Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	Rule	Score	Zero	VT	Player
10876	2023-08-09 11:21	lnvoice#20336 ... 8280d77f1fe4f3ad7e067180f6cf1ad9 VirusTotal Malware Check memory buffers extracted unpack itself suspicious process Interception	2 Keyword trend analysis	6		5.8		13	ZeroCERT

10877	2023-08-09 11:14	Konni.lnk 49fbfece9d180b55661816d29fd2af8a Generic Malware HWP PS PostScript Antivirus AntiDebug AntiVM GIF Format MSOffice File PowerShell VirusTotal Malware powershell suspicious privilege Code Injection Check memory Checks debugger Creates shortcut unpack itself powershell.exe wrote suspicious process WriteConsoleW Windows ComputerName Cryptographic key				6.0		22	ZeroCERT

10878	2023-08-09 11:05	logszx.doc 2c6c2c3fbdd819ee45b543d6632f842f MS_RTF_Obfuscation_Objects RTF File doc VirusTotal Malware Malicious Traffic exploit crash Exploit DNS crashed	1 Keyword trend analysis	3		4.8	M	31	ZeroCERT

10879	2023-08-09 10:24	ChromeSetup.exe fe2a74503249b20e4594656bb88db37d Formbook AntiDebug AntiVM .NET EXE PE File PE32 VirusTotal Malware PDB suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted unpack itself	3 Keyword trend analysis Info http://www.eturnum.org/et9t/?QPQHDCK=oGB2a62R5hQvo2E9fBkXawOuNKj3Dek6/gk22RSM/jZ849uvwjkHsue2s///UvCqJC6xkWcBqYeWgpc71Q83w80Z1Wi48i4g+hNU7Ic=&IFAuCS=2Z5zi9xD - rule_id: 35685 http://www.eturnum.org/et9t/ - rule_id: 35685 http://www.sqlite.org/2017/sqlite-dll-win32-x86-3190000.zip	6	2	9.8	M	31	ZeroCERT

10880	2023-08-09 10:24	soc64win.dll 62813c6cab9234e83949fcc563c33b57 VMProtect Malicious Library DLL PE64 PE File VirusTotal Malware Checks debugger unpack itself DNS		1		3.8	M	18	ZeroCERT

10881	2023-08-09 09:35	hanacard.chm d74088ca99c5f2834e945e2330729d4c Generic Malware Antivirus AntiDebug AntiVM CHM Format PowerShell BMP Format VirusTotal Malware powershell AutoRuns suspicious privilege MachineGuid Code Injection Check memory Checks debugger buffers extracted Creates shortcut Creates executable files RWX flags setting unpack itself suspicious process WriteConsoleW Windows ComputerName Cryptographic key	10 Keyword trend analysis Info http://em.hanacard.co.kr:8080/camp_img/e_footer.gif http://em.hanacard.co.kr:8080/camp_img/e_header_03.gif http://em.hanacard.co.kr:8080/camp_img/e_name_bottom.gif http://safe.amail.co.kr/ems61/safemail.jpg?Q1VTVF9JRD1oYW5hY2FyZC5pbg==&UE9TVF9JRD0yMDIyMDMxNV8zNg==&TV9JRD04NjAyMjYxQTAwOTI0XzE4MjMzMTU=&RU1BSUxfSUQ9ZGY4MzU0YWZjMDg0N2U1MTdiM2NiNDZlZGU5YmZmYmM4ODcxMTM2NzZmMGE1OTczZTlmZjc1MjU1MWI1ZmU= http://em.hanacard.co.kr:8080/camp_img/ico_bull02.gif http://em.hanacard.co.kr:8080/camp_img/e_footer_cs01.gif http://em.hanacard.co.kr:8080/track/Check.jsp?TV9JRD04NjAyMjYxQTAwOTI0XzE4MjMzMTU=&U1RZUEU9QVVUTw==&TElTVF9UQUJMRT1FTVNfQVVUT19TRU5EX0xJU1RfMDE=&UE9TVF9JRD0yMDIyMDMxNV8zNg==&VEM9MjAyMjAzMjI=&S0lORD1P http://www.hanacard.co.kr/js/cmn/wl6.js https://www.hanacard.co.kr/js/cmn/wl6.js https://jutise.fun/aypbr	6		9.0		22	ZeroCERT

