Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Rule	Score	Zero	VT	Player
13186	2023-05-16 18:01	test2.bat 7a101f92a30ccd73bcdd71c103475442 Generic Malware Downloader Antivirus Create Service DGA Socket DNS Code injection HTTP PWS[m] Sniff Audio Steal credential Http API P2P Internet API Escalate priviledges FTP KeyLogger ScreenShot AntiDebug AntiVM powershell suspicious privilege Check memory Checks debugger WMI Creates shortcut unpack itself Windows utilities powershell.exe wrote suspicious process WriteConsoleW Windows ComputerName Cryptographic key crashed					5.2			ZeroCERT

13187	2023-05-16 17:52	wf_4780.exe ec4951e9f2b1945815954fec161cf57a PWS .NET framework RAT UPX Malicious Library OS Processor Check .NET EXE PE File PE32 VirusTotal Malware Check memory Checks debugger unpack itself					2.0	M	60	ZeroCERT

13188	2023-05-16 15:57	5.26행사초청장.hwp 9b754bc802f440121aaf9f7daa4ec989 HWP PS PostScript AntiDebug AntiVM MSOffice File Code Injection RWX flags setting exploit crash unpack itself Windows utilities Tofsee Windows Exploit DNS crashed			2		3.8			guest

13189	2023-05-16 15:55	5.26행사일정표.hwp.lnk 74e3d84492845067a0da6cfa00c064eb Generic Malware HWP MSOffice File GIF Format							25	ZeroCERT

13190	2023-05-16 15:53	526.zip 487769a19f032e981f33023b2cb7fe10 Generic Malware HWP PS PostScript ZIP Format MSOffice File VirusTotal Malware					0.8		26	ZeroCERT

13191	2023-05-16 15:44	5.26.zip 487769a19f032e981f33023b2cb7fe10 Generic Malware HWP PS PostScript ZIP Format MSOffice File VirusTotal Malware					0.8		26	ZeroCERT

13192	2023-05-16 15:42	5.26행사초청장&일정표 (2).zip 994e644b7a36edfd7211f3141bd4c652 ZIP Format								ZeroCERT

13193	2023-05-16 15:40	5.26행사초청장&일정표.zip 487769a19f032e981f33023b2cb7fe10 Generic Malware HWP PS PostScript ZIP Format MSOffice File VirusTotal Malware					0.8		26	ZeroCERT

13194	2023-05-16 15:37	북한인권단체 활동의 어려움과 활성화 방안.chm... 002fd493096214a9a44d82acb7f1ac30 AntiDebug AntiVM CHM Format VirusTotal Malware Code Injection Check memory unpack itself crashed					2.4		17	ZeroCERT

13195	2023-05-16 13:14	File_pass1234.7z 6323683cd9d1a9b15963cf5f50445139 PWS[m] Escalate priviledges KeyLogger AntiDebug AntiVM Malware suspicious privilege Malicious Traffic Check memory Checks debugger Creates executable files unpack itself IP Check Tofsee DNS	5 Keyword trend analysis	13	2	2	5.6	M		ZeroCERT

13196	2023-05-16 11:33	File_pass1234.7z 1c1e748fc4c5b06185b1cc3efbb89ab4 PWS[m] Escalate priviledges KeyLogger AntiDebug AntiVM Malware suspicious privilege Malicious Traffic Check memory Checks debugger Creates executable files unpack itself IP Check Tofsee DNS	5 Keyword trend analysis	12	2	2	4.2	M		ZeroCERT

13197	2023-05-16 11:22	6462c9b83536b.zip 70692b4fc4b50e7ad88a36c78af7ba2c ZIP Format Malware Malicious Traffic NetSupport	4 Keyword trend analysis	4	3		0.8			ZeroCERT

13198	2023-05-16 10:36	RECI 459d85937f975c9571d2cb390a16c117 RAT .NET DLL DLL PE File PE32 VirusTotal Malware PDB					1.2	M	33	ZeroCERT

13199	2023-05-16 10:36	Nzor.js 82c1abc36b66e14b3afb16c20661535e Generic Malware Admin Tool (Sysinternals etc ...) Antivirus Hide_URL AntiDebug AntiVM PowerShell powershell suspicious privilege Code Injection Check memory Checks debugger Creates shortcut unpack itself suspicious process Windows ComputerName Cryptographic key	1 Keyword trend analysis				6.2			ZeroCERT

13200	2023-05-16 10:36	Azpq.js e4195aae5423bf84ce95fdc8b6c37919 Generic Malware Antivirus Hide_URL AntiDebug AntiVM PowerShell powershell suspicious privilege Code Injection Check memory Checks debugger Creates shortcut unpack itself suspicious process Windows ComputerName Cryptographic key	2 Keyword trend analysis				6.2			ZeroCERT