popup

Submissions

No Date Request Urls Hosts IDS Rule Score Zero VT Player Etc
10471 2023-07-07 09:35 page.html  

f6b00338f9b1aa52396ffb72af40bf04


AntiDebug AntiVM MSOffice File Code Injection exploit crash unpack itself Windows utilities Tofsee Windows Exploit DNS crashed 		2 3.4 ZeroCERT

10472 2023-07-07 09:31 yhkld.vbs  

32d87b2f68ef1dd11316fbb33f1f8597


AgentTesla Generic Malware Antivirus SMTP KeyLogger Hide_URL AntiDebug AntiVM PowerShell Browser Info Stealer VirusTotal Email Client Info Stealer Malware powershell suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted Creates shortcut unpack itself Check virtual network interfaces suspicious process Windows Exploit Browser Email ComputerName DNS Cryptographic key crashed 		4 3 2 2 10.0 15 ZeroCERT

10473 2023-07-07 09:29 abnc.vbs  

236b5ad11c5fe9e980c9560f6a1254cf


AgentTesla Generic Malware Antivirus SMTP KeyLogger Hide_URL AntiDebug AntiVM PowerShell Browser Info Stealer VirusTotal Email Client Info Stealer Malware powershell suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted Creates shortcut unpack itself Check virtual network interfaces suspicious process EXPLOIT_KIT Windows Exploit Browser Email ComputerName DNS Cryptographic key crashed 		3 3 2 1 10.0 7 ZeroCERT

10474 2023-07-07 09:26 davincizx.doc  

637985d77758ae5d69c8990dffe15339


MS_RTF_Obfuscation_Objects RTF File doc Malware download VirusTotal Malware Malicious Traffic RWX flags setting exploit crash Windows Exploit DNS crashed 		1 2 5 5.4 29 ZeroCERT

10475 2023-07-07 09:26 test.bat  

685ff5bdb3116347994c34f5a72cf6ce


Generic Malware Downloader Antivirus Create Service Socket P2P DGA Steal credential Http API Escalate priviledges PWS Sniff Audio HTTP DNS ScreenShot Code injection Internet API FTP KeyLogger Hide_URL AntiDebug AntiVM powershell suspicious privilege Check memory Checks debugger Creates shortcut unpack itself powershell.exe wrote suspicious process WriteConsoleW Windows ComputerName Cryptographic key 		4.2 ZeroCERT

10476 2023-07-07 07:45 qlmfckzvtoso.exe  

107c04590864856c6d7c4fbc9f9a3da9


UPX Malicious Library OS Processor Check PE File PE32 Browser Info Stealer Malware Telegram MachineGuid Malicious Traffic Creates executable files RWX flags setting unpack itself Tofsee Browser DNS crashed 		4 5 4 4.4 ZeroCERT

10477 2023-07-07 07:41 berrashok2.1.exe  

64273b56a78b2ba729ca0d023f06b51b


NSIS UPX Malicious Library PE File PE32 OS Processor Check DLL FormBook Malware download Malware suspicious privilege Malicious Traffic Check memory Creates executable files unpack itself AppData folder 		2 6 1 3.4 ZeroCERT

10478 2023-07-07 07:40 ppo_opp.exe  

051f2b0aebbc24f9bfae6338c7954a0e


AgentTesla .NET framework(MSIL) PWS KeyLogger AntiDebug AntiVM .NET EXE PE File PE32 Browser Info Stealer FTP Client Info Stealer Email Client Info Stealer PDB suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself Windows Browser Email ComputerName Cryptographic key Software crashed 		8.8 ZeroCERT

10479 2023-07-07 07:40 glassadequatepro.exe  

fa6ec356a90ef16403ad579d87b05ee5


Gen1 Emotet UPX Malicious Library .NET framework(MSIL) CAB PE64 PE File OS Processor Check .NET EXE PE32 AutoRuns PDB Check memory Checks debugger Creates executable files unpack itself Check virtual network interfaces AppData folder Windows Remote Code Execution DNS 		2 6.2 ZeroCERT

10480 2023-07-07 07:38 maigoneo2.1.exe  

247054964499405f52185f24b4d011b2


NSIS UPX Malicious Library PE File PE32 OS Processor Check DLL Malware download AveMaria NetWireRC Malware AutoRuns MachineGuid Check memory Creates executable files unpack itself AppData folder Windows RAT ComputerName DNS DDNS keylogger 		2 4 4.2 ZeroCERT

10481 2023-07-07 07:35 win.exe  

1bd5879fca03e9398079dc4ec9789c94


NSIS UPX Malicious Library PE File PE32 OS Processor Check DLL Browser Info Stealer FTP Client Info Stealer Email Client Info Stealer AutoRuns suspicious privilege Check memory Checks debugger Creates executable files unpack itself Check virtual network interfaces AppData folder IP Check Tofsee Windows Browser Email ComputerName Cryptographic key Software crashed 		2 2 6.4 ZeroCERT

10482 2023-07-06 20:25 stub_186.exe  

0f3a69075e511390b5fdb4687f47ea0b


UPX Malicious Library Antivirus OS Processor Check PE File PE32 PDB Check memory Tofsee Remote Code Execution 		2 2 1.2 ZeroCERT

10483 2023-07-06 20:25 slimzx.exe  

48331464a137df82fa493f4609d7e074


AgentTesla PWS KeyLogger AntiDebug AntiVM .NET EXE PE File PE32 Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware PDB Code Injection Check memory Checks debugger buffers extracted unpack itself Check virtual network interfaces IP Check Tofsee Windows Browser Email ComputerName Cryptographic key Software crashed 		2 2 11.0 44 ZeroCERT

10484 2023-07-06 18:06 nellyzx.exe  

f9db6526d2f609f91d136a90e9033b69


Formbook Generic Malware Antivirus PWS AntiDebug AntiVM .NET EXE PE File PE32 FormBook Malware download VirusTotal Malware PDB suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted Creates shortcut unpack itself Windows utilities suspicious process AppData folder WriteConsoleW Windows ComputerName Cryptographic key 		2 4 1 11.8 23 ZeroCERT

10485 2023-07-06 17:52 catzx.doc  

59926b69f6b1dce035ba256215430c52


MS_RTF_Obfuscation_Objects RTF File doc Malware download VirusTotal Malware Malicious Traffic exploit crash unpack itself IP Check Tofsee Windows Exploit DNS crashed 		1 5 8 4.8 29 ZeroCERT

keyword