Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Score	Zero	VT	Player
11326	2023-07-21 20:59	nn.jpg.ps1 d62ac51b09e36647f7355e5aa2b7f18c Hide_EXE Generic Malware Antivirus VirusTotal Malware powershell Check memory Creates executable files unpack itself Windows utilities powershell.exe wrote suspicious process WriteConsoleW Windows ComputerName Cryptographic key				4.0	M	7	ZeroCERT

11327	2023-07-21 20:55	agodzx.doc 6030cd58a055f41ca34a74afb4581598 MS_RTF_Obfuscation_Objects RTF File doc Malware download VirusTotal Malware Malicious Traffic exploit crash unpack itself Tofsee Windows Exploit DNS crashed	1 Keyword trend analysis	3	7 Info ET INFO Executable Download from dotted-quad Host SURICATA Applayer Detect protocol only one direction ET MALWARE Likely Evil EXE download from dotted Quad by MSXMLHTTP M1 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) ET POLICY PE EXE or DLL Windows file download HTTP ET MALWARE Likely Evil EXE download from dotted Quad by MSXMLHTTP M2 ET HUNTING SUSPICIOUS Dotted Quad Host MZ Response	4.6	M	35	ZeroCERT

11328	2023-07-21 20:53	Typeouts.exe 690674952ef72ecff19d7ba07b08c9b6 Gen1 NSIS Generic Malware UPX Malicious Library Malicious Packer PE File PE32 OS Processor Check DLL PE64 VirusTotal Malware AppData folder				1.8	M	40	ZeroCERT

11329	2023-07-21 20:51	ChromeSetup.exe 492d80094e553a4d75e2922a847f1314 UPX Malicious Library PE File PE32 DLL VirusTotal Malware Check memory Creates shortcut Creates executable files unpack itself AppData folder				4.0	M	42	ZeroCERT

11330	2023-07-21 20:51	ChromeSetup.exe dede170df1b43a3d2e0095af1e16f7d5 UPX Malicious Library PE File PE32 DLL VirusTotal Malware Check memory Creates shortcut Creates executable files unpack itself AppData folder				4.8	M	38	ZeroCERT

11331	2023-07-21 20:51	agodzx.exe 1b0e8808dad9fee0781b032e320944e4 SMTP KeyLogger AntiDebug AntiVM .NET EXE PE File PE32 Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware PDB suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself Check virtual network interfaces Tofsee Windows Browser Email ComputerName DNS Cryptographic key Software crashed		3	2	11.2	M	22	ZeroCERT

11332	2023-07-21 20:49	nigazxbb.vbs 00fc0681c42b83fd24dea79fe6c04cf1 Generic Malware Antivirus PowerShell VirusTotal Malware suspicious privilege Check memory Checks debugger Creates shortcut unpack itself suspicious process WriteConsoleW Windows ComputerName Cryptographic key				5.4	M	16	ZeroCERT

11333	2023-07-21 20:46	s.exe c9741d5bdc3286eff5ad5f9d86f83613 AsyncRAT UPX .NET framework(MSIL) Malicious Packer OS Processor Check .NET EXE PE File PE32		2					ZeroCERT

11334	2023-07-21 20:46	secagodzx.exe ad438aca83c354060f3684d8801582ed .NET EXE PE File PE32 VirusTotal Malware PDB suspicious privilege Code Injection Check memory Checks debugger unpack itself				5.0		19	ZeroCERT

11335	2023-07-21 20:44	secagodzx.doc 47921ac5925698e152ca4c2563713a91 MS_RTF_Obfuscation_Objects RTF File doc Malware download VirusTotal Malware AgentTesla Malicious Traffic exploit crash unpack itself Windows Exploit DNS crashed	1 Keyword trend analysis	3	7 Info ET INFO Executable Download from dotted-quad Host ET MALWARE Likely Evil EXE download from dotted Quad by MSXMLHTTP M1 ET POLICY PE EXE or DLL Windows file download HTTP ET MALWARE Likely Evil EXE download from dotted Quad by MSXMLHTTP M2 ET HUNTING SUSPICIOUS Dotted Quad Host MZ Response SURICATA Applayer Detect protocol only one direction ET MALWARE AgentTesla Exfil Via SMTP	5.2	M	34	ZeroCERT

11336	2023-07-21 20:44	kellyzx.exe 2a62617f0980edd4a35ad538e3f30eb6 LokiBot Socket PWS DNS AntiDebug AntiVM .NET EXE PE File PE32 Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware PDB suspicious privilege MachineGuid Code Injection Check memory Checks debugger buffers extracted unpack itself malicious URLs AntiVM_Disk VM Disk Size Check installed browsers check Browser Email ComputerName DNS Software		1		14.6	M	47	ZeroCERT

11337	2023-07-21 18:41	0.dotm 583489e24bfba0289d80fb987724d581 VBA_macro AntiDebug AntiVM ZIP Format Word 2007 file format(docx) MSOffice File VirusTotal Malware Code Injection unpack itself Tofsee	1 Keyword trend analysis	2	1	5.6		41	ZeroCERT

11338	2023-07-21 18:41	cmshcmchsmchsmcshcmcshmcshcmsc... 29866001ff4de9dee0ca9c3d4d3eafff MS_RTF_Obfuscation_Objects RTF File doc Vulnerability VirusTotal Malware Malicious Traffic buffers extracted RWX flags setting exploit crash Exploit DNS crashed	1 Keyword trend analysis	1	3	4.4		27	ZeroCERT

11339	2023-07-21 13:31	file.pdf.exe 63faba3aff1b5d9cc631bb722bf6c00e UPX .NET framework(MSIL) OS Processor Check .NET EXE PE File PE32 VirusTotal Malware PDB Check memory Checks debugger unpack itself Windows Cryptographic key				2.8		40	r0d

11340	2023-07-21 13:07	Lightshot.dll d335c0fd96458200acaeae1d1b4e136e UPX Admin Tool (Sysinternals etc ...) Malicious Library Javascript_Blob OS Processor Check MZP Format DLL PE File PE32 VirusTotal Malware Checks debugger unpack itself crashed				1.6		13	ZeroCERT