Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Score	Zero	VT	Player
11356	2023-07-20 17:12	file.sfx.exe de1f7210c7206cb45f95cad5e0ed8cf0 AntiDebug AntiVM MSOffice File Code Injection RWX flags setting exploit crash unpack itself Windows utilities Tofsee Windows Exploit DNS crashed		2	2	3.8			ZeroCERT

11357	2023-07-20 17:10	ChromeSetup.exe 99b387d1de76dcfbb4cb6c33eb919a49 UPX Malicious Library PE File PE32 DLL VirusTotal Malware Check memory Creates shortcut Creates executable files unpack itself AppData folder				3.8		35	ZeroCERT

11358	2023-07-20 13:31	alg.exe 150e53a8c852ac5f23f47aceef452542 Browser Login Data Stealer Generic Malware Anti_VM PE64 PE File ZIP Format Browser Info Stealer VirusTotal Email Client Info Stealer Malware PDB MachineGuid Check memory Checks debugger Creates shortcut unpack itself AntiVM_Disk VM Disk Size Check installed browsers check Browser Email				4.6		28	ZeroCERT

11359	2023-07-20 13:13	dbins_secure.chm aaeb059d62c448cbea4cf96f1bbf9efa Generic Malware Antivirus AntiDebug AntiVM CHM Format PowerShell JPEG Format VirusTotal Malware powershell AutoRuns suspicious privilege MachineGuid Code Injection Check memory Checks debugger buffers extracted Creates shortcut Creates executable files unpack itself suspicious process WriteConsoleW Tofsee Windows ComputerName Cryptographic key	20 Keyword trend analysis Info http://ems7.mdbins.com/ems70/Check.jsp?TV9JRD04NDAzMzAxXzY4MjI3Mg==&U1RZUEU9QVVUTw==&TElTVF9UQUJMRT1FTVNfQVVUT19TRU5EX0xJU1RfMDM=&UE9TVF9JRD0yMDE5MDMyM18yMw==&VEM9MjAxOTAzMzA=&S0lORD1P https://www.idbins.com/images/mail/common/checkMyinsurance2.gif https://www.idbins.com/images/mail/common/promyTxt.gif https://www.idbins.com/images/mail/common/localMenu5.gif https://www.idbins.com/images/mail/common/btn_provicy.gif https://www.idbins.com/images/mail/common/qrcode.gif https://www.idbins.com/images/mail/common/blt_h4.gif https://www.idbins.com/images/mail/common/headBG_longService_car67.jpg https://www.idbins.com/images/mail/common/dowJones2.gif https://www.idbins.com/images/mail/common/blt_listn.gif https://www.idbins.com/images/mail/common/localMenu2.gif https://www.idbins.com/images/mail/common/emblem.gif https://www.idbins.com/images/mail/common/localMenu4.gif https://www.idbins.com/images/mail/common/lnbBg.gif https://www.idbins.com/images/mail/common/localMenu1.gif https://www.idbins.com/images/mail/common/localMenu6.gif https://www.idbins.com/images/mail/common/localMenu3.gif https://www.idbins.com/images/mail/common/arrBullet.gif https://www.idbins.com/images/mail/common/topLogo.gif https://atusay.lat/kxydo	4	1	8.4		16	ZeroCERT

11360	2023-07-20 13:08	Message.chm 59a924bb5cb286420edebf8d30ee424b Generic Malware Antivirus AntiDebug AntiVM CHM Format PowerShell PNG Format VirusTotal Malware powershell AutoRuns suspicious privilege MachineGuid Code Injection Check memory Checks debugger Creates shortcut Creates executable files unpack itself suspicious process WriteConsoleW Tofsee Windows ComputerName Cryptographic key	2 Keyword trend analysis	2	1	8.0		14	ZeroCERT

11361	2023-07-20 12:23	x.vbs 9a0f47c2d84580a6936e0b83d64f93e5 Generic Malware Antivirus PowerShell powershell suspicious privilege Check memory Checks debugger Creates shortcut unpack itself suspicious process WriteConsoleW Windows ComputerName Cryptographic key	1 Keyword trend analysis			5.4			ZeroCERT

11362	2023-07-20 12:22	system_root.vbs ede1862a1147dbbda4c4e86db24d3b83 Generic Malware Antivirus Hide_URL PowerShell powershell suspicious privilege Check memory Checks debugger Creates shortcut unpack itself Check virtual network interfaces suspicious process WriteConsoleW Windows ComputerName DNS Cryptographic key	1 Keyword trend analysis	1		7.4			ZeroCERT

11363	2023-07-20 12:20	idbk.hta f64cb89c952b5355259ef7373ea7982d Generic Malware Antivirus AntiDebug AntiVM PowerShell powershell suspicious privilege MachineGuid Code Injection Check memory Checks debugger Creates shortcut RWX flags setting unpack itself Windows utilities powershell.exe wrote suspicious process Windows ComputerName Cryptographic key	1 Keyword trend analysis			6.6			ZeroCERT

11364	2023-07-20 12:20	into.txt.ps1 6a5f012c5651b0fb68b449f1f4a8ece4 Generic Malware Antivirus VirusTotal Malware unpack itself WriteConsoleW Windows Cryptographic key	1 Keyword trend analysis			1.2		1	ZeroCERT

