat=93&pnsdk=NET45CSharp6.13.0.0&requestid=08d6e7fe-8c3c-4170-8f89-6cd210f9977f&tr=34&tt=17237979729901531&uuid=e00905d4-3856-4887-b595-3b102a6ce467 https://ps.pndsn.com/time/0?pnsdk=NET45CSharp6.13.0.0&requestid=00bd05cc-8d26-4ad1-94e7-04ee06e4e9a6&uuid=e00905d4-3856-4887-b595-3b102a6ce467 https://ps.pndsn.com/time/0?pnsdk=NET45CSharp6.13.0.0&requestid=af4be7e1-0f14-4a01-ac83-33610d59f4ff&uuid=e00905d4-3856-4887-b595-3b102a6ce467 https://ps.pndsn.com/v2/subscribe/sub-c-a02ceca8-a958-11e5-bd8c-0619f8945a4f/e00905d4-3856-4887-b595-3b102a6ce467/0?heartbeat=93&pnsdk=NET45CSharp6.13.0.0&requestid=b153a57e-499b-4ae8-b169-598fc179a7f6&tt=0&uuid=e00905d4-3856-4887-b595-3b102a6ce467	9	1	4.8	M	12	ZeroCERT

1022	2024-08-16 17:45	atualizarchavebb.exe 5f6ed924c5fc2a7134acad39c491e426 Generic Malware Malicious Library Malicious Packer UPX PE File PE64 OS Processor Check VirusTotal Malware PDB				0.6		2	ZeroCERT

1023	2024-08-16 17:43	451e981f-3416-484b-ba8a-6c3aae... 6d29f4896892c91765c447a1987a4dbf Malicious Library Malicious Packer Antivirus .NET framework(MSIL) UPX PE File .NET EXE PE32 OS Processor Check VirusTotal Malware Check memory Checks debugger unpack itself				1.8		39	ZeroCERT

1024	2024-08-16 15:18	unrootkit.dll 56561903fd1e9dedfe029dd8c9172e7c Generic Malware Malicious Library Malicious Packer UPX PE File .NET EXE PE32 OS Processor Check VirusTotal Malware PDB suspicious privilege Check memory Checks debugger unpack itself				2.6	M	62	ZeroCERT

1025	2024-08-16 15:16	feelfreethingstogetmebackwithe... c1a7bf262d7bad7fc46411c0996fc50c MS_RTF_Obfuscation_Objects RTF File doc VirusTotal Malware Malicious Traffic RWX flags setting exploit crash Tofsee Exploit DNS crashed	1 Keyword trend analysis	3	1	4.6	M	37	ZeroCERT

1026	2024-08-16 15:16	rootkit.dll d72fea64a05b3f7dce725352d7c1d032 Generic Malware Malicious Library Malicious Packer PE File .NET EXE PE32 VirusTotal Malware PDB suspicious privilege Check memory Checks debugger unpack itself				3.0	M	63	ZeroCERT

1027	2024-08-16 15:10	robotic.exe 6b1bbe4e391cdfd775780d8502ccbc41 RedLine stealer ILProtector Packer Malicious Library .NET framework(MSIL) UPX PE File .NET EXE PE32 OS Processor Check RedLine Malware download VirusTotal Malware Microsoft suspicious privilege MachineGuid Check memory Checks debugger buffers extracted unpack itself Stealer Windows ComputerName DNS Cryptographic key		1	3	4.0	M	49	ZeroCERT

1028	2024-08-15 16:39	CodeResources b3449813343cf03f6050a0a4d79c2ee6 Downloader Create Service Socket DGA Http API ScreenShot Escalate priviledges Steal credential PWS Hijack Network Sniff Audio HTTP DNS Code injection Internet API persistence FTP KeyLogger P2P AntiDebug AntiVM MSOffice File Code Injection RWX flags setting exploit crash unpack itself Windows utilities malicious URLs Tofsee Windows Exploit DNS crashed			2	4.8			guest

1029	2024-08-15 16:39	CodeResources b3449813343cf03f6050a0a4d79c2ee6 Downloader Create Service Socket DGA Http API ScreenShot Escalate priviledges Steal credential PWS Hijack Network Sniff Audio HTTP DNS Code injection Internet API persistence FTP KeyLogger P2P AntiDebug AntiVM MSOffice File Code Injection RWX flags setting exploit crash unpack itself Windows utilities malicious URLs Tofsee Windows Exploit DNS crashed			2	4.2			guest

1030	2024-08-15 16:38	CodeResources b3449813343cf03f6050a0a4d79c2ee6 AntiDebug AntiVM MSOffice File Code Injection RWX flags setting exploit crash unpack itself Windows utilities Windows Exploit DNS crashed				3.8			guest

1031	2024-08-15 16:37	CodeResources b3449813343cf03f6050a0a4d79c2ee6 AntiDebug AntiVM MSOffice File Code Injection RWX flags setting exploit crash unpack itself Windows utilities Windows Exploit DNS crashed				3.8			guest

1032	2024-08-15 16:36	CodeResources b3449813343cf03f6050a0a4d79c2ee6 Downloader Create Service Socket DGA Http API ScreenShot Escalate priviledges Steal credential PWS Hijack Network Sniff Audio HTTP DNS Code injection Internet API persistence FTP KeyLogger P2P AntiDebug AntiVM MSOffice File Code Injection RWX flags setting exploit crash unpack itself Windows utilities malicious URLs Tofsee Windows Exploit DNS crashed			2	4.8			guest

1033	2024-08-15 16:36	CodeResources b3449813343cf03f6050a0a4d79c2ee6 Downloader Create Service Socket DGA Http API ScreenShot Escalate priviledges Steal credential PWS Hijack Network Sniff Audio HTTP DNS Code injection Internet API persistence FTP KeyLogger P2P AntiDebug AntiVM MSOffice File Code Injection RWX flags setting exploit crash unpack itself Windows utilities malicious URLs Tofsee Windows Exploit DNS crashed			2	4.2			guest

1034	2024-08-15 16:35	CodeResources b3449813343cf03f6050a0a4d79c2ee6 AntiDebug AntiVM MSOffice File Code Injection RWX flags setting exploit crash unpack itself Windows utilities Windows Exploit DNS crashed				3.8			guest

1035	2024-08-15 15:39	verynicefruitswithbutterbunhei... d04da4190c7c6d6d6b8687e69ddb79f7 Generic Malware Antivirus Hide_URL PowerShell powershell suspicious privilege Check memory Checks debugger Creates shortcut unpack itself Check virtual network interfaces suspicious process WriteConsoleW Tofsee Windows ComputerName Cryptographic key	1 Keyword trend analysis	2	1	7.2	M		ZeroCERT