Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Score	VT	Player
12061	2023-06-21 07:59	Uzlrz_SC.bat 23959126b62d675c8fce384d5aa127a7 PWS Downloader Create Service DGA Socket DNS Steal credential Code injection HTTP Sniff Audio Http API Internet API ScreenShot Escalate priviledges P2P FTP KeyLogger AntiDebug AntiVM VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger Creates shortcut unpack itself Windows utilities suspicious process WriteConsoleW Windows ComputerName Cryptographic key				4.4	8	ZeroCERT

12062	2023-06-21 07:51	kkk_SC.bat d1fbd19d28e0545cc756ab6c61f775be PWS Downloader Create Service DGA Socket DNS Steal credential Code injection HTTP Sniff Audio Http API Internet API ScreenShot Escalate priviledges P2P FTP KeyLogger Anti_VM AntiDebug AntiVM VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger Creates shortcut unpack itself Windows utilities suspicious process WriteConsoleW Windows ComputerName Cryptographic key				4.6	12	ZeroCERT

12063	2023-06-21 07:50	Hceea_SC.bat b3ca3299d9eb527a687232c6ec7bd05e PWS Downloader Create Service DGA Socket DNS Steal credential Code injection HTTP Sniff Audio Http API Internet API ScreenShot Escalate priviledges P2P FTP KeyLogger AntiDebug AntiVM VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger Creates shortcut unpack itself Windows utilities suspicious process WriteConsoleW Windows ComputerName Cryptographic key				4.6	11	ZeroCERT

12064	2023-06-21 07:49	build_SC.bat 6cfcd7cf6081cb3dddc3b942446d9e43 PWS Downloader Create Service DGA Socket DNS Steal credential Code injection HTTP Sniff Audio Http API Internet API ScreenShot Escalate priviledges P2P FTP KeyLogger Anti_VM AntiDebug AntiVM VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger Creates shortcut unpack itself Windows utilities suspicious process WriteConsoleW Windows ComputerName Cryptographic key				4.4	7	ZeroCERT

12065	2023-06-21 07:49	csg20.bat 2a4f1b025428014f0217bf88463bbdea PWS Downloader Create Service DGA Socket DNS Steal credential Code injection HTTP Sniff Audio Http API Internet API ScreenShot Escalate priviledges P2P FTP KeyLogger AntiDebug AntiVM VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger Creates shortcut unpack itself Windows utilities suspicious process WriteConsoleW Windows ComputerName Cryptographic key				4.6	13	ZeroCERT

12066	2023-06-21 07:48	amadey4.bat 6d3bc827d3ee74ac36cfe4fa25b56af1 PWS Downloader Create Service DGA Socket DNS Steal credential Code injection HTTP Sniff Audio Http API Internet API ScreenShot Escalate priviledges P2P FTP KeyLogger AntiDebug AntiVM VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger Creates shortcut unpack itself Windows utilities suspicious process WriteConsoleW Windows ComputerName Cryptographic key				4.4	1	ZeroCERT

12067	2023-06-21 07:39	thomas.hta 5ee0717be491e47a97affc5d4bc8d206 VirusTotal Malware crashed				1.0	25	ZeroCERT

12068	2023-06-21 07:38	png.php.pdf a0d76edc7a696b2629b70a386d376568 PDF ZIP Format Windows utilities Windows	5 Keyword trend analysis Info http://acroipm2.adobe.com/20/rdr/ENU/win/nooem/none/consumer/277_20_6_20042.zip http://acroipm2.adobe.com/20/rdr/ENU/win/nooem/none/consumer/280_20_6_20042.zip http://acroipm2.adobe.com/20/rdr/ENU/win/nooem/none/consumer/message.zip http://acroipm2.adobe.com/20/rdr/ENU/win/nooem/none/consumer/281_20_6_20042.zip http://acroipm2.adobe.com/20/rdr/ENU/win/nooem/none/consumer/278_20_6_20042.zip			1.4		ZeroCERT

12069	2023-06-21 07:38	rat.php.exe 9b3da5bac2a6fa890a628527d85ba7f3 UPX Malicious Library OS Processor Check PE64 PE File Malware download VirusTotal Malware Microsoft PDB suspicious process Exploit DNS		1	2	2.6	34	ZeroCERT

12070	2023-06-21 07:31	rapport 2023 MZN Thoma.pdf.lnk db1823a89b8d3dba49d2f27fb8285bc1 Generic Malware Antivirus AntiDebug AntiVM GIF Format PowerShell Vulnerability Malware powershell suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted Creates shortcut unpack itself powershell.exe wrote suspicious process WriteConsoleW installed browsers check Interception Windows Exploit Browser ComputerName DNS Cryptographic key	1 Keyword trend analysis	1	4	9.0		ZeroCERT

12071	2023-06-21 07:23	NewPurchaseOrderRequestPO73673... 7f301f1443cb5156050f28c97e5e465c UPX Malicious Library MZP Format PE File PE32 VirusTotal Malware unpack itself				2.2	30	ZeroCERT

12072	2023-06-21 07:07	Ds.js 7c9e3841723fabbf0791e8b1c6f431dc Generic Malware Antivirus Hide_URL AntiDebug AntiVM PowerShell powershell suspicious privilege Code Injection Check memory Checks debugger Creates shortcut unpack itself suspicious process Windows ComputerName Cryptographic key	6 Keyword trend analysis			5.6		ZeroCERT

12073	2023-06-21 07:07	Ye.js c11b9918f7999873013df64bc059e5a0 Generic Malware Antivirus Hide_URL AntiDebug AntiVM PowerShell suspicious privilege Code Injection Check memory Checks debugger Creates shortcut unpack itself suspicious process Windows ComputerName Cryptographic key	5 Keyword trend analysis			5.6		ZeroCERT

12074	2023-06-21 07:07	Fiotl.js 90b22d872e0b2efe9678cc6327cda156 Generic Malware Antivirus Hide_URL AntiDebug AntiVM PowerShell VirusTotal Malware powershell suspicious privilege Code Injection Check memory Checks debugger Creates shortcut unpack itself suspicious process Windows ComputerName Cryptographic key	4 Keyword trend analysis			6.0	3	ZeroCERT

12075	2023-06-21 05:50	vp2023.exe cfdb201a4cd2100b3761eb4dfe98545f UPX Malicious Library MZP Format PE File PE32 VirusTotal Malware unpack itself Tofsee	1 Keyword trend analysis	2	3	1.8	12	ZeroCERT