Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Rule	Score	Zero	VT	Player
13636	2021-10-15 10:29	vbc.exe ab5135e71815ad27daf57be78754c85d Gorgon Group Generic Malware UPX PE File PE32 VirusTotal Malware Check memory RWX flags setting unpack itself Remote Code Execution					2.2	M	34	r0d

13637	2021-10-15 10:30	vbc.exe 609915e8865871b0b131450d661a0ccb Gorgon Group Generic Malware UPX PE File PE32 VirusTotal Malware Check memory RWX flags setting unpack itself Remote Code Execution					2.4	M	28	ZeroCERT

13638	2021-10-15 10:31	goshcj.exe d1baa9515f4c67a7b561938bbd81bc75 RAT Generic Malware SMTP KeyLogger AntiDebug AntiVM PE File PE32 .NET EXE VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself Windows ComputerName crashed					8.8	M	23	ZeroCERT

13639	2021-10-15 13:50	ARRIVAL NOTICE A AND B GLOBAL ... 8575cb6fc0f2e03e427b847b8bf734a9 Generic Malware UPX DNS AntiDebug AntiVM PE File PE32 .NET EXE VirusTotal Malware Buffer PE AutoRuns suspicious privilege MachineGuid Code Injection Check memory Checks debugger buffers extracted unpack itself Windows utilities suspicious process WriteConsoleW human activity check Windows ComputerName DNS		1			15.2		22	ZeroCERT

13640	2021-10-15 13:51	DOCS-93897-2021-2975GJ53.scr 8575cb6fc0f2e03e427b847b8bf734a9 Generic Malware UPX DNS AntiDebug AntiVM PE File PE32 .NET EXE VirusTotal Malware Buffer PE AutoRuns suspicious privilege MachineGuid Code Injection Check memory Checks debugger buffers extracted unpack itself Windows utilities suspicious process WriteConsoleW human activity check Windows ComputerName DNS		1			15.2		22	ZeroCERT

13641	2021-10-15 13:53	Auszahlungen.xls 413bd16983ee371d2955416354a17b2c VBA_macro Generic Malware MSOffice File VirusTotal Malware ICMP traffic RWX flags setting unpack itself DNS		1			3.8		14	ZeroCERT

13642	2021-10-15 14:04	Wetranfer.html 34e6eec71f5eda2bcc5590067f3d8791 AntiDebug AntiVM MSOffice File Code Injection RWX flags setting exploit crash unpack itself Windows utilities Tofsee Windows Exploit DNS crashed	1 Keyword trend analysis	6	2		3.8			ZeroCERT

13643	2021-10-15 18:01	smhosts.exe e1164db137877a49ac6d5c6d90ff11ab UPX Malicious Library PE File PE32 OS Processor Check VirusTotal Malware PDB unpack itself					1.8	M	21	ZeroCERT

13644	2021-10-15 18:01	6666.exe f95a35e8c3f3f57b3f347bd6c8180bee NPKI UPX Malicious Library PE64 PE File VirusTotal Cryptocurrency Miner Malware Cryptocurrency Remote Code Execution		2	1		1.6	M	21	ZeroCERT

13645	2021-10-15 18:04	babay.exe 1f67cc3aee307cde9e5102d372f9b87e UPX Malicious Library PE File PE32 OS Processor Check VirusTotal Malware suspicious privilege ICMP traffic unpack itself human activity check Windows DNS keylogger		3			5.8	M	55	ZeroCERT

13646	2021-10-15 18:04	TimeLimit.exe 465784e139b2fb62fa2ee0cce3ee5551 PE File PE32 VirusTotal Malware AutoRuns Check memory unpack itself suspicious process WriteConsoleW Windows					4.6	M	20	ZeroCERT

13647	2021-10-15 18:06	6666.exe f95a35e8c3f3f57b3f347bd6c8180bee NPKI UPX Malicious Library PE64 PE File VirusTotal Malware Remote Code Execution crashed					1.8	M	21	r0d

