Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Rule	Score	Zero	VT	Player
14506	2021-11-04 09:59	gTiBAFGxjBXmnkn.mp3 e44025fdc31cdce162ed7573b6c501f5 Malicious Library PE File PE32 DLL VirusTotal Malware unpack itself Windows crashed					2.2		14	ZeroCERT

14507	2021-11-04 10:00	rhGdcwdWql.mp3 7a291baf66a6c1bc72f1639b3003fb7a Malicious Library PE File PE32 DLL VirusTotal Malware					1.2		20	ZeroCERT

14508	2021-11-04 10:07	rhGdcwdWql.mp3 7a291baf66a6c1bc72f1639b3003fb7a Malicious Library PE File PE32 DLL VirusTotal Malware					1.2		20	ZeroCERT

14509	2021-11-04 10:09	MeJgvMXgtcm.mp3 51a4fefd2b6e81c431c9d8dea8b21649 Malicious Library PE File PE32 DLL VirusTotal Malware					1.0		19	ZeroCERT

14510	2021-11-04 10:15	svchost.exe 8b1011bf4b9dc38d8aececd4ed9e11c6 RAT Generic Malware Malicious Library UPX PE File OS Processor Check PE32 PE64 VirusTotal Malware AutoRuns PDB suspicious privilege MachineGuid Check memory Checks debugger WMI Creates executable files unpack itself Windows utilities Check virtual network interfaces suspicious process WriteConsoleW Tofsee Windows ComputerName Remote Code Execution		3	1		7.4		45	ZeroCERT

14511	2021-11-04 14:41	5678_1635856331_3450.exe 15685a4b7c571f0151679a8d02b090c5 Malicious Library PE File PE32 Browser Info Stealer VirusTotal Malware Buffer PE buffers extracted unpack itself Check virtual network interfaces Tofsee Browser ComputerName crashed	1 Keyword trend analysis	4	1		4.2		35	ZeroCERT

14512	2021-11-04 14:42	Explorers.exe b421fdd683ec8ab4487756a7583f11a0 RAT PWS .NET framework NPKI Generic Malware UPX PE File OS Processor Check PE32 .NET EXE PNG Format Malware download VirusTotal Malware AutoRuns suspicious privilege MachineGuid Malicious Traffic Check memory Checks debugger buffers extracted Creates executable files unpack itself Windows utilities Check virtual network interfaces suspicious process AppData folder AntiVM_Disk WriteConsoleW VM Disk Size Check Windows ComputerName	4 Keyword trend analysis	2	3		9.6		47	ZeroCERT

14513	2021-11-04 14:44	troy.exe 0b1906293450341a4fc2d4cd2d4f1b48 RAT PWS .NET framework Generic Malware Malicious Library UPX PE File OS Processor Check PE32 .NET EXE VirusTotal Malware Check memory Checks debugger unpack itself					2.0		47	ZeroCERT

14514	2021-11-04 14:44	cust51.exe 1614d9adfb1903a189e6efd9b6dc4077 ASPack Malicious Library UPX PE64 PE File OS Processor Check Browser Info Stealer VirusTotal Malware PDB Malicious Traffic Check memory Check virtual network interfaces IP Check Browser Remote Code Execution DNS	3 Keyword trend analysis	5	1	2	5.0	M	52	ZeroCERT

14515	2021-11-04 14:45	rrghost.exe 249819c90eb18e19e2ad839e682fe245 Malicious Library UPX PE File OS Processor Check PE32 VirusTotal Malware PDB unpack itself Remote Code Execution					2.6		26	ZeroCERT

14516	2021-11-04 14:46	hop.exe 45f06e05ee29b52bbaad37c5cdeadc18 Themida Packer MPRESS Admin Tool (Sysinternals etc ...) UPX AntiDebug AntiVM PE File PE32 VirusTotal Malware AutoRuns Code Injection Check memory buffers extracted Creates executable files unpack itself Checks Bios Detects VirtualBox Detects VMWare suspicious process VMware anti-virtualization Windows Remote Code Execution Firmware DNS crashed		6			18.4		41	ZeroCERT

