Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Score	Zero	VT	Player
12046	2021-09-03 09:21	izuzx.exe 98e06c036043bbc1dc669ea2f1611c21 PWS .NET framework Generic Malware AntiDebug AntiVM PE File .NET EXE PE32 FormBook Malware download VirusTotal Malware suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted unpack itself Windows DNS Cryptographic key	12 Keyword trend analysis Info http://www.hotsmartdevice.com/t5n8/ http://www.dbhguitar.com/t5n8/ http://www.solteratrashvalet.com/t5n8/?XPJTM6s8=5Q4FtBtI/hhSVFiGApjsEsWy/ejkd3s6xw87lNC+/+DGfRnI/21m4vZdJrxaL5y7nigeH0o1&EBZ=ZTFHsb8XYda47 http://www.hotsmartdevice.com/t5n8/?XPJTM6s8=nGckRINTvjYvr27q8uWXmj3R2efNehYICnV0xqn8lf6t1eEWsuSRDxhvEO9S7voKDmPUenGk&EBZ=ZTFHsb8XYda47 http://www.solteratrashvalet.com/t5n8/ http://www.bodycamsforus.com/t5n8/ http://www.designtipstricks.com/t5n8/ http://www.thehealthnwellness.com/t5n8/?XPJTM6s8=EmOAYvuHEXJ8Ka8GbB3CnZeeKwhVYoLVzBZEEWsudyVICEp5bfG8pbRix4HIcH0NQyGdTrIs&EBZ=ZTFHsb8XYda47 http://www.designtipstricks.com/t5n8/?XPJTM6s8=4yzfNb9/a4UGTolcsXwcdj1cfLUMdahnm/eyg5XqDx6+dwQzjbSiwxPuVbMiKoJwGK2pbusB&EBZ=ZTFHsb8XYda47 http://www.bodycamsforus.com/t5n8/?XPJTM6s8=qCpgDbxZ46++gCIfutiyI//r5UwS9EorX8NBpnAnFaDz61CxQZ65GSWEqrocOO/Q5yTJs+ES&EBZ=ZTFHsb8XYda47 http://www.thehealthnwellness.com/t5n8/ http://www.dbhguitar.com/t5n8/?XPJTM6s8=VmDk+4iWU41g0u13a5FZSAeENeKA59VMtXn63LheEkEMx5qyHUEUfUQ+vYfh2cdaaVx0+J7v&EBZ=ZTFHsb8XYda47	14 Info www.hotsmartdevice.com(208.91.197.46) www.luhwahyuni.com() www.thehealthnwellness.com(34.98.99.30) www.dbhguitar.com(162.241.216.98) www.nexusbisous.com() www.solteratrashvalet.com(34.102.136.180) www.designtipstricks.com(99.83.154.118) www.bodycamsforus.com(34.102.136.180) 162.241.216.98 - mailcious 208.91.197.46 - mailcious 34.102.136.180 - mailcious 99.83.154.118 - mailcious 45.137.22.77 34.98.99.30 - phishing	1	8.8		29	ZeroCERT

12047	2021-09-03 09:22	vbc.exe 2f66472775a1d52a7aa5c54e4f50160b Malicious Library PE File OS Processor Check PE32 VirusTotal Malware unpack itself Tofsee	1 Keyword trend analysis	2	2	1.8	M	22	ZeroCERT

12048	2021-09-03 09:24	install_cleo_files.exe 925dab9ac5bb0cdffbd8e0bb5822553b Malicious Library PE File OS Processor Check PE32 DLL VirusTotal Malware PDB Creates executable files unpack itself Remote Code Execution				2.4	M	14	ZeroCERT

12049	2021-09-03 09:26	sefile.exe 83e6e738876fde792abae146193d4963 Malicious Library AntiDebug AntiVM PE File PE32 Browser Info Stealer VirusTotal Malware PDB suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted WMI unpack itself Collect installed applications Check virtual network interfaces installed browsers check Tofsee Windows Browser ComputerName Remote Code Execution DNS Cryptographic key crashed	1 Keyword trend analysis	3	2	12.6	M	23	ZeroCERT

12050	2021-09-03 09:35	Twitch Follow Bot.exe 9eb958c38bd3d39c55b009f9a200f42f RAT Generic Malware PE File .NET EXE PE32 VirusTotal Malware suspicious privilege Check memory Checks debugger unpack itself suspicious process				3.0		38	ZeroCERT

12051	2021-09-03 09:39	0902_1465137480.doc f79439b84bf0fc6cf84274fb94fe9b40 Generic Malware VBA_macro MSOffice File unpack itself				1.6			guest

12052	2021-09-03 09:42	0902_3251513311.doc ddf9b6207844d5b0bb83b88ecef0560a Generic Malware VBA_macro MSOffice File GIF Format VirusTotal Malware Malicious Traffic Checks debugger buffers extracted Creates shortcut Creates executable files RWX flags setting unpack itself Check virtual network interfaces IP Check ComputerName	2 Keyword trend analysis	4	1	8.2	M	22	guest

12053	2021-09-03 09:44	0902_7424105065.doc 952ff03c89221d84c80a8414ca66be9c Generic Malware VBA_macro MSOffice File GIF Format Malware Malicious Traffic Checks debugger buffers extracted Creates shortcut Creates executable files RWX flags setting unpack itself Check virtual network interfaces IP Check ComputerName	2 Keyword trend analysis	4	1	7.4	M		guest

12054	2021-09-03 10:00	deed contract_09.21.doc 327f2a52c00aaf93337f62b03456ee51 Generic Malware VBA_macro MSOffice File VirusTotal Malware Check memory Checks debugger RWX flags setting unpack itself	1 Keyword trend analysis	2		3.8		20	ZeroCERT

12055	2021-09-03 10:10	e_KJpx.exe d5fda1a31aa08a72883cdc3752ea681f Gen2 Gen1 NPKI RAT Formbook Emotet Generic Malware Malicious Library Antivirus Malicious Packer Admin Tool (Sysinternals etc ...) Anti_VM PE File PE32 GIF Format PNG Format JPEG Format OS Processor Check DLL MSOffice File PE64 VirusTotal Malware AppData folder Ransomware				2.6		29	ZeroCERT

12056	2021-09-03 14:43	비가스모드 2021.06.26-견적 .exe... c568117333be9807f9755d73da73fd15 Generic Malware UPX PE File PE32 MSOffice File VirusTotal Malware Check memory RWX flags setting unpack itself crashed				2.4		41	Kim.GS

12057	2021-09-03 17:12	raccon.exe f3e45f00b14b27a28c0ac04b5475a4a3 Malicious Library PE File PE32 PDB unpack itself Remote Code Execution				1.2			ZeroCERT

12058	2021-09-03 17:13	YrNDgSzymnK3JhV.exe ad4b527e8240812756aa003af27b9e48 RAT Generic Malware Admin Tool (Sysinternals etc ...) Anti_VM AntiDebug AntiVM PE File .NET EXE PE32 Browser Info Stealer VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself Windows utilities suspicious process WriteConsoleW Windows Browser ComputerName Cryptographic key crashed		1		11.6		43	ZeroCERT

12059	2021-09-03 17:14	78c06b9a03f2d8fcb86e7e0a8cedb5... 78c06b9a03f2d8fcb86e7e0a8cedb5da Malicious Library PE File OS Processor Check PE32 VirusTotal Malware PDB unpack itself				2.0	M	30	ZeroCERT

12060	2021-09-03 17:16	sufile.exe feb9288d05f4484a9e90b6861de5c6a6 Malicious Library PE File PE32 PDB unpack itself Remote Code Execution				1.2	M		ZeroCERT