Submissions

No Date Request Urls Hosts IDS Rule Score Zero VT Player Etc
14506 2023-03-25 02:10 b807c47cdaefec023b49e34b6fdd59...  

ff5e5be0cacada5cdf90d4b38e6187c9


Gen1 UPX Malicious Library Malicious Packer PE64 PE File Remote Code Execution crashed
0.4 BRY

14507 2023-03-25 01:07 document.wflow  

d5494c2ee15638c49616a2643d9cbc44


Downloader Create Service DGA Socket ScreenShot DNS Internet API Code injection PWS[m] Hijack Network Sniff Audio HTTP Steal credential KeyLogger P2P Escalate priviledges persistence FTP Http API AntiDebug AntiVM MSOffice File Code Injection exploit crash unpack itself Windows utilities malicious URLs Tofsee Windows Exploit DNS crashed
2 4.4 BRY

14508 2023-03-25 01:06 document.wflow  

d5494c2ee15638c49616a2643d9cbc44


Downloader Create Service DGA Socket ScreenShot DNS Internet API Code injection PWS[m] Hijack Network Sniff Audio HTTP Steal credential KeyLogger P2P Escalate priviledges persistence FTP Http API AntiDebug AntiVM MSOffice File Code Injection exploit crash unpack itself Windows utilities malicious URLs Tofsee Windows Exploit DNS crashed
2 3.8 BRY

14509 2023-03-25 01:05 Preview.png  

f916f325e5d39fec8ff93922d43002d5


AntiDebug AntiVM PNG Format MSOffice File Code Injection RWX flags setting exploit crash unpack itself Windows utilities Windows Exploit DNS crashed
3.8 BRY

14510 2023-03-25 01:04 document.wflow  

d5494c2ee15638c49616a2643d9cbc44


Downloader Create Service DGA Socket ScreenShot DNS Internet API Code injection PWS[m] Hijack Network Sniff Audio HTTP Steal credential KeyLogger P2P Escalate priviledges persistence FTP Http API AntiDebug AntiVM MSOffice File Code Injection exploit crash unpack itself Windows utilities malicious URLs Tofsee Windows Exploit DNS crashed
2 4.4 BRY

14511 2023-03-25 01:04 Info.plist  

9a4fdf46def57336ff67c5b08bbde1dd


Downloader Create Service DGA Socket ScreenShot DNS Internet API Code injection PWS[m] Hijack Network Sniff Audio HTTP Steal credential KeyLogger P2P Escalate priviledges persistence FTP Http API AntiDebug AntiVM MSOffice File Code Injection exploit crash unpack itself Windows utilities malicious URLs Tofsee Windows Exploit DNS crashed
2 4.8 guest

14512 2023-03-25 01:03 Info.plist  

9a4fdf46def57336ff67c5b08bbde1dd


AntiDebug AntiVM MSOffice File Code Injection RWX flags setting exploit crash unpack itself Windows utilities Windows Exploit DNS crashed
3.8 guest

14513 2023-03-25 01:02 document.wflow  

d5494c2ee15638c49616a2643d9cbc44


AntiDebug AntiVM MSOffice File Code Injection exploit crash unpack itself Windows utilities Windows Exploit DNS crashed
3.4 BRY

14514 2023-03-25 01:02 Preview.png  

f916f325e5d39fec8ff93922d43002d5


Downloader Create Service DGA Socket ScreenShot DNS Internet API Code injection PWS[m] Hijack Network Sniff Audio HTTP Steal credential KeyLogger P2P Escalate priviledges persistence FTP Http API AntiDebug AntiVM PNG Format MSOffice File Code Injection RWX flags setting exploit crash unpack itself Windows utilities malicious URLs Tofsee Windows Exploit DNS crashed
2 4.8 BRY

14515 2023-03-25 01:02 Preview.png  

f916f325e5d39fec8ff93922d43002d5


Downloader Create Service DGA Socket ScreenShot DNS Internet API Code injection PWS[m] Hijack Network Sniff Audio HTTP Steal credential KeyLogger P2P Escalate priviledges persistence FTP Http API AntiDebug AntiVM PNG Format MSOffice File Code Injection RWX flags setting exploit crash unpack itself Windows utilities malicious URLs Tofsee Windows Exploit DNS crashed
2 4.2 BRY

14516 2023-03-25 01:00 Preview.png  

f916f325e5d39fec8ff93922d43002d5


AntiDebug AntiVM PNG Format MSOffice File Code Injection RWX flags setting exploit crash unpack itself Windows utilities Windows Exploit DNS crashed
3.8 BRY

14517 2023-03-24 18:21 Scantle.exe  

8e7ec9167dd8c5b9444e4ba17e849fdc


RedLine stealer[m] PWS .NET framework RAT RedLine Stealer Confuser .NET SMTP PWS[m] AntiDebug AntiVM .NET EXE PE32 PE File VirusTotal Malware Code Injection Check memory Checks debugger buffers extracted ICMP traffic unpack itself Windows DNS Cryptographic key
1 8.2 M 55 ZeroCERT

14518 2023-03-24 18:20 30..................30...........  

f3f27539efc7350df9dc444676687f9b


MS_RTF_Obfuscation_Objects RTF File doc Malware download VirusTotal Malware Malicious Traffic RWX flags setting exploit crash Windows Exploit DNS crashed Downloader
1 1 7 4.6 M 31 ZeroCERT

14519 2023-03-24 18:19 ndt5tk.exe  

9ce5895cf7087cd578519a76e9eadb7c


UPX Malicious Library PWS[m] AntiDebug AntiVM OS Processor Check PE32 PE File VirusTotal Malware Buffer PE Code Injection Check memory Checks debugger buffers extracted unpack itself ComputerName crashed
7.6 M 32 ZeroCERT

14520 2023-03-24 18:18 rc.exe  

50e9958bb2a5b6ae6ed8da1b1d97a5bb


UPX Malicious Library AntiDebug AntiVM OS Processor Check PE32 PE File GIF Format Browser Info Stealer VirusTotal Malware suspicious privilege MachineGuid Code Injection Malicious Traffic Check memory Checks debugger WMI Creates shortcut Creates executable files ICMP traffic unpack itself Windows utilities suspicious process AppData folder AntiVM_Disk WriteConsoleW VM Disk Size Check installed browsers check Windows Browser ComputerName
3 2 10.2 M 32 ZeroCERT