Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Rule	Score	VT	Player
11686	2023-07-07 18:08	AMDx46.exe 759300ac41209528786f5445346ae591 Malicious Library PE64 PE File Malware download VirusTotal Cryptocurrency Miner Malware Cryptocurrency Malicious Traffic DNS CoinMiner	1 Keyword trend analysis	3	3		3.2	34	ZeroCERT

11687	2023-07-07 10:13	page.html f6b00338f9b1aa52396ffb72af40bf04 AntiDebug AntiVM MSOffice File Code Injection unpack itself Windows utilities Tofsee Windows DNS	4 Keyword trend analysis	34 Info edgedl.me.gvt1.com(34.104.35.123) - bit.ly(67.199.248.11) - www.google.com(142.250.207.100) - www.gstatic.com(142.250.76.131) - pdf-readonline.website(45.83.122.52) - _googlecast._tcp.local() - fonts.googleapis.com(142.250.206.202) - clients2.googleusercontent.com(142.250.76.129) - accounts.google.com(172.217.25.173) - dhqidctjo3ugevk9u5sev1r.webdav.drivehq.com(66.220.9.58) - fonts.gstatic.com(142.250.206.195) - apis.google.com(142.250.76.142) - dhqidlnsxx2qigisdvn7x2f.webdav.drivehq.com(66.220.9.58) - p13n.adobe.io(54.224.241.105) - dhqid45r064utd5gygt2jy6.webdav.drivehq.com(66.220.9.58) - www.smartsheet.com(151.101.194.191) - clientservices.googleapis.com(172.217.25.163) - 142.250.204.35 - 52.6.155.20 - 142.250.207.99 - 146.75.50.191 - 142.250.66.132 - 216.58.200.227 - 67.199.248.10 - 66.220.9.58 - 121.254.136.27 - 142.250.204.129 - 142.250.204.46 - 142.250.66.77 - 172.217.24.99 - 142.250.204.110 - 45.83.122.52 - 142.250.204.74 - 34.104.35.123 -	2		3.4		ZeroCERT

11688	2023-07-07 09:35	page.html f6b00338f9b1aa52396ffb72af40bf04 AntiDebug AntiVM MSOffice File Code Injection exploit crash unpack itself Windows utilities Tofsee Windows Exploit DNS crashed			2		3.4		ZeroCERT

11689	2023-07-07 09:31	yhkld.vbs 32d87b2f68ef1dd11316fbb33f1f8597 AgentTesla Generic Malware Antivirus SMTP KeyLogger Hide_URL AntiDebug AntiVM PowerShell Browser Info Stealer VirusTotal Email Client Info Stealer Malware powershell suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted Creates shortcut unpack itself Check virtual network interfaces suspicious process Windows Exploit Browser Email ComputerName DNS Cryptographic key crashed	4 Keyword trend analysis	3	2	2	10.0	15	ZeroCERT

11690	2023-07-07 09:29	abnc.vbs 236b5ad11c5fe9e980c9560f6a1254cf AgentTesla Generic Malware Antivirus SMTP KeyLogger Hide_URL AntiDebug AntiVM PowerShell Browser Info Stealer VirusTotal Email Client Info Stealer Malware powershell suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted Creates shortcut unpack itself Check virtual network interfaces suspicious process EXPLOIT_KIT Windows Exploit Browser Email ComputerName DNS Cryptographic key crashed	3 Keyword trend analysis	3	2	1	10.0	7	ZeroCERT

11691	2023-07-07 09:26	davincizx.doc 637985d77758ae5d69c8990dffe15339 MS_RTF_Obfuscation_Objects RTF File doc Malware download VirusTotal Malware Malicious Traffic RWX flags setting exploit crash Windows Exploit DNS crashed	1 Keyword trend analysis	2	5 Info ET INFO Executable Download from dotted-quad Host ET MALWARE Likely Evil EXE download from dotted Quad by MSXMLHTTP M1 ET POLICY PE EXE or DLL Windows file download HTTP ET MALWARE Likely Evil EXE download from dotted Quad by MSXMLHTTP M2 ET HUNTING SUSPICIOUS Dotted Quad Host MZ Response		5.4	29	ZeroCERT

