popup

Submissions

No Date Request Urls Hosts IDS Rule Score Zero VT Player Etc
12466 2021-09-16 09:07 Enquiry_633772886png.exe  

3e59fa59bd61e4fd87d179b719b21862


RAT Generic Malware AntiDebug AntiVM PE File .NET EXE PE32 VirusTotal Malware Buffer PE suspicious privilege Code Injection Check memory Checks debugger buffers extracted WMI RWX flags setting unpack itself Check virtual network interfaces ComputerName crashed 		9.4 M 15 ZeroCERT

12467 2021-09-16 09:08 vbc.exe  

451e4cd68c69c2c8b8fc93ad02e8754a


UPX PE File PE32 VirusTotal Malware Check memory RWX flags setting unpack itself anti-virtualization Remote Code Execution 		2.8 M 33 ZeroCERT

12468 2021-09-16 09:10 bin-cryp.exe  

9284392fd96b31b3de8d8f664de3f0e4


RAT Generic Malware AntiDebug AntiVM PE File .NET EXE PE32 FormBook Malware download VirusTotal Malware AutoRuns suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted unpack itself Windows utilities Check virtual network interfaces suspicious process WriteConsoleW Windows ComputerName crashed 		3 8 1 11.4 M 25 ZeroCERT

12469 2021-09-16 09:34 0915_1865054706334.doc  

ea11da40146b88037069a3bafdd2ba3e


VBA_macro Generic Malware MSOffice File GIF Format Malware Malicious Traffic Checks debugger buffers extracted Creates shortcut Creates executable files RWX flags setting unpack itself Check virtual network interfaces suspicious TLD IP Check ComputerName 		2 4 1 7.8 M ZeroCERT

12470 2021-09-16 09:34 ivME2bfWY3mj4M7.exe  

857aff9992a47764185c61da2493c753


North Korea RAT PWS .NET framework Generic Malware Antivirus DNS KeyLogger AntiDebug AntiVM PE File .NET EXE PE32 VirusTotal Malware powershell Buffer PE suspicious privilege Code Injection Check memory Checks debugger buffers extracted Creates shortcut unpack itself powershell.exe wrote suspicious process WriteConsoleW Windows ComputerName DNS Cryptographic key DDNS 		2 1 11.6 28 ZeroCERT

12471 2021-09-16 09:36 Contract.xll  

c38250c448e02d1bd98d7a315a4d38b8


Generic Malware Malicious Library PE64 PE File OS Processor Check DLL VirusTotal Malware Remote Code Execution 		1.4 17 ZeroCERT

12472 2021-09-16 09:37 0915_2121773768090.doc  

83455cd4a96481efdff25ce44ff31d28


VBA_macro Generic Malware MSOffice File GIF Format Malware Malicious Traffic Checks debugger buffers extracted Creates shortcut Creates executable files RWX flags setting unpack itself Check virtual network interfaces IP Check ComputerName 		2 4 1 7.4 M ZeroCERT

12473 2021-09-16 09:41 Лист вих. на 10.2021.docx  

c7b9240f44af3ad5e22451618729d874


Word 2007 file format(docx) VirusTotal Malware unpack itself suspicious TLD 		3 2 2.4 2 ZeroCERT

12474 2021-09-16 09:41 0915_2365641049347.doc  

94ba9bb8b4894a227f110589304f283e


VBA_macro Generic Malware MSOffice File GIF Format Malware Malicious Traffic Checks debugger buffers extracted Creates shortcut Creates executable files RWX flags setting unpack itself Check virtual network interfaces IP Check ComputerName 		2 4 1 7.4 M ZeroCERT

12475 2021-09-16 09:45 RQF _1000281534.jar  

5655fa13d9f8c7758b78b1998836f17e


NPKI Malicious Packer Malicious Library PE File DLL PE32 OS Processor Check Malware download NetWireRC VirusTotal Email Client Info Stealer Malware AutoRuns Check memory Checks debugger buffers extracted WMI Creates executable files RWX flags setting unpack itself Windows utilities Check virtual network interfaces suspicious process AppData folder WriteConsoleW IP Check Windows Java Email ComputerName DNS crashed 		1 9 3 9.2 23 ZeroCERT

12476 2021-09-16 09:46 5c4c5071-b74e-4e6e-aac5-9ed910...  

63ed9cef97bf98e68d2bca42cf16c475


RAT Generic Malware PE File .NET DLL DLL PE32 VirusTotal Malware 		1.2 48 ZeroCERT

12477 2021-09-16 09:52 vbc.exe  

451e4cd68c69c2c8b8fc93ad02e8754a


Generic Malware UPX PE File PE32 VirusTotal Malware Check memory RWX flags setting unpack itself anti-virtualization Remote Code Execution 		2.8 M 33 r0d

12478 2021-09-16 09:52 3r.jpeg  

3eb3bb1d54b8be3ca1c573e82c5ae51e

Check memory Checks debugger RWX flags setting unpack itself crashed 		1.4 ZeroCERT

12479 2021-09-16 09:56 INV.-54490_20210915.xlsm  

f2bec56e09883a139201183f00f400a4


Malicious Library PE File DLL PE32 VirusTotal Malware MachineGuid Check memory Checks debugger buffers extracted WMI RWX flags setting unpack itself Windows utilities suspicious process WriteConsoleW Tofsee Windows ComputerName crashed 		1 2 1 7.2 11 ZeroCERT

12480 2021-09-16 09:56 vbc.exe  

4399c694e88f3f32d22d91c6c4a173ed


Generic Malware UPX PE File PE32 VirusTotal Malware Check memory RWX flags setting unpack itself anti-virtualization Remote Code Execution 		3.2 M 37 r0d

keyword