Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Score	Zero	VT	Player
13471	2021-10-13 09:24	tt.exe 82e8c0c279d95dc0f9ab425cdfeffdec Generic Malware Antivirus UPX PE File PE32 VirusTotal Malware AutoRuns Creates executable files AppData folder sandbox evasion Windows		2		7.2	M	50	r0d

13472	2021-10-13 09:25	kazpwnz.exe 31ded4b963930c83a70e1b7233568609 RAT PWS .NET framework Generic Malware UPX PE File PE32 OS Processor Check .NET EXE Browser Info Stealer FTP Client Info Stealer VirusTotal Malware suspicious privilege Malicious Traffic Check memory Checks debugger buffers extracted ICMP traffic unpack itself Collect installed applications Check virtual network interfaces suspicious TLD installed browsers check Windows Browser ComputerName Cryptographic key Software crashed	1 Keyword trend analysis	4		7.8	M	30	ZeroCERT

13473	2021-10-13 09:26	vbc.exe e73620259f5ec6d26ed10d9580b91437 UPX Malicious Library PE File PE32 OS Processor Check VirusTotal Malware PDB unpack itself Remote Code Execution				2.6		43	ZeroCERT

13474	2021-10-13 09:27	wins.exe cc0458fa6fb1ba005a27dcaa0c056f1f PWS .NET framework Generic Malware PE File PE32 .NET EXE VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger unpack itself				5.0	M	26	ZeroCERT

13475	2021-10-13 09:29	.winlogon.exe 5d388a0651d6bb853ebcd267f3571c6a Generic Malware Admin Tool (Sysinternals etc ...) SMTP KeyLogger AntiDebug AntiVM PE File PE32 .NET EXE VirusTotal Malware PDB suspicious privilege Code Injection Check memory Checks debugger buffers extracted Creates executable files unpack itself Windows utilities suspicious process AppData folder WriteConsoleW Windows ComputerName				10.6		32	ZeroCERT

13476	2021-10-13 09:31	dyno.exe 8fb7b0d584386defa56169e341f6ee64 Generic Malware UPX PE File PE32 VirusTotal Malware Check memory RWX flags setting unpack itself Remote Code Execution				2.2	M	39	r0d

13477	2021-10-13 09:31	calibn123.html dd5903ab68201806363e3d36cbf448fe Antivirus AntiDebug AntiVM PNG Format MSOffice File Code Injection Creates executable files RWX flags setting exploit crash unpack itself Windows utilities Tofsee Windows Exploit DNS crashed	32 Keyword trend analysis Info https://resources.blogblog.com/blogblog/data/1kt/simple/gradients_light.png https://www.blogger.com/static/v1/jsbin/403901366-ieretrofit.js https://www.google.com/css/maia.css https://fonts.googleapis.com/css?family=Open+Sans:300 https://www.google-analytics.com/analytics.js https://www.blogger.com/static/v1/widgets/3210581208-widgets.js https://www.blogger.com/img/share_buttons_20_3.png https://www.blogger.com/comment-iframe.g?blogID=8965474558532949541&pageID=897283540578547401&blogspotRpcToken=7367746&bpli=1 https://resources.blogblog.com/img/anon36.png https://www.blogger.com/static/v1/v-css/281434096-static_pages.css https://www.google.com/js/bg/ski65UMEGC96LS7yQSVhEq8qJ3bvAESlKg8ebljTCtw.js https://resources.blogblog.com/img/blank.gif https://www.blogger.com/blogin.g?blogspotURL=https%3A%2F%2Fhogyartohonathajhnailagrahiat1.blogspot.com%2Fp%2Fcalibn123.html&type=blog&bpli=1 https://www.blogger.com/comment-iframe-bg.g?bgresponse=js_disabled&iemode=9&page=1&bgint=ski65UMEGC96LS7yQSVhEq8qJ3bvAESlKg8ebljTCtw https://www.blogger.com/blogin.g?blogspotURL=https://hogyartohonathajhnailagrahiat1.blogspot.com/p/calibn123.html&type=blog https://www.blogger.com/dyn-css/authorization.css?targetBlogID=8965474558532949541&zx=171a0a6d-d9aa-4f65-8fd1-64ac9266256c https://www.blogger.com/static/v1/widgets/1667664774-css_bundle_v2.css https://resources.blogblog.com/blogblog/data/1kt/simple/body_gradient_tile_light.png https://accounts.google.com/ServiceLogin?passive=true&continue=https://www.blogger.com/blogin.g?blogspotURL%3Dhttps://hogyartohonathajhnailagrahiat1.blogspot.com/p/calibn123.html%26type%3Dblog%26bpli%3D1&followup=https://www.blogger.com/blogin.g?blogspotURL%3Dhttps://hogyartohonathajhnailagrahiat1.blogspot.com/p/calibn123.html%26type%3Dblog%26bpli%3D1&go=true https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxM.woff https://www.gstatic.com/images/branding/googlelogo/svg/googlelogo_clr_74x24px.svg https://www.blogger.com/static/v1/jsbin/3813818826-cmt__en_gb.js https://www.blogger.com/static/v1/jsbin/186635561-comment_from_post_iframe.js https://fonts.googleapis.com/css?lang=ko&family=Product+Sans\|Roboto:400,700 https://www.blogger.com/img/blogger-logotype-color-black-1x.png https://www.blogger.com/static/v1/jsbin/3101730221-analytics_autotrack.js https://www.blogger.com/comment-iframe.g?blogID=8965474558532949541&pageID=897283540578547401&blogspotRpcToken=7367746 https://www.blogger.com/static/v1/v-css/2621646369-cmtfp.css https://fonts.gstatic.com/s/opensans/v26/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsiH0B4gaVQ.woff https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc-.woff https://resources.blogblog.com/img/icon18_edit_allbkg.gif https://accounts.google.com/ServiceLogin?passive=true&continue=https://www.blogger.com/comment-iframe.g?blogID%3D8965474558532949541%26pageID%3D897283540578547401%26blogspotRpcToken%3D7367746%26bpli%3D1&followup=https://www.blogger.com/comment-iframe.g?blogID%3D8965474558532949541%26pageID%3D897283540578547401%26blogspotRpcToken%3D7367746%26bpli%3D1&go=true	17 Info resources.blogblog.com(216.58.220.137) www.google.com(172.217.175.228) www.gstatic.com(216.58.220.131) fonts.googleapis.com(172.217.175.42) accounts.google.com(216.58.220.109) www.google-analytics.com(142.250.196.142) fonts.gstatic.com(172.217.174.99) www.blogger.com(216.58.220.137) 142.250.204.35 142.250.204.36 182.162.106.26 142.250.204.106 142.250.204.78 172.217.174.201 142.250.66.99 142.250.66.41 142.250.199.77	2	4.2			ZeroCERT