11365	2023-07-20 10:04	smbscanlocal-1bf850b4d9587c101... 1bf850b4d9587c1017a75a47680584c4 UPX PE File PE32 VirusTotal Malware WriteConsoleW				3.0	M	56	ZeroCERT

11366	2023-07-20 09:40	rdpcllp.exe b938598941bc685645ce1a2f7ae93e86 Themida Packer Generic Malware UPX Malicious Library Anti_VM PE64 PE File VirusTotal Malware Windows Remote Code Execution crashed				3.0	M	39	ZeroCERT

11367	2023-07-20 09:38	taskhostmt.exe 30f655b863ffb73cc44a54b2826ec4f3 Generic Malware Admin Tool (Sysinternals etc ...) PWS SMTP AntiDebug AntiVM .NET EXE PE File PE32 Browser Info Stealer RedLine Malware download FTP Client Info Stealer VirusTotal Malware Buffer PE PDB suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted unpack itself Collect installed applications Check virtual network interfaces installed browsers check Tofsee Stealer Windows Browser ComputerName Remote Code Execution DNS Cryptographic key Software crashed	1 Keyword trend analysis	3	2	14.8	M	40	ZeroCERT

11368	2023-07-20 09:35	s.exe ab7af1b5d04d9f284f2b9d5f6eae2ff1 AsyncRAT UPX .NET framework(MSIL) Malicious Packer OS Processor Check .NET EXE PE File PE32		2			M		ZeroCERT

11369	2023-07-20 08:10	file.pdf.exe 63faba3aff1b5d9cc631bb722bf6c00e UPX .NET framework(MSIL) AntiDebug AntiVM OS Processor Check .NET EXE PE File PE32 VirusTotal Malware PDB suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself Windows Cryptographic key	15 Keyword trend analysis Info http://www.mikepaxton.com/0jrg/?M8A=d4kw/bfNYrYxmYznqjDOqf25p/jdX39PtbYEk18vhTvgFCto6RnLNFzYKDsyAWpBlujwlxEf2+XrjjcASSXNUeya1aGp8ifaJ+aiHGc=&utM=TItOnbpUdscK4K http://www.applechiofficial.com/0jrg/?M8A=3zKK5UDwuz/0nkuu/OPjDTyjn1NbJKfvyOVy83lA05I2Znm+9VCjNrvPVZXA6OT2uybLV9mdcV/AXXwz65Rmu4BqtsLr0osmnvAO5to=&utM=TItOnbpUdscK4K http://www.uty186.com/0jrg/ http://www.best-prava-77.net/0jrg/?M8A=fNtr6HJu9S63tz6oxTeGrOcAVbpGUdnnHxpITgBt0lVKFQOxczFPnbryDV4cJebuzY7hEsGS0eOoVivZzLKRdR4tmAuK9pihc0o5WZw=&utM=TItOnbpUdscK4K http://www.uty186.com/0jrg/?M8A=kRzA81s/n0DbDoMyj+ubhrzADAGpcHK1R0LjEzsa6/S6KeAwZ7Y6HWE1VIEjXtTGdJldbVroTpaKCS5z6B4hwwMKQIEM4uxTrfeYpHQ=&utM=TItOnbpUdscK4K http://www.lufanyn.com/0jrg/ http://www.blackiquorstudios.com/0jrg/ http://www.best-prava-77.net/0jrg/ http://www.lufanyn.com/0jrg/?M8A=u4+JC4tnkO0VyH4ayuAUW0EV2BqPkEfS/EcMI7KeZzRIf7vOU8hYE03lUTRp9dfprfNQb9ez+4+YLdEOjEZLPJNVRywaCu330sHSYaA=&utM=TItOnbpUdscK4K http://www.samhosslerwriter.com/0jrg/ http://www.samhosslerwriter.com/0jrg/?M8A=jQJkuHPq1xPE4NFgoyW4b69TouFVOEEEXNlDqeGZQB43P8GQvHFREwYOF3U/GtUc7fmXSai0uLpr8iPmXIcIU5JxaS9qTn2pUUo9qsA=&utM=TItOnbpUdscK4K http://www.blackiquorstudios.com/0jrg/?M8A=MqXmG3VdOL0D7+rJINRd43gXbjS9iEl/fowqlYCXtG4tzan7pZ3AjzQI3cJjBxhKQzBlGWltnFB4+hYeRNDv/aNu2efN4xObYUFFcUA=&utM=TItOnbpUdscK4K http://www.sqlite.org/2017/sqlite-dll-win32-x86-3210000.zip http://www.applechiofficial.com/0jrg/ http://www.mikepaxton.com/0jrg/	15 Info www.applechiofficial.com(217.144.104.212) www.mikepaxton.com(38.239.87.27) www.samhosslerwriter.com(160.124.147.11) www.lufanyn.com(122.254.96.77) www.uty186.com(122.10.20.248) - mailcious www.blackiquorstudios.com(45.33.23.183) www.best-prava-77.net(104.21.84.62) 38.239.87.27 172.67.187.167 45.79.19.196 - mailcious 122.254.96.77 160.124.147.11 217.144.104.212 45.33.6.223 122.10.20.248 - mailcious		9.6	M	37	ZeroCERT

11370	2023-07-20 07:59	mjifi 551c155f4fce82bba4cc92e56f1ecb84 Gen1 UPX Malicious Library PE64 PE File PDB Remote Code Execution				0.6			ZeroCERT