11692	2023-07-07 09:26	test.bat 685ff5bdb3116347994c34f5a72cf6ce Generic Malware Downloader Antivirus Create Service Socket P2P DGA Steal credential Http API Escalate priviledges PWS Sniff Audio HTTP DNS ScreenShot Code injection Internet API FTP KeyLogger Hide_URL AntiDebug AntiVM powershell suspicious privilege Check memory Checks debugger Creates shortcut unpack itself powershell.exe wrote suspicious process WriteConsoleW Windows ComputerName Cryptographic key					4.2		ZeroCERT

11693	2023-07-07 07:45	qlmfckzvtoso.exe 107c04590864856c6d7c4fbc9f9a3da9 UPX Malicious Library OS Processor Check PE File PE32 Browser Info Stealer Malware Telegram MachineGuid Malicious Traffic Creates executable files RWX flags setting unpack itself Tofsee Browser DNS crashed	4 Keyword trend analysis	5	4		4.4		ZeroCERT

11694	2023-07-07 07:41	berrashok2.1.exe 64273b56a78b2ba729ca0d023f06b51b NSIS UPX Malicious Library PE File PE32 OS Processor Check DLL FormBook Malware download Malware suspicious privilege Malicious Traffic Check memory Creates executable files unpack itself AppData folder	2 Keyword trend analysis	6	1		3.4		ZeroCERT

11695	2023-07-07 07:40	ppo_opp.exe 051f2b0aebbc24f9bfae6338c7954a0e AgentTesla .NET framework(MSIL) PWS KeyLogger AntiDebug AntiVM .NET EXE PE File PE32 Browser Info Stealer FTP Client Info Stealer Email Client Info Stealer PDB suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself Windows Browser Email ComputerName Cryptographic key Software crashed					8.8		ZeroCERT

11696	2023-07-07 07:40	glassadequatepro.exe fa6ec356a90ef16403ad579d87b05ee5 Gen1 Emotet UPX Malicious Library .NET framework(MSIL) CAB PE64 PE File OS Processor Check .NET EXE PE32 AutoRuns PDB Check memory Checks debugger Creates executable files unpack itself Check virtual network interfaces AppData folder Windows Remote Code Execution DNS		2			6.2		ZeroCERT

11697	2023-07-07 07:38	maigoneo2.1.exe 247054964499405f52185f24b4d011b2 NSIS UPX Malicious Library PE File PE32 OS Processor Check DLL Malware download AveMaria NetWireRC Malware AutoRuns MachineGuid Check memory Creates executable files unpack itself AppData folder Windows RAT ComputerName DNS DDNS keylogger		2	4		4.2		ZeroCERT

11698	2023-07-07 07:35	win.exe 1bd5879fca03e9398079dc4ec9789c94 NSIS UPX Malicious Library PE File PE32 OS Processor Check DLL Browser Info Stealer FTP Client Info Stealer Email Client Info Stealer AutoRuns suspicious privilege Check memory Checks debugger Creates executable files unpack itself Check virtual network interfaces AppData folder IP Check Tofsee Windows Browser Email ComputerName Cryptographic key Software crashed		2	2		6.4		ZeroCERT

11699	2023-07-06 20:25	stub_186.exe 0f3a69075e511390b5fdb4687f47ea0b UPX Malicious Library Antivirus OS Processor Check PE File PE32 PDB Check memory Tofsee Remote Code Execution		2	2		1.2		ZeroCERT

11700	2023-07-06 20:25	slimzx.exe 48331464a137df82fa493f4609d7e074 AgentTesla PWS KeyLogger AntiDebug AntiVM .NET EXE PE File PE32 Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware PDB Code Injection Check memory Checks debugger buffers extracted unpack itself Check virtual network interfaces IP Check Tofsee Windows Browser Email ComputerName Cryptographic key Software crashed		2	2		11.0	44	ZeroCERT