10882	2023-08-09 09:29	payment.exe 4f11205da3e4d05588bcb5a6e518c1df UPX Malicious Library PE File PE32 DLL VirusTotal Malware Check memory Creates executable files unpack itself AppData folder				2.6		10	ZeroCERT

10883	2023-08-09 09:29	000000000000000%23%23%23%23%23... b5851205722f0379cef7fa7f56e9c2c2 Formbook MS_RTF_Obfuscation_Objects RTF File doc VirusTotal Malware Malicious Traffic RWX flags setting exploit crash Exploit DNS crashed	4 Keyword trend analysis Info http://23.94.148.61/598/ChromeSetup.exe http://www.eturnum.org/et9t/?pX7nMhZ=oGB2a62R5hQvo2E9fBkXawOuNKj3Dek6/gk22RSM/jZ849uvwjkHsue2s///UvCqJC6xkWcBqYeWgpc71Q83w80Z1Wi48i4g+hNU7Ic=&4KNm0j=RN6a - rule_id: 35685 http://www.eturnum.org/et9t/ - rule_id: 35685 http://www.sqlite.org/2020/sqlite-dll-win32-x86-3320000.zip	7	2	5.6	M	30	ZeroCERT

10884	2023-08-09 09:26	Ahdlcrjjdjdlgf.exe 053052690586782a411f46ec2bf255fb Hide_EXE UPX Malicious Library Malicious Packer MZP Format PE File PE32 VirusTotal Malware RWX flags setting unpack itself				2.4	M	40	ZeroCERT

10885	2023-08-09 09:26	file.exe 01da8f20a8cd019b4d7e54a5fc46f609 UPX Malicious Library OS Processor Check PE File PE32 unpack itself Remote Code Execution				1.0	M		ZeroCERT

10886	2023-08-09 09:24	BR.exe 608638750dcc078dbd10555303bcce9f Themida Packer UPX Anti_VM .NET EXE PE File PE32 Browser Info Stealer FTP Client Info Stealer VirusTotal Malware suspicious privilege Check memory Checks debugger buffers extracted unpack itself Checks Bios Collect installed applications Detects VMWare VMware anti-virtualization installed browsers check Windows Browser ComputerName Remote Code Execution Firmware DNS Cryptographic key Software crashed		1		10.6	M	28	ZeroCERT

10887	2023-08-09 09:23	Client.exe 3500d4b2b971499632cf0a306f266cfd UPX .NET framework(MSIL) Malicious Library Malicious Packer Antivirus OS Processor Check .NET EXE PE File PE32 VirusTotal Malware Check memory Checks debugger unpack itself				2.0	M	45	ZeroCERT

10888	2023-08-09 09:22	EWW.vbs 16d1b67174ddb290446b61e673910b1a Generic Malware Antivirus PowerShell VirusTotal Malware suspicious privilege Check memory Checks debugger Creates shortcut unpack itself Windows utilities suspicious process WriteConsoleW Windows ComputerName Cryptographic key				5.8	M	15	ZeroCERT

10889	2023-08-09 09:20	WQO.vbs 773a9191069d205f122cd90e09bfa074 Generic Malware Antivirus PowerShell VirusTotal Malware suspicious privilege Check memory Checks debugger Creates shortcut unpack itself Windows utilities suspicious process WriteConsoleW Windows ComputerName DNS Cryptographic key		1		6.4	M	13	ZeroCERT

10890	2023-08-09 09:18	kobeezx.doc 822ca31c5b8abc31d5b81fa02278907f MS_RTF_Obfuscation_Objects RTF File doc VirusTotal Malware Malicious Traffic RWX flags setting exploit crash Exploit DNS crashed	3 Keyword trend analysis	5		4.6	M	33	ZeroCERT