13478	2021-10-13 09:32	vbc.exe 31e6b247ed09dd570a66dd7e75174c9b NSIS UPX Malicious Library PE File PE32 OS Processor Check DLL Emotet VirusTotal Malware Code Injection Check memory Creates executable files unpack itself AppData folder				4.2	M	21	ZeroCERT

13479	2021-10-13 09:38	roth123123.ps1 95be9d4c3bc232a56332f26cc8e6e9fe Generic Malware Antivirus VirusTotal Malware Check memory unpack itself Windows Cryptographic key				1.2		5	ZeroCERT

13480	2021-10-13 09:38	mv.css.bat 52bac62fcdd2a91efb199879c7ed9c87 Generic Malware Antivirus DGA DNS Socket Create Service Sniff Audio Escalate priviledges KeyLogger Code injection HTTP Internet API FTP ScreenShot Http API Steal credential Downloader P2P AntiDebug AntiVM VirusTotal Malware powershell suspicious privilege Check memory Checks debugger Creates shortcut Creates executable files unpack itself Windows utilities powershell.exe wrote suspicious process WriteConsoleW Windows ComputerName Cryptographic key				6.4		8	ZeroCERT

13481	2021-10-13 09:42	wiki.txt.html 30d93f24af177e15f8e1f1ea876bc45e AntiDebug AntiVM MSOffice File Code Injection RWX flags setting exploit crash unpack itself Windows utilities Tofsee Windows Exploit DNS crashed			2	3.8			ZeroCERT

13482	2021-10-13 09:44	Macro test.doc b60b59d191a6ec82bcd34bbf3798777e VBA_macro Generic Malware Antivirus MSOffice File VirusTotal Malware powershell suspicious privilege Malicious Traffic Check memory Checks debugger Creates shortcut RWX flags setting unpack itself Check virtual network interfaces suspicious process WriteConsoleW Tofsee Windows ComputerName Cryptographic key	1 Keyword trend analysis	2	1	9.8		31	ZeroCERT

13483	2021-10-13 09:44	cma.trf.ps1 ea3c8e9f45bbf4f60b317741f0b8fefe Generic Malware Antivirus VirusTotal Malware Check memory unpack itself WriteConsoleW Windows Cryptographic key				2.6	M	11	ZeroCERT

13484	2021-10-13 09:47	wiki.txt.js 30d93f24af177e15f8e1f1ea876bc45e unpack itself crashed				0.6			ZeroCERT

13485	2021-10-13 09:54	art-1497103709.xls e7f00e7a7976c5139c40307305876e07 Downloader MSOffice File RWX flags setting unpack itself suspicious process Tofsee	4 Keyword trend analysis	8	2	4.0			guest