Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Score	Zero	VT	Player
13816	2023-04-18 09:48	paladin.hta 1788bf59ef4448b60cab56c45cc7cafe VirusTotal Malware crashed				1.0		21	ZeroCERT

13817	2023-04-18 09:48	rt.php.ps1 5051d5610215e59183b9f6651d01d6d1 NPKI Generic Malware Antivirus Check memory unpack itself WriteConsoleW Windows Cryptographic key				1.0			ZeroCERT

13818	2023-04-18 09:40	foto0157.exe 9e887c02dffcda52de09155e7e21e109 Gen1 Emotet UPX Malicious Library CAB PE32 PE File Browser Info Stealer FTP Client Info Stealer AutoRuns PDB suspicious privilege Check memory Checks debugger buffers extracted WMI Creates executable files unpack itself Collect installed applications AntiVM_Disk VM Disk Size Check installed browsers check Windows Browser ComputerName Remote Code Execution DNS Cryptographic key Software crashed		1		8.2			ZeroCERT

13819	2023-04-18 09:40	Output.exe 453776b8b812727c5a905d4db70c1935 Gen1 UPX Malicious Library Malicious Packer AntiDebug AntiVM PE32 PE File OS Processor Check DLL Browser Info Stealer VirusTotal Email Client Info Stealer Malware Code Injection Malicious Traffic Check memory Creates executable files unpack itself Windows utilities Collect installed applications suspicious process AppData folder sandbox evasion WriteConsoleW anti-virtualization installed browsers check Windows Browser Email ComputerName DNS	8 Keyword trend analysis Info http://45.159.248.242/59b232f2b6dc5770.php http://45.159.248.242/ffa2f6cf414d2e27/mozglue.dll http://45.159.248.242/ffa2f6cf414d2e27/freebl3.dll http://45.159.248.242/ffa2f6cf414d2e27/nss3.dll http://45.159.248.242/ffa2f6cf414d2e27/msvcp140.dll http://45.159.248.242/ffa2f6cf414d2e27/softokn3.dll http://45.159.248.242/ffa2f6cf414d2e27/vcruntime140.dll http://45.159.248.242/ffa2f6cf414d2e27/sqlite3.dll	1	3	10.8	M	26	ZeroCERT

13820	2023-04-18 09:40	File_pass1234.7z 69ed08a803fe4dcc357817089fcf212d PWS[m] Escalate priviledges KeyLogger AntiDebug AntiVM suspicious privilege Check memory Checks debugger Creates executable files unpack itself				2.0			ZeroCERT

13821	2023-04-18 09:38	hugo.exe 85150fc161f06e745f463388cd0fff4f Themida Packer UPX MPRESS PE64 PE File VirusTotal Malware Remote Code Execution crashed				2.2	M	23	ZeroCERT

13822	2023-04-17 19:11	pinduoduo.apk 2eeac5f3be2b27d0af774ead7dd9132e OS Processor Check ZIP Format VirusTotal Malware				0.6		10	guest

13823	2023-04-17 18:00	ts.exe 16f2a3898cdc27798158c9bf35a4eff4 UPX OS Processor Check PE32 PE File Browser Info Stealer FTP Client Info Stealer VirusTotal Malware Check memory buffers extracted unpack itself Ransomware Browser DNS Software		1		4.4	M	57	ZeroCERT

13824	2023-04-17 17:58	office_sync.exe f2d9283406e628606230f215a7e9b833 UPX Malicious Library OS Processor Check PE32 PE File VirusTotal Malware PDB unpack itself Remote Code Execution				2.2	M	34	ZeroCERT

13825	2023-04-17 17:54	소명자료 목록(국세징수법 시행규칙).zip... ba9a8b3329240f971c2a84212dc9ad73 ZIP Format							ZeroCERT

13826	2023-04-17 15:06	InstallerFilex_64.exe 78462baf56c10c4a1aee9dd38eb37bdc Aurora Stealer NPKI Generic Malware UPX Malicious Packer Malicious Library Antivirus OS Processor Check PE32 PE File Browser Info Stealer VirusTotal Malware Cryptocurrency wallets Cryptocurrency powershell suspicious privilege Check memory Checks debugger buffers extracted WMI Creates shortcut unpack itself Windows utilities powershell.exe wrote suspicious process Ransomware Windows Browser ComputerName DNS Cryptographic key crashed		1		10.2		51	r0d

13827	2023-04-17 11:18	2-1_2023-04-14_09-11.exe 9f2d4ac2e67b3fe84ac5a8b6f7d6e6dd UPX Malicious Library OS Processor Check PE File PE32 VirusTotal Malware unpack itself				2.0	M	50	ZeroCERT

13828	2023-04-17 09:27	22귀속_부가가치세_면세사업자_사업장_현황신고.zip... 2b2310574eb43608eec2540782e08b35 ZIP Format VirusTotal Malware				0.8		21	ZeroCERT

13829	2023-04-17 09:25	22귀속 부가가치세 면세사업자 사업장 현황신고.hwp.... 2b2310574eb43608eec2540782e08b35 ZIP Format VirusTotal Malware				0.8		21	ZeroCERT

13830	2023-04-16 16:45	crys.suite.exe ca1c266f80e30187ad1436b3da5bea81 Generic Malware UPX Malicious Library Malicious Packer OS Processor Check PE64 PE File VirusTotal Malware				1.6	M	45	ZeroCERT