13648	2021-10-15 18:06	1soft.exe 6084bf88a6d2c70c894614fc762244de Generic Malware Malicious Packer UPX Malicious Library PE64 PE File VirusTotal Malware Code Injection Malicious Traffic buffers extracted Tofsee Remote Code Execution	1 Keyword trend analysis	5	1	1	4.0	M	28	ZeroCERT

13649	2021-10-15 18:07	audio.exe f977d96c98335083d54f9b9b54fb0cd9 RAT PWS .NET framework Generic Malware UPX AntiDebug AntiVM PE File PE32 .NET EXE FormBook Malware download VirusTotal Malware suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted unpack itself malicious URLs DNS	8 Keyword trend analysis Info http://www.cyebang.com/mexq/?pPX=g6L0/Z2cdy+PQR0/l6rXBhzWGtzMcF3Ol137FLHMI1/7C2CX6Ije7QQ81WlooZwAwjE41ZtU&1b=jnKtRfUpV - rule_id: 6367 http://www.uniqued.net/mexq/?pPX=/3l62yGpIujmRd23NYyOlMT7eauth93xr/VrnqvY3AX4beNsr7BJ6oW+mJu6AhSMiBiHOIq9&1b=jnKtRfUpV - rule_id: 6315 http://www.mabnapakhsh.com/mexq/?pPX=OU1GtVXDbsnAoZAJ+r3UhPtpR181l/ARJ5oFEWbh76Mk/J1Ds5ZKsjMHrQjA03ZUl7BK7iZc&1b=jnKtRfUpV - rule_id: 6371 http://www.zamarasystem.com/mexq/?pPX=IpqNqv0O7XNQoDVXX4yFHUH7VRliJnhxicL0cWaIY68A61Zjj4pLnCTIwF7r9iYi6pGSwZZa&1b=jnKtRfUpV - rule_id: 6374 http://www.wmh3gk2fzw2m.biz/mexq/?pPX=UyUE9kQD2x0NeQsdW0XUMy2W5i5z8llb4rGWC4I5jJBYHOEz6j34RyUiYVdu4xyLAbElxCEC&1b=jnKtRfUpV - rule_id: 6368 http://www.nobleminers.com/mexq/?pPX=9oCgplpD3xGa2B0UFztcflHu20ZJUbeX+izpMRcCrbgVD6lp5zPwjx/SvD7T51v7jx3DIm2R&1b=jnKtRfUpV http://www.azapsolutions.com/mexq/?pPX=7rR6BaTC2ZAVgrwWEwsiYxD1jvft00Lf8vhj4S3/jlbfZqCXGSgwsCSL1bpPofYLOYB36uTd&1b=jnKtRfUpV http://www.rd26x.com/mexq/?pPX=NkB1NXPBFDbDKRQZsa3bgqux4BDsfoNouiBmY062wfTHfxIwCLTnegL+vUKelNVaBIOAn2Cu&1b=jnKtRfUpV - rule_id: 6370	18 Info www.uniqued.net(23.227.38.74) www.cyebang.com(154.216.110.149) www.iphone13promax.design() - mailcious www.nobleminers.com(198.54.125.203) www.rd26x.com(172.104.94.112) www.zamarasystem.com(102.38.50.130) www.aliexpress-br.com() - mailcious www.wmh3gk2fzw2m.biz(103.26.164.155) www.azapsolutions.com(34.102.136.180) www.mabnapakhsh.com(198.54.117.217) 198.54.125.203 102.38.50.130 - mailcious 198.54.117.211 - phishing 34.102.136.180 - mailcious 103.26.164.155 154.216.110.149 - mailcious 23.227.38.74 - mailcious 172.104.94.112 - mailcious	2	6	8.4	M	21	ZeroCERT

13650	2021-10-15 18:10	TimeLimitInst.exe 9b93526bb5cb8f5b487a2236f45bf4a9 UPX Malicious Library PE File PE32 DLL VirusTotal Malware AutoRuns Check memory Creates executable files unpack itself suspicious process AntiVM_Disk WriteConsoleW VM Disk Size Check Windows crashed					4.8	M	19	ZeroCERT