Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Rule	Score	Zero	VT	Player
12541	2023-06-07 10:27	batteryacid.dat 179d4849f8d096122d05de3c7bebb4bd UPX Malicious Library OS Processor Check DLL PE File PE32 VirusTotal Malware PDB Checks debugger unpack itself crashed					2.0		10	ZeroCERT

12542	2023-06-07 10:05	index.html e66507bcd2afe260f82a61cb981ec964 AntiDebug AntiVM MSOffice File PNG Format JPEG Format Code Injection RWX flags setting exploit crash unpack itself Windows utilities Tofsee Windows Exploit DNS crashed	1 Keyword trend analysis	2	1		3.8			ZeroCERT

12543	2023-06-07 10:04	ud8qQSCc7kEdZKzblmZWqRhCfNo79m... d5b9beaf52a8d268da46a94a6c1b1a4a UPX Malicious Library OS Processor Check PE File PE32 VirusTotal Malware unpack itself					1.8		35	ZeroCERT

12544	2023-06-07 09:42	ShippingDetails.js e8150ba03200183abce718f6b028b2c3 VirusTotal Malware VBScript AutoRuns WMI heapspray wscript.exe payload download Creates executable files unpack itself AntiVM_Disk VM Disk Size Check Windows ComputerName DNS Dropper	1 Keyword trend analysis	3			10.0		9	ZeroCERT

12545	2023-06-07 09:40	d35u6pvfsr5oqz.cloudfront.net_... aeba5b78f9353aba278c46c9c820265c Generic Malware Antivirus VirusTotal Malware buffers extracted unpack itself Windows utilities WriteConsoleW Windows Cryptographic key					3.8		1	ZeroCERT

12546	2023-06-07 09:36	update.lnk eb08d873d27b94833e738f0df1d6ed26 Generic Malware Antivirus AntiDebug AntiVM GIF Format VirusTotal Malware powershell suspicious privilege Code Injection Check memory Checks debugger Creates shortcut unpack itself powershell.exe wrote suspicious process WriteConsoleW Windows ComputerName Cryptographic key	1 Keyword trend analysis				6.0		21	ZeroCERT

12547	2023-06-07 09:26	INSYy.wsf 1571f34482e30885cf9ac9ef10df739b Generic Malware Antivirus powershell suspicious privilege Check memory Checks debugger buffers extracted Creates shortcut unpack itself Check virtual network interfaces suspicious process WriteConsoleW Windows ComputerName DNS Cryptographic key	2 Keyword trend analysis	1	3		8.2	M		ZeroCERT

12548	2023-06-07 09:18	r.png.ps1 e11a08cea05e73a3949fb5f54137bf06 Hide_EXE Generic Malware Antivirus Anti_VM VirusTotal Malware Check memory unpack itself WriteConsoleW Windows Cryptographic key					1.6		12	ZeroCERT

12549	2023-06-07 09:16	194.169.175.124:3002 5e46335e018a22409430e9b58f8f90a7 UPX Malicious Library OS Processor Check PE File PE32 VirusTotal Malware					1.4	M	35	ZeroCERT

12550	2023-06-07 09:16	electronics_and_connectors.pif 582bd6f5d1720c34d07ea51b37b0a15d RAT .NET EXE PE File PE32 VirusTotal Malware Check memory Checks debugger unpack itself ComputerName					2.0	M	37	ZeroCERT

12551	2023-06-07 09:16	ebc52250faaaa0e22efe35539b006e... 85f723845b73f7791ecfc84bde974ef7 RAT .NET EXE PE File PE32 VirusTotal Malware Check memory Checks debugger unpack itself ComputerName					2.4	M	35	ZeroCERT

12552	2023-06-07 09:01	index.html e66507bcd2afe260f82a61cb981ec964 Generic Malware Browser Info Stealer MachineGuid Code Injection Checks debugger exploit crash unpack itself installed browsers check Exploit Browser crashed					3.6			ZeroCERT

