popup

Submissions

No Date Request Urls Hosts IDS Rule Score Zero VT Player Etc
12196 2023-06-15 10:42 Docs_Request_06(29).js  

70820d263876261cc2d28fb8839adb18


VBScript wscript.exe payload download unpack itself Tofsee crashed Dropper 		1 2 2 10.0 ZeroCERT

12197 2023-06-15 10:42 Docs_Request_06(62).js  

9a27bf21439229a96a0c621003e867e7


VBScript wscript.exe payload download Tofsee Dropper 		1 2 2 10.0 ZeroCERT

12198 2023-06-15 10:12 DZQCirIAcHMmDb.js  

63fd837c2148074ef5d675f8f4158433


Generic Malware Antivirus Hide_URL AntiDebug AntiVM PowerShell VirusTotal Malware powershell suspicious privilege Code Injection Check memory Checks debugger Creates shortcut unpack itself suspicious process Windows ComputerName Cryptographic key 		5 6.0 2 ZeroCERT

12199 2023-06-15 10:00 DZQCirIAcHMmDb.js  

63fd837c2148074ef5d675f8f4158433


Generic Malware Antivirus Hide_URL AntiDebug AntiVM PowerShell VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger Creates shortcut unpack itself suspicious process Windows ComputerName Cryptographic key 		5 6.0 2 ZeroCERT

12200 2023-06-15 10:00 EEmkwV3LNleuc.js  

6674208a0dd41d67bf69a013118b89e1


Generic Malware Antivirus Hide_URL AntiDebug AntiVM PowerShell powershell suspicious privilege Code Injection Check memory Checks debugger Creates shortcut unpack itself suspicious process Windows ComputerName Cryptographic key 		5 5.6 ZeroCERT

12201 2023-06-15 09:59 CfnGTAbbbLsM.js  

88d296a36013d8c57c26bc9256f1aa67


Generic Malware Antivirus Hide_URL AntiDebug AntiVM PowerShell VirusTotal Malware powershell suspicious privilege Code Injection Check memory Checks debugger Creates shortcut unpack itself suspicious process Windows ComputerName Cryptographic key 		5 6.0 2 ZeroCERT

12202 2023-06-15 09:54 CalculationOfCosts-2055199829....  

c480781f3fcfacd9d3794cb2a384854d

 guest

12203 2023-06-15 09:54 CalculationOfCosts-1820686166....  

27410805d448e911866d84a7a01333a2

 guest

12204 2023-06-15 09:43 Hola-Setup-C-Mmv32.exe  

cb06e19e6cf9591a1b3e12a1b2bb9b00


PWS .NET framework RAT UPX Malicious Packer OS Processor Check .NET EXE PE File PE32 PDB suspicious privilege Check memory Checks debugger unpack itself Check virtual network interfaces Windows ComputerName Cryptographic key 		2.2 ZeroCERT

12205 2023-06-15 09:34 berr.php  

2647b360714230b3cce8ffe18ca8a81e


UPX OS Processor Check DLL PE64 PE File PDB Checks debugger unpack itself crashed 		1.4 M ZeroCERT

12206 2023-06-15 09:29 20656835221180429241.bin  

f9c84f694ef7425a07d5652b5dea0e33


Gen1 UPX Malicious Library OS Processor Check PE File PE32 VirusTotal Malware RWX flags setting unpack itself Windows utilities WriteConsoleW Windows ComputerName crashed 		3.8 37 ZeroCERT

12207 2023-06-15 09:26 34324543.dll  

a5d456bcb8127164d78c03dbc688b8a5


UPX OS Processor Check DLL PE64 PE File PDB Checks debugger unpack itself crashed 		1.4 guest

12208 2023-06-15 07:33 wswswswswswswswsws%23%23%23%23...  

418aefdb083ce19b972f4573f3ed98ff


Loki MS_RTF_Obfuscation_Objects RTF File doc LokiBot Malware download Malware c&c Malicious Traffic buffers extracted exploit crash unpack itself Windows Exploit DNS crashed 		3 2 13 1 4.4 M ZeroCERT

12209 2023-06-15 07:30 cc.exe  

323317d95d40108aa42de6bff8ee8bbd


UPX Malicious Library OS Processor Check PE File PE32 unpack itself Remote Code Execution 		1.2 ZeroCERT

12210 2023-06-15 07:28 cleanmgr.exe  

56677d90dd57da29bab6f859ee4b810d


UPX Malicious Library PE File PE32 PNG Format DLL Check memory Creates executable files unpack itself AppData folder 		2.0 ZeroCERT

keyword