Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Score	Zero	VT	Player
13366	2023-05-10 18:07	aaaa.exe 852e911a70f5f4ebdf572adc36cb97f6 AntiDebug AntiVM MSOffice File Code Injection ICMP traffic RWX flags setting exploit crash unpack itself Windows utilities Tofsee Windows Exploit DNS crashed		6	2	6.0	M		ZeroCERT

13367	2023-05-10 18:05	vbc.exe 31b54d8b3a96f7346c0d96f79a5f70d2 PWS .NET framework Formbook Hide_EXE Generic Malware Antivirus SMTP KeyLogger Anti_VM AntiDebug AntiVM .NET EXE PE File PE32 Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware powershell suspicious privilege Code Injection Check memory Checks debugger buffers extracted Creates shortcut unpack itself Windows utilities powershell.exe wrote Check virtual network interfaces suspicious process WriteConsoleW IP Check Tofsee Windows Browser Email ComputerName Cryptographic key Software crashed	1 Keyword trend analysis	2	1	14.0	M	52	ZeroCERT

13368	2023-05-10 18:05	index.php ffdf510dac759b90ec0e44b755fdb09a UPX Malicious Library OS Processor Check PE File PE32 VirusTotal Malware unpack itself Remote Code Execution				2.0	M	26	ZeroCERT

13369	2023-05-10 18:03	pspp 14f04f5932bc851acf217a147afb018a UPX Malicious Library VMProtect OS Processor Check PE64 PE File VirusTotal Malware				2.2	M	42	ZeroCERT

13370	2023-05-10 18:02	vbc.exe 906095752970580abc9cabb800275187 Generic Malware UPX Malicious Library OS Processor Check PE File PE32 VirusTotal Malware PDB unpack itself Remote Code Execution DNS				3.8	M	30	ZeroCERT

13371	2023-05-10 18:01	QQQQ%23%23%23%23%23%23%23%23%2... 00a01e52c1cea67f0060dc808ed99ab7 MS_RTF_Obfuscation_Objects RTF File doc Malware download VirusTotal Malware Malicious Traffic buffers extracted RWX flags setting exploit crash Windows Exploit DNS crashed Downloader	1 Keyword trend analysis	1	7 Info ET INFO Executable Download from dotted-quad Host ET MALWARE MSIL/GenKryptik.FQRH Download Request ET MALWARE Terse alphanumeric executable downloader high likelihood of being hostile ET MALWARE Likely Evil EXE download from dotted Quad by MSXMLHTTP M1 ET POLICY PE EXE or DLL Windows file download HTTP ET MALWARE Likely Evil EXE download from dotted Quad by MSXMLHTTP M2 ET HUNTING SUSPICIOUS Dotted Quad Host MZ Response	4.8	M	28	ZeroCERT

13372	2023-05-10 18:01	yfpqyf6z34gx4.exe 1bad400e3d462431b279bcfff555fd58 AntiDebug AntiVM MSOffice File Code Injection ICMP traffic RWX flags setting exploit crash unpack itself Windows utilities Tofsee Windows Exploit DNS crashed		5	2	6.0	M		ZeroCERT

13373	2023-05-10 17:59	vbc.exe 746e259e8909d818693bce42b28ad243 PWS .NET framework SMTP PWS[m] KeyLogger AntiDebug AntiVM .NET EXE PE File PE32 Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware PDB suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself Check virtual network interfaces IP Check Tofsee Windows Browser Email ComputerName Cryptographic key Software crashed	1 Keyword trend analysis	2	1	12.4	M	53	ZeroCERT

13374	2023-05-10 17:58	sun.exe d943a312a3e7bcc124099611fb6c11f2 PWS .NET framework Generic Malware Antivirus KeyLogger AntiDebug AntiVM .NET EXE PE File PE32 Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware powershell AutoRuns PDB suspicious privilege Code Injection Check memory Checks debugger buffers extracted Creates shortcut unpack itself powershell.exe wrote Check virtual network interfaces suspicious process WriteConsoleW Windows Browser Email ComputerName Cryptographic key Software crashed		2	2	14.2	M	43	ZeroCERT

13375	2023-05-10 14:00	94f6d162d47da132_워싱턴선언, 북핵 위협 ... c7b099c4f8b3e909becd086f29e18f91 HWP MSOffice File GIF Format Checks debugger Creates shortcut Creates executable files unpack itself				1.4			JYC

13376	2023-05-10 11:11	123.exe 851dfeb9035473532d796a9b41608b3c Vidar PE64 PE File VirusTotal Malware PDB MachineGuid Check memory Checks debugger unpack itself				2.0	M	22	r0d

13377	2023-05-10 10:17	123.exe 851dfeb9035473532d796a9b41608b3c PE64 PE File VirusTotal Malware PDB MachineGuid Check memory Checks debugger unpack itself				2.0	M	22	ZeroCERT

13378	2023-05-10 10:15	50050291542339510009.bin 88e6deee81ba6c70e517b7b4dcf56b5e Gen1 UPX Malicious Library OS Processor Check PE32 PE File VirusTotal Malware unpack itself Windows utilities WriteConsoleW Windows ComputerName crashed				3.6	M	52	ZeroCERT

13379	2023-05-10 10:13	forscan.exe 50ef79424f390cfba341d58e90329b3f RedLine stealer[m] Gen2 Loki_b Loki_m RAT Generic Malware UPX Malicious Library AntiDebug AntiVM OS Processor Check PE64 PE File .NET EXE PE32 Browser Info Stealer FTP Client Info Stealer VirusTotal Malware PDB suspicious privilege Code Injection Check memory Checks debugger buffers extracted WMI Creates executable files unpack itself Collect installed applications AppData folder installed browsers check Windows Browser ComputerName DNS Cryptographic key Software crashed		1		13.0	M	15	ZeroCERT

13380	2023-05-10 10:12	ghjkl.exe 9453b414b969dc9b52b9327e324dc1eb Generic Malware Antivirus ScreenShot AntiDebug AntiVM .NET EXE PE32 PE File VirusTotal Malware powershell suspicious privilege Code Injection Check memory Checks debugger buffers extracted Creates shortcut Creates executable files unpack itself powershell.exe wrote suspicious process AppData folder Windows ComputerName Cryptographic key crashed				10.8	M	50	ZeroCERT