Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Rule	Score	Zero	VT	Player
13936	2023-04-11 09:42	vsdhfvzgsfvzshfszhdfrff.exe d5bbe92d4a8b9014708e0aa325158e2b RAT Downloader task schedule UPX Confuser .NET Create Service DGA Socket DNS Code injection HTTP PWS[m] Sniff Audio Steal credential Http API P2P Internet API Escalate priviledges FTP KeyLogger ScreenShot AntiDebug AntiVM .NET EXE PE32 PE File VirusTotal Malware AutoRuns suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself Windows utilities suspicious process AppData folder WriteConsoleW Windows ComputerName					9.6	M	47	ZeroCERT

13937	2023-04-11 09:42	Ransomware.exe 5505bbddc971765df496f907b222c2fb PWS .NET framework RAT .NET EXE PE32 PE File VirusTotal Malware Check memory Checks debugger unpack itself ComputerName					2.2		50	ZeroCERT

13938	2023-04-11 09:40	Ffjcx.wsf aa211dff0d2a3aef0e2b6d950bfd1497 Generic Malware Antivirus AntiDebug AntiVM suspicious privilege Code Injection Check memory Checks debugger Creates shortcut unpack itself suspicious process Windows ComputerName Cryptographic key	13 Keyword trend analysis Info https://lesdelicesdeyannick.com/EmF/f764xcLhbGc https://internationalvocalcoach.com/3qAZw/OWZ58QaMpL https://myanmargolffederation.org/G22/bmwcs7NrLY https://getbuttn.com/MDh/ZTQHK3LM1il https://teleguiando.com/gHZo4/kGJUlA https://chancerylaw.net/JgzJX/dtHQBY https://estudiovictorpacheco.com/ZkWkl/0X7Hl67O https://goldenmoviesawards.com/kMx/0R9AwrQLm https://ingenieriacamporiego.com/ZaO/oktNmmJeCasj https://hazonchurch.org/az4/NfhOgi8 https://fortune.travel/4dAe/tdRZDGvI https://androidposme.com/oR6B5H1/B9I0O https://ride1atv.com/I8STWq/SYf3pNd				5.6			ZeroCERT

13939	2023-04-11 09:40	Wmh.wsf b041d8354c0fc756750e5321be8c5b24 Generic Malware Antivirus AntiDebug AntiVM powershell suspicious privilege Code Injection Check memory Checks debugger Creates shortcut unpack itself suspicious process Windows ComputerName Cryptographic key	13 Keyword trend analysis Info https://androidposme.com/oR6B5H1/6cxhy https://chancerylaw.net/JgzJX/UbMQEe31SH2 https://estudiovictorpacheco.com/ZkWkl/HBxIV https://hazonchurch.org/az4/Ch3kgzgQDq https://myanmargolffederation.org/G22/9uGEE https://goldenmoviesawards.com/kMx/pTCGHL0 https://lesdelicesdeyannick.com/EmF/QwI67RE https://internationalvocalcoach.com/3qAZw/tbTA0 https://getbuttn.com/MDh/w6NZ1zs https://teleguiando.com/gHZo4/E9XqCdohqa https://ride1atv.com/I8STWq/q02Yp https://ingenieriacamporiego.com/ZaO/QcHAmuy https://fortune.travel/4dAe/CQYe7qZMYj				5.6			ZeroCERT

13940	2023-04-10 21:54	http://fp2e7a.wpc.2be4.phicdn.... 06e3d924688d154c0d7ea0eb4676b1f9 Downloader Create Service DGA Socket DNS Hijack Network Code injection HTTP PWS[m] Sniff Audio Steal credential Http API P2P Internet API Escalate priviledges persistence FTP KeyLogger ScreenShot AntiDebug AntiVM MSOffice File Code Injection RWX flags setting exploit crash unpack itself Windows utilities malicious URLs Tofsee Windows Exploit DNS crashed	2 Keyword trend analysis	2	2		4.2			guest

13941	2023-04-10 21:47	fcon.dll 7ce957f22b7f412ab41de9604aa9c674 Gen2 Gen1 UPX Malicious Library Malicious Packer OS Processor Check DLL PE64 PE File PDB Check memory Remote Code Execution					0.8			guest

13942	2023-04-10 20:31	urlmap.ini ed1a32e932203dc9fc7219378c262c03 ScreenShot AntiDebug AntiVM Check memory unpack itself					1.0			BRY

13943	2023-04-10 20:16	microsoft.office.smartlookup.s... 8731a089cfa4b65d772efc4e5f80721c Anti_VM crashed					0.2			BRY

13944	2023-04-10 18:29	GamingBooster.exe 57a7e6d6937cf04f72f301d16643660e PWS .NET framework RAT Generic Malware Antivirus DNS SMTP AntiDebug AntiVM .NET EXE PE32 PE File VirusTotal Malware powershell suspicious privilege Code Injection Check memory Checks debugger buffers extracted Creates shortcut unpack itself powershell.exe wrote suspicious process Windows ComputerName Cryptographic key crashed					9.8	M	39	ZeroCERT

13945	2023-04-10 17:53	File_pass1234.7z 1773339fc39712821302e0f0b8ac9e1b PWS[m] Escalate priviledges KeyLogger AntiDebug AntiVM Malware suspicious privilege Malicious Traffic Check memory Checks debugger Creates executable files unpack itself IP Check Tofsee DNS	4 Keyword trend analysis	8	2	1	4.2	M		ZeroCERT

13946	2023-04-10 17:44	File_pass1234.7z 55ed279b9cd1e0ac7a5e593aa456fc69 PWS[m] Escalate priviledges KeyLogger AntiDebug AntiVM Malware suspicious privilege Malicious Traffic Check memory Checks debugger Creates executable files unpack itself IP Check Tofsee DNS	4 Keyword trend analysis	10	2		4.2	M		guest

13947	2023-04-10 17:40	File_pass1234.7z 55ed279b9cd1e0ac7a5e593aa456fc69 PWS[m] Escalate priviledges KeyLogger AntiDebug AntiVM suspicious privilege Check memory Checks debugger unpack itself					1.6	M		guest

13948	2023-04-10 17:38	File_pass1234.7z 55ed279b9cd1e0ac7a5e593aa456fc69 PWS[m] Escalate priviledges KeyLogger AntiDebug AntiVM suspicious privilege Check memory Checks debugger unpack itself					1.6	M		guest

13949	2023-04-10 17:36	2.exe b9bea76062a9f4365804695b6cc7772c UPX Malicious Library OS Processor Check PE32 PE File VirusTotal Malware PDB unpack itself					2.0	M	38	ZeroCERT

13950	2023-04-10 16:01	homed_2023-04-09-015235_Bryans... 02055b0dfa55b8e8322b4040f5829498 AntiDebug AntiVM Email Client Info Stealer suspicious privilege Checks debugger Creates shortcut unpack itself installed browsers check Browser Email ComputerName					3.4			BRY