popup

Submissions

No Date Request Urls Hosts IDS Rule Score Zero VT Player Etc
10381 2021-07-22 15:17 a.exe  

cf53febec7e1376c2e42b3857ab25424


Generic Malware PE32 PE File Browser Info Stealer VirusTotal Malware PDB Check memory unpack itself Browser Remote Code Execution 		2.6 M 46 r0d

10382 2021-07-22 16:04 【至急】東京オリンピック開催に伴うサイバー攻撃等発生に関する...  

8edf0aa789d976df0c80fd8d62734ded


Generic Malware Malicious Library PE32 PE File VirusTotal Malware 		2.4 39 r0d

10383 2021-07-22 16:21 file.exe  

7671047a15b52a9c82fab0b123d38504


RedLine Stealer Generic Malware UPX Malicious Library PE32 PE File VirusTotal Malware PDB unpack itself 		2.4 M 30 r0d

10384 2021-07-22 17:49 peso.exe  

53129cf39b6b180a20bef666da18f6ca


PWS .NET framework RAT Generic Malware SMTP KeyLogger AntiDebug AntiVM PE32 .NET EXE PE File suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself Windows utilities suspicious process WriteConsoleW Windows ComputerName Cryptographic key crashed 		9.6 M ZeroCERT

10385 2021-07-22 17:51 Invoice_057595.xls  

c6f2239754469a59c8f97e30df2e0950


Dridex VBA_macro Malicious Library MSOffice File PE32 DLL PE File VirusTotal Malware Check memory buffers extracted Creates executable files unpack itself suspicious process Windows 		2 1 3.2 M 21 ZeroCERT

10386 2021-07-22 17:51 vision.iosapp  

06285860cd0beb177a7fb794bf8c1eb6


Malicious Packer UPX Malicious Library PE32 OS Processor Check PE File Dridex TrickBot VirusTotal Malware Report suspicious privilege MachineGuid Malicious Traffic buffers extracted unpack itself Check virtual network interfaces suspicious process Kovter ComputerName Remote Code Execution DNS crashed 		1 5 4 6.4 M 12 ZeroCERT

10387 2021-07-22 17:52 moet.exe  

b719cba1a8c6e43a6f106a57b04962e4


Gen1 Gen2 NPKI Malicious Library UPX Malicious Packer DGA DNS Socket Create Service Sniff Audio Escalate priviledges KeyLogger Code injection HTTP Hijack Network Internet API FTP ScreenShot Http API Steal credential Downloader P2P persistence AntiDebug An VirusTotal Email Client Info Stealer Malware AutoRuns MachineGuid Code Injection Malicious Traffic Check memory Checks debugger buffers extracted Creates executable files unpack itself Windows utilities Collect installed applications suspicious process AppData folder malicious URLs AntiVM_Disk WriteConsoleW VM Disk Size Check installed browsers check Tofsee Ransomware Windows Browser Email ComputerName DNS 		4 4 4 12.4 M 22 ZeroCERT

10388 2021-07-22 17:53 lv.exe  

92087ce2246db7c0a2ef9a332ce41eda


RedLine Stealer UPX Malicious Library PE32 PE File VirusTotal Malware PDB unpack itself 		2.4 M 33 ZeroCERT

10389 2021-07-22 17:55 Invoice_911952.xls  

5356d87ef86953dfd99fd26b28927226


Dridex VBA_macro Malicious Library MSOffice File PE32 DLL PE File VirusTotal Malware Check memory buffers extracted Creates executable files unpack itself suspicious process Windows 		2 1 3.0 M 16 ZeroCERT

10390 2021-07-22 17:57 ZdBx0XiuWwcXr.exe  

47f0522a0cfd75f08b67728220bf438f


RedLine Stealer Generic Malware UPX Malicious Library PE32 PE File VirusTotal Malware PDB unpack itself 		2.4 M 32 ZeroCERT

10391 2021-07-22 18:04 M0031.cab  

e0ac8285fe6bcaba59dffb27e3284c53


Escalate priviledges KeyLogger AntiDebug AntiVM suspicious privilege Check memory Checks debugger unpack itself 		1.6 ZeroCERT

10392 2021-07-22 18:07 gordo.css  

c59a78cd0e60a4d4a6608f2709c2277f

VirusTotal Malware 		0.4 9 ZeroCERT

10393 2021-07-22 18:16 31450C719DAD83EC51CE7BDC5CDA4E...  

7268d5746d5599edc43792fc7e227631

VirusTotal Malware 		0.6 M 12 ZeroCERT

10394 2021-07-23 07:38 wiz....wiz.wiz  

692b9a77e63307d2c41cd2844b3f4cb3


RTF File doc AntiDebug AntiVM FormBook Malware download Malware MachineGuid Malicious Traffic Check memory Checks debugger exploit crash unpack itself Windows Exploit DNS Cryptographic key crashed Downloader 		2 7 8 5.4 ZeroCERT

10395 2021-07-23 07:39 suntogether.png  

b64287a77fb567247cb8ec3465974eab


UPX Malicious Library PE32 OS Processor Check PE File Dridex TrickBot Malware Report suspicious privilege Malicious Traffic buffers extracted unpack itself Check virtual network interfaces suspicious process Kovter ComputerName Remote Code Execution DNS crashed 		1 5 2 6.0 ZeroCERT

keyword