Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Rule	Score	Zero	VT	Player
14041	2023-04-19 11:09	proactive_notification-2023-04... be86b0476d58977807baa8705238b7c7 AntiDebug AntiVM Email Client Info Stealer suspicious privilege Checks debugger Creates shortcut unpack itself installed browsers check Browser Email ComputerName					3.4			guest

14042	2023-04-19 11:07	TransparencyTopic-2023-04-18-0... c9f7c97f79ddacf70c48747de0599deb AntiDebug AntiVM Email Client Info Stealer suspicious privilege Checks debugger Creates shortcut unpack itself installed browsers check Browser Email ComputerName					3.4			guest

14043	2023-04-19 11:07	RTCReporting_messageLog_2023-0... 8c706bf15eb784a8625c339866c74c66 ScreenShot AntiDebug AntiVM Check memory unpack itself					1.0			guest

14044	2023-04-19 11:07	text.txt aff607a762145b76e8d0921ec8ef5329 ScreenShot AntiDebug AntiVM Check memory unpack itself					1.0			guest

14045	2023-04-19 11:06	mac-vendors-export.json 19c4f4b54817b4e53a3d006d96447928 Anti_VM AntiDebug AntiVM OS Processor Check Email Client Info Stealer suspicious privilege Checks debugger Creates shortcut unpack itself installed browsers check Browser Email ComputerName					3.4			guest

14046	2023-04-19 11:06	T-Mobile-2023-04-18-004804.ips ea8361168fbb63584d4b451f26e924c9 AntiDebug AntiVM Email Client Info Stealer suspicious privilege Checks debugger Creates shortcut unpack itself installed browsers check Browser Email ComputerName					3.4			guest

14047	2023-04-19 11:05	WiFiLQMMetrics-2023-04-17-1704... 1661b9f129bfdd9c94bc68262e821622 AntiDebug AntiVM Email Client Info Stealer suspicious privilege Checks debugger Creates shortcut unpack itself installed browsers check Browser Email ComputerName					3.4			guest

14048	2023-04-19 09:39	za.xlsx 8d1c5cf6f85743869f7272d487bb180a ZIP Format exploit crash unpack itself Exploit crashed					1.8			ZeroCERT

14049	2023-04-19 09:37	Funds_792120.wsf dbf85f39dd98463b298f50302d64ea40 VBScript heapspray wscript.exe payload download Tofsee DNS Dropper	3 Keyword trend analysis	3	1	2	10.0	M		ZeroCERT

14050	2023-04-19 09:29	script.ps1 126d0143c4a72b552b57453b5144bdae Generic Malware Antivirus AutoRuns Check memory unpack itself WriteConsoleW Windows Cryptographic key	1 Keyword trend analysis				2.2			ZeroCERT

14051	2023-04-19 09:10	fotocr20.exe d4c4291d2799089c25fd112ad2d03774 Gen1 Emotet UPX Malicious Library CAB PE32 PE File Browser Info Stealer FTP Client Info Stealer AutoRuns PDB suspicious privilege Check memory Checks debugger buffers extracted WMI Creates executable files unpack itself Disables Windows Security Collect installed applications AntiVM_Disk VM Disk Size Check installed browsers check Windows Update Browser ComputerName Remote Code Execution DNS Cryptographic key Software crashed		1			10.4	M		ZeroCERT

14052	2023-04-19 09:08	wcncsvc.exe 751eb8303e9c86d2b68e6dfac0754af0 Malicious Packer .NET EXE PE32 PE File VirusTotal Malware Buffer PE AutoRuns suspicious privilege MachineGuid Check memory Checks debugger buffers extracted unpack itself human activity check Windows ComputerName DNS DDNS		3	1		9.0	M	66	ZeroCERT

14053	2023-04-19 09:06	contrem2.1.exe 08186cde92790a745f1e6fbf706fc800 UPX Malicious Library PE32 PE File OS Processor Check Remcos VirusTotal Malware AutoRuns Malicious Traffic Check memory Checks debugger Creates executable files unpack itself AppData folder WriteConsoleW Windows DNS DDNS	1 Keyword trend analysis	4	3		5.4	M	33	ZeroCERT

14054	2023-04-19 09:04	Funds_366728.wsf dc0ded1a1a05a26960a9adbf3cc5e5cb VBScript heapspray wscript.exe payload download unpack itself Tofsee DNS crashed Dropper	3 Keyword trend analysis	3	1		10.0	M		ZeroCERT

14055	2023-04-19 09:04	Funds_589281.wsf 3d90344c5976a644b6e482e9a325d9cb VBScript Check memory heapspray wscript.exe payload download unpack itself Tofsee DNS crashed Dropper	3 Keyword trend analysis	3	1		10.0	M		ZeroCERT