Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Score	Zero	VT	Player
13486	2021-10-13 09:56	art-1498234058.xls 82971d920eb190845b0959c573066b59 Downloader MSOffice File RWX flags setting unpack itself suspicious process Tofsee	4 Keyword trend analysis	8	2	4.0			guest

13487	2021-10-13 09:58	art-1499366628.xls aca4b051169ad659eb101013376bef47 Downloader MSOffice File RWX flags setting unpack itself suspicious process Tofsee	4 Keyword trend analysis	8	2	4.0			guest

13488	2021-10-13 10:10	art-1517315850.xls 6c179f264af283320b5b96459db76c81 Downloader MSOffice File RWX flags setting unpack itself suspicious process Tofsee	4 Keyword trend analysis	8	2	4.0			guest

13489	2021-10-13 10:40	mv.css.bat 52bac62fcdd2a91efb199879c7ed9c87 VirusTotal Malware				0.4		8	ZeroCERT

13490	2021-10-13 10:53	1.dll 9a1725b1db1d41e3718526e265a8c6fb UPX Malicious Library PE64 PE File OS Processor Check DLL VirusTotal Malware Checks debugger unpack itself crashed				1.4		8	ZeroCERT

13491	2021-10-13 10:53	1.dll a3dfaa6badd480c93af825510e7cd1d2 UPX Malicious Library PE64 PE File OS Processor Check DLL VirusTotal Malware Checks debugger unpack itself				1.8		8	ZeroCERT

13492	2021-10-13 10:55	IMG_4300056553456287889.scr 64b84aa8c9021baa6433fc54d4a31235 UPX Malicious Library PE File PE32 VirusTotal Malware				1.4		36	ZeroCERT

13493	2021-10-13 10:56	IMG_321000475434899465.scr 64b84aa8c9021baa6433fc54d4a31235 UPX Malicious Library PE File PE32 VirusTotal Malware				1.4		36	ZeroCERT

13494	2021-10-13 11:19	S~0339837653_03987653367838763... b1f6ec33a7a1ce75919cef261b95cdae PWS .NET framework Generic Malware DNS AntiDebug AntiVM PE File PE32 .NET EXE VirusTotal Malware Buffer PE AutoRuns suspicious privilege MachineGuid Code Injection Check memory Checks debugger buffers extracted unpack itself Windows utilities suspicious process WriteConsoleW human activity check Windows ComputerName DNS DDNS		2	1	16.0		22	ZeroCERT

13495	2021-10-13 16:19	http://91.214.124.225/dl/santa... af63addf891e3e4a65d704439a6f8d7e DGA DNS Socket Create Service Sniff Audio Escalate priviledges KeyLogger Code injection HTTP Hijack Network Internet API FTP ScreenShot Http API Steal credential Downloader P2P persistence AntiDebug AntiVM MSOffice File VirusTotal Malware Code Injection Malicious Traffic exploit crash unpack itself Windows utilities malicious URLs Tofsee Windows Exploit DNS crashed	1 Keyword trend analysis	1	2	5.4		13	ZeroCERT

13496	2021-10-13 16:28	gimp-2.10.24-setup-3.exe 0515fae3ffb232b85b1ed643079f41bc Themida Packer Anti_VM PE File PE32 VirusTotal Malware unpack itself Checks Bios Detects VMWare VMware anti-virtualization Windows Firmware crashed				5.0	M	30	ZeroCERT

13497	2021-10-13 16:28	1051460095.exe 32ad2713313dcf30a66402b405278167 RAT Generic Malware AntiDebug AntiVM PE File PE32 .NET EXE VirusTotal Malware Code Injection Check memory Checks debugger buffers extracted unpack itself Windows DNS Cryptographic key		1		8.0	M	47	ZeroCERT

13498	2021-10-13 16:31	823574141.exe 8e0be060385c07d8e8860749f9c721c3 AntiDebug AntiVM PE File PE32 VirusTotal Malware Buffer PE Code Injection Check memory Checks debugger buffers extracted RWX flags setting unpack itself ComputerName crashed				8.0	M	51	ZeroCERT

13499	2021-10-13 16:33	1778143978.exe 84c23d26753d0e37805940f21dd41835 Malicious Packer Malicious Library PE64 PE File VirusTotal Malware Code Injection buffers extracted				3.2	M	47	ZeroCERT

13500	2021-10-13 16:35	107.exe 28b377e617248ae77daf5513d905f212 Lazarus Family Generic Malware Themida Packer UPX Anti_VM Malicious Library PE File PE32 .NET EXE VirusTotal Malware Check memory Checks debugger unpack itself Checks Bios Detects VMWare VMware anti-virtualization Windows Remote Code Execution Firmware DNS Cryptographic key crashed		1		7.8	M	17	ZeroCERT