Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	Score	Zero	VT	Player
10756	2023-08-12 19:18	ikmerozx.doc 75bd1384535d144dac3817b457526119 MS_RTF_Obfuscation_Objects RTF File doc VirusTotal Malware Malicious Traffic exploit crash unpack itself Exploit DNS crashed	1 Keyword trend analysis	1	4.4	M	29	ZeroCERT

10757	2023-08-12 19:16	31839b57a4f11171d6abc8bbc4451e... b2e91cdd0e1c97efec540f2f60472d94 UPX Malicious Library OS Processor Check PE File PE32 VirusTotal Malware PDB			2.0	M	39	ZeroCERT

10758	2023-08-12 19:15	oncestatistic.exe 7f84503a1a12b3edb0da052aad05e49c Gen1 Emotet Malicious Library .NET framework(MSIL) CAB PE64 PE File .NET EXE PE32 VirusTotal Malware AutoRuns PDB Check memory Checks debugger Creates executable files unpack itself Check virtual network interfaces AppData folder Windows Remote Code Execution DNS		2	6.2	M	33	ZeroCERT

10759	2023-08-12 19:14	toolspub2.exe a76e515e1150c903070a1eb1b2d216c0 UPX Malicious Library AntiDebug AntiVM OS Processor Check PE File PE32 VirusTotal Malware PDB			3.0	M	36	ZeroCERT

10760	2023-08-12 19:13	doudian8574.exe 11746e92a679b202ffc31a9397db030f Malicious Library UPX PE64 PE File CHM Format OS Processor Check DLL VirusTotal Malware MachineGuid Creates executable files unpack itself Browser DNS	6 Keyword trend analysis Info https://2023816.oss-cn-hangzhou.aliyuncs.com/qd.CHM https://2023816.oss-cn-hangzhou.aliyuncs.com/md.exe https://yts2023811.oss-cn-hangzhou.aliyuncs.com/3.bin https://2023816.oss-cn-hangzhou.aliyuncs.com/hrsgdsb8574wknzms.jpg https://2023815.oss-cn-hangzhou.aliyuncs.com/UnityPlayer.dll https://2023815.oss-cn-hangzhou.aliyuncs.com/ttd.exe	6	5.4	M	28	ZeroCERT

10761	2023-08-12 19:12	isbinzx.exe d60926cbe4de77584ee8e5f7b8268909 Malicious Library PE64 PE File VirusTotal Malware MachineGuid Check memory Checks debugger unpack itself Windows Cryptographic key			2.6	M	32	ZeroCERT

10762	2023-08-12 19:09	YV8xEFq6858Firy.exe ba2b37ae83f07749c8ae0287d5344c90 Emotet Gen1 Hide_EXE PhysicalDrive Generic Malware NSIS .NET framework(MSIL) Downloader UPX Malicious Library Malicious Packer Admin Tool (Sysinternals etc ...) ASPack Antivirus ScreenShot KeyLogger Javascript_Blob Anti_VM AntiDebug AntiVM .NET EXE PE Fil Browser Info Stealer VirusTotal Malware AutoRuns PDB suspicious privilege Code Injection Check memory Checks debugger buffers extracted Creates executable files unpack itself AppData folder installed browsers check Windows Browser			9.8	M	29	ZeroCERT

10763	2023-08-12 19:02	smss.exe 9ae4842303e0ad115bdd254913a4bb21 Emotet HermeticWiper Gen1 Hide_EXE Generic Malware NSIS .NET framework(MSIL) UPX Malicious Library Admin Tool (Sysinternals etc ...) Malicious Packer Downloader ASPack PWS ScreenShot KeyLogger Anti_VM AntiDebug AntiVM .NET EXE PE File PE32 OS Processor Ch VirusTotal Malware AutoRuns PDB suspicious privilege Code Injection Check memory Checks debugger buffers extracted Creates executable files unpack itself AppData folder installed browsers check Windows Browser ComputerName			10.4	M	38	ZeroCERT

10764	2023-08-12 19:02	clip64.dll 4c1e14380f4ba4aa5018e1dc7705b987 Amadey UPX Malicious Library Admin Tool (Sysinternals etc ...) OS Processor Check DLL PE File PE32 PDB Checks debugger unpack itself			0.8	M		ZeroCERT

10765	2023-08-12 19:00	clip64.dll 5bc0153d2973241b72a38c51a2f72116 Amadey UPX Malicious Library Admin Tool (Sysinternals etc ...) OS Processor Check DLL PE File PE32 PDB Checks debugger unpack itself			0.8	M		ZeroCERT

10766	2023-08-12 18:58	djdffvj.exe 6a7b4e0786929ef29e6fe1c8ff75755a UPX Malicious Library OS Processor Check PE File PE32 VirusTotal Malware PDB			2.2	M	41	ZeroCERT

10767	2023-08-12 18:57	photo551.exe 16ca62cfbd303242d39ccc6084c1e6f7 Gen1 Emotet UPX Malicious Library CAB PE File PE32 AutoRuns PDB suspicious privilege Check memory Checks debugger Creates executable files unpack itself Windows utilities Disables Windows Security suspicious process AntiVM_Disk WriteConsoleW VM Disk Size Check Windows Update Remote Code Execution			7.0	M		ZeroCERT

10768	2023-08-12 18:56	2222222.exe 4ce7297247872bc04141ffb84d1220d0 Generic Malware Antivirus .NET EXE PE File PE32 VirusTotal Malware powershell Buffer PE suspicious privilege Code Injection Check memory Checks debugger buffers extracted Creates shortcut unpack itself powershell.exe wrote suspicious process Windows ComputerName Cryptographic key crashed			9.6	M	36	ZeroCERT

10769	2023-08-12 18:56	11111.exe 71f5c9fd9164173cb2bcbff0b14087ba Client SW User Data Stealer Backdoor RemcosRAT browser info stealer Generic Malware Google Chrome User Data Downloader Antivirus Create Service Socket Escalate priviledges PWS Sniff Audio DNS ScreenShot Internet API KeyLogger AntiDebug AntiVM .NET EXE PE VirusTotal Malware powershell Buffer PE suspicious privilege Code Injection Check memory Checks debugger buffers extracted Creates shortcut unpack itself suspicious process malicious URLs Windows ComputerName DNS Cryptographic key DDNS crashed keylogger		2	13.8	M	48	ZeroCERT

10770	2023-08-12 18:54	ikmerozx.exe e93d755480c85eed3031653a3ed477c9 .NET framework(MSIL) PE64 .NET EXE PE File VirusTotal Malware Check memory Checks debugger unpack itself			2.2	M	33	ZeroCERT