12553	2023-06-07 07:50	BMKNJPO87.exe 1d45466db6f73b1f93161e33b9cad371 Formbook AntiDebug AntiVM PE64 PE File FormBook Malware download VirusTotal Malware PDB suspicious privilege MachineGuid Code Injection Malicious Traffic Check memory Checks debugger buffers extracted unpack itself suspicious TLD DNS	11 Keyword trend analysis Info http://www.windmarkdijital.xyz/p9ao/?7Gi=+bmephAqYj2sPehVYG+6vylNZ9xTD57k0www/64WlyporzTS/DQK9Cj9E45l2PnpvASrzBKQ+MTFYh98/e7cSFktWy6uJymQpJPkUO8=&Yg0pd=0Gq1uMaLm1WDER - rule_id: 33956 http://www.g2g2sport.xyz/p9ao/?7Gi=XT67LxJVileSUZubvPnUPegaTgZ/6jQtKal3VjDKoEwa5II03LuvqSNChaRu2iUoBEt/Y1rs6QWzksNnW/YxdPu4ukuWTQMQOAWrwp4=&Yg0pd=0Gq1uMaLm1WDER - rule_id: 33955 http://www.suzheng22.top/p9ao/ - rule_id: 33954 http://www.bluhenhalfte.xyz/p9ao/?7Gi=vRFPeW+a5eWj78d95ZChSzUnWBErJOu6BL+rqrQuXzoLgBIyf+8wG4E0yzEkSL259muf+heCu3SYFxv43Rue+P6JisHwLR8+s0aKyro=&Yg0pd=0Gq1uMaLm1WDER - rule_id: 33953 http://www.windmarkdijital.xyz/p9ao/ - rule_id: 33956 http://www.solarwachstum.com/p9ao/ - rule_id: 33952 http://www.solarwachstum.com/p9ao/?7Gi=CRBGmlvLKSdWYJTLFdYUqNcl5XacT7p2l/bsj7rBz10wHnkWrMrpIEuQZVcc3zXzkIzXuCRWtiUMrr5dZy1sHRpRgJUYDyiz+Rr4X1g=&Yg0pd=0Gq1uMaLm1WDER - rule_id: 33952 http://www.sqlite.org/2021/sqlite-dll-win32-x86-3360000.zip http://www.bluhenhalfte.xyz/p9ao/ - rule_id: 33953 http://www.suzheng22.top/p9ao/?7Gi=UF1gbyBA2KpG8m0Rm9ehbXR0zJmaFb1dyUpi9VFZIpYgOTVtiTl0F+cTQPY8C/xJkCHyK8gaxezu3hN4hseR4mpCn7WT9y60MQraZ8Q=&Yg0pd=0Gq1uMaLm1WDER - rule_id: 33954 http://www.g2g2sport.xyz/p9ao/ - rule_id: 33955	11 Info www.bluhenhalfte.xyz(109.123.121.243) - mailcious www.suzheng22.top(104.21.42.144) - mailcious www.solarwachstum.com(89.31.143.1) - mailcious www.g2g2sport.xyz(198.54.117.210) - mailcious www.windmarkdijital.xyz(85.159.66.93) - mailcious 109.123.121.243 - mailcious 85.159.66.93 - mailcious 89.31.143.1 - mailcious 172.67.162.131 - mailcious 198.54.117.216 - phishing 45.33.6.223	5	10 Info http://www.windmarkdijital.xyz/p9ao/ http://www.g2g2sport.xyz/p9ao/ http://www.suzheng22.top/p9ao/ http://www.bluhenhalfte.xyz/p9ao/ http://www.windmarkdijital.xyz/p9ao/ http://www.solarwachstum.com/p9ao/ http://www.solarwachstum.com/p9ao/ http://www.bluhenhalfte.xyz/p9ao/ http://www.suzheng22.top/p9ao/ http://www.g2g2sport.xyz/p9ao/	9.6	M	49	ZeroCERT

12554	2023-06-07 07:47	achform.docx 2a824a7c1f57740354cdf6a3275df44f Doc XML Downloader ZIP Format Word 2007 file format(docx) Vulnerability unpack itself					1.8	M		ZeroCERT

12555	2023-06-07 07:45	Jonh.exe 99c0cd96d46794e20fa539b20e4cff64 UPX Malicious Library OS Processor Check PE File PE32 VirusTotal Malware unpack itself DNS		1			2.0	M	24	ZeroCERT