14517	2021-11-04 14:48	my.exe 70039b3e28f739be1ef8b7bf0cbaa968 RAT Generic Malware PE64 PE File VirusTotal Malware Check memory Checks debugger unpack itself					2.4		36	ZeroCERT

14518	2021-11-04 14:50	sdfsdfewfwefsdsdfsdfsdfdsfdsfs... 909896ca9cc9a93bae8a4424756853a0 RTF File doc Malware download VirusTotal Malware Malicious Traffic buffers extracted RWX flags setting exploit crash Windows Exploit DNS crashed Downloader	1 Keyword trend analysis	1	6 Info ET INFO Executable Download from dotted-quad Host ET MALWARE Terse alphanumeric executable downloader high likelihood of being hostile ET MALWARE Likely Evil EXE download from dotted Quad by MSXMLHTTP M1 ET POLICY PE EXE or DLL Windows file download HTTP ET MALWARE Likely Evil EXE download from dotted Quad by MSXMLHTTP M2 ET HUNTING SUSPICIOUS Dotted Quad Host MZ Response		4.4		28	ZeroCERT

14519	2021-11-04 14:51	1.exe 8ec4e097f5f5ccf81400c7ad330c2fd5 Gen2 RAT Gen1 Generic Malware Malicious Library UPX AntiDebug AntiVM PE File OS Processor Check PE32 .NET EXE Malware download NetWireRC VirusTotal Malware AutoRuns PDB suspicious privilege MachineGuid Code Injection Malicious Traffic Check memory Checks debugger Creates executable files unpack itself Windows utilities Check virtual network interfaces suspicious process AntiVM_Disk WriteConsoleW VM Disk Size Check DCRat Windows ComputerName Remote Code Execution DNS crashed	2 Keyword trend analysis Info http://188.93.211.136/javascriptwordpress.php?vPMY=7CiJ2E1&5GqWg2Ff474g=ya5cjF&OGCU6CqDu4e8o=sdnXWn8k0RS2BJln&f0afb754dd1c34083f85fa912679cd2d=gZ2ETZyMWOzMGZwUmN1U2NwgTO0EDZiNGMxIjZxIWYiBzMjRWNwITO3MTN3UTM2EjMygTMxUDN&16f6dc946a9230d85d819f758e3bddde=QNwMTM1E2MlRzNwITO0QGNmlTO1IWM1IjZwADO2kDM5AjN1MGZzQzY&3fd585debdf3dddf90685a04b747924f=d1nIlNWOmFjZ0AzN4gjZ0MWN3QWM2YWN2cjYxY2M0IjN1UTMxkDZ0Q2MiJiOiYDM3MWNmVmNiRDOiNmYmhjY1ATZyYDOiBjZwMWO3MWMiwiI3EWYjRTNxkjM4UmZwAjZwImM5UGZlljN0UTYzQTOxMmMjJTZzITYxIiOikDMlFGOkhjZ5cTZ4gDN2EWN3MzNxQGNhFDNzkjNzYzNis3W http://188.93.211.136/javascriptwordpress.php?vPMY=7CiJ2E1&5GqWg2Ff474g=ya5cjF&OGCU6CqDu4e8o=sdnXWn8k0RS2BJln&9a5c026c5e4297aa79f0acfdeb978c55=5d1bc963b5b1a7be224f4c7e965259e5&16f6dc946a9230d85d819f758e3bddde=QO1EzYiRTZ4cjNzYTOiJDO0gzYzMDZhVTNiZDZhhDZ5gzMyIWN3Q2M&vPMY=7CiJ2E1&5GqWg2Ff474g=ya5cjF&OGCU6CqDu4e8o=sdnXWn8k0RS2BJln	3	1		12.6		46	ZeroCERT

14520	2021-11-04 14:52	6497_1635879131_9463.exe d549bdaa241387d09550d79742bc5c66 Malicious Library UPX PE File OS Processor Check PE32 VirusTotal Malware PDB unpack itself Remote Code Execution					2.8		38	ZeroCERT