Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Rule	Score	Zero	VT	Player
13426	2023-05-09 04:27	chatverlauf jasmin.txt ca29b214d1a9a341e9d3c82b3f5f490b ScreenShot AntiDebug AntiVM Check memory unpack itself					1.0			guest

13427	2023-05-09 04:09	http://www.google.com/profiles... 6e60b54e0ac99fe2b9faa077d9baf921 Downloader Create Service DGA Socket DNS Hijack Network Code injection HTTP PWS[m] Sniff Audio Steal credential Http API P2P Internet API Escalate priviledges persistence FTP KeyLogger ScreenShot AntiDebug AntiVM MSOffice File icon VirusTotal Malware Code Injection RWX flags setting exploit crash unpack itself Windows utilities malicious URLs Tofsee Windows Exploit DNS crashed	11 Keyword trend analysis Info http://www.google.com/profiles/102128379777508964956 https://www.google.com/favicon.ico https://profiles.google.com/browser-not-supported/?ref=/102128379777508964956 https://accounts.google.com/generate_204?ee2UkA https://accounts.google.com/InteractiveLogin?continue=https://currents.google.com/me?ref%3D/102128379777508964956&followup=https://currents.google.com/me?ref%3D/102128379777508964956&osid=1&passive=1209600&ifkv=Af_xneGVcbOk0Nhfyj2NKYaIAnzkb7gUppfu0TPAjyHkohCrsTfMkgCX32rJzI5KhDkoUDs2SWFT https://profiles.google.com/102128379777508964956 https://accounts.google.com/_/bscframe https://currents.google.com/me?ref=/102128379777508964956 https://accounts.google.com/v3/signin/identifier?dsh=S-637261996%3A1683572655179640&continue=https%3A%2F%2Fcurrents.google.com%2Fme%3Fref%3D%2F102128379777508964956&followup=https%3A%2F%2Fcurrents.google.com%2Fme%3Fref%3D%2F102128379777508964956&ifkv=Af_xneHjjeQYjRdZ-yaWeK6goPHI_WhTjsXXe3kJtqye_wo_vUwIl8j5T4X0Z5FxsutEpo5NIJHo&osid=1&passive=1209600&flowName=WebLiteSignIn&flowEntry=ServiceLogin https://ssl.gstatic.com/images/branding/googlelogo/2x/googlelogo_color_74x24dp.png https://accounts.google.com/ServiceLogin?passive=1209600&osid=1&continue=https://currents.google.com/me?ref%3D/102128379777508964956&followup=https://currents.google.com/me?ref%3D/102128379777508964956	10	2		4.6			guest

13428	2023-05-09 03:37	chat.db-shm 87152bb0f7d1d6bdaf6f98e1dc85e487 AntiDebug AntiVM Email Client Info Stealer suspicious privilege Checks debugger Creates shortcut unpack itself installed browsers check Browser Email ComputerName					3.4			guest

13429	2023-05-09 03:11	chatverlauf jasmin.txt ca29b214d1a9a341e9d3c82b3f5f490b ScreenShot AntiDebug AntiVM Check memory unpack itself					1.0			guest

13430	2023-05-09 03:06	chatverlauf jasmin.txt ca29b214d1a9a341e9d3c82b3f5f490b ScreenShot AntiDebug AntiVM Check memory unpack itself					1.0			guest

13431	2023-05-08 17:29	SCMB.exe e2631ced981a70bc47c46067b5d6ad89 PE64 PE File VirusTotal Cryptocurrency Miner Malware DNS CoinMiner		2	1		1.4		35	ZeroCERT

13432	2023-05-08 17:25	bebra.exe a93224e1873d5a5e442d0b552f0ae998 Generic Malware UPX Malicious Packer Malicious Library OS Processor Check PE64 PE File VirusTotal Malware crashed					1.4	M	49	ZeroCERT

13433	2023-05-08 17:22	%23%23%23%23%23%23%23%23%23%23... 0efad3b94fa6bb52c515f7979966f841 MS_RTF_Obfuscation_Objects RTF File doc Malware download VirusTotal Malware Malicious Traffic buffers extracted RWX flags setting exploit crash Exploit DNS crashed Downloader	1 Keyword trend analysis	1	3		5.0		32	ZeroCERT

13434	2023-05-08 17:20	%23%23%23%23%23%23%23%23%23%23... 7716369fd03f65e70b83a472f0c88258 MS_RTF_Obfuscation_Objects RTF File doc Malware download VirusTotal Malware Malicious Traffic buffers extracted RWX flags setting exploit crash Exploit DNS crashed Downloader	1 Keyword trend analysis	1	3		5.0		32	ZeroCERT

13435	2023-05-08 14:29	vbc.exe 2742755e3fef9f876e7b23f37b653ee6 Formbook .NET EXE PE32 PE File VirusTotal Malware PDB Check memory Checks debugger unpack itself					2.6		43	guest

13436	2023-05-08 14:28	vbc.exe 2742755e3fef9f876e7b23f37b653ee6 Formbook AntiDebug AntiVM .NET EXE PE32 PE File VirusTotal Malware PDB suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself					7.8		43	guest

13437	2023-05-08 14:08	vbc.exe 2742755e3fef9f876e7b23f37b653ee6 Formbook AntiDebug AntiVM .NET EXE PE32 PE File VirusTotal Malware PDB suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself					8.8		43	r0d

13438	2023-05-08 11:08	foto0183.exe 459b9ff381bf53ae74aae7bbdc5cc6b3 Gen1 Emotet UPX Malicious Library Malicious Packer Admin Tool (Sysinternals etc ...) CAB PE32 PE File OS Processor Check DLL Browser Info Stealer Malware download Amadey FTP Client Info Stealer Malware AutoRuns PDB suspicious privilege Malicious Traffic Check memory Checks debugger WMI Creates executable files unpack itself Windows utilities Disables Windows Security Collect installed applications suspicious process AppData folder AntiVM_Disk WriteConsoleW VM Disk Size Check installed browsers check Windows Update Browser ComputerName Remote Code Execution DNS Cryptographic key Software crashed	6 Keyword trend analysis Info http://77.91.124.20/store/games/index.php - rule_id: 32547 http://77.91.124.20/store/games/index.php http://77.91.124.20/store/games/Plugins/cred64.dll - rule_id: 31849 http://77.91.124.20/store/games/Plugins/cred64.dll http://77.91.124.20/store/games/Plugins/clip64.dll - rule_id: 32546 http://77.91.124.20/store/games/Plugins/clip64.dll	2	5	3	16.0			ZeroCERT

13439	2023-05-08 10:14	vbc.exe 2742755e3fef9f876e7b23f37b653ee6 AntiDebug AntiVM .NET EXE PE32 PE File VirusTotal Malware PDB suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself					8.6		36	ZeroCERT

13440	2023-05-08 09:40	loaderx.exe 0ad824c9898657a25c9fc6d2239764d8 PWS .NET framework RAT UPX Anti_VM PE64 .NET EXE PE File VirusTotal Malware MachineGuid Check memory Checks debugger unpack itself					2.2	M	40	ZeroCERT