Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Rule	Score	Zero	VT	Player
14506	2023-03-16 10:38	pankotro3.1.exe 8c8ee58eacb110d5598f723ecd7e948c UPX Malicious Library Malicious Packer PE32 PE File VirusTotal Malware AutoRuns Check memory Creates executable files ICMP traffic unpack itself AppData folder Windows DNS DDNS		2	2		6.4	M	36	ZeroCERT

14507	2023-03-16 10:36	.win32.exe c1360cce1de01199925aade09545577d UPX Malicious Library OS Processor Check PE32 PE File VirusTotal Malware PDB unpack itself Remote Code Execution					2.4	M	53	ZeroCERT

14508	2023-03-16 10:34	vbc.exe 0e8ee45f8cf246835f8db619516ad340 RAT Generic Malware UPX Antivirus SMTP PWS[m] KeyLogger AntiDebug AntiVM .NET EXE PE32 PE File Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware AutoRuns suspicious privilege Code Injection Check memory Checks debugger buffers extracted Creates shortcut unpack itself Windows utilities Check virtual network interfaces suspicious process WriteConsoleW IP Check Tofsee Windows Browser Email ComputerName Cryptographic key Software crashed	1 Keyword trend analysis	2	1		15.6	M	30	ZeroCERT

14509	2023-03-16 10:32	2-1_2023-03-14_23-04.exe 097d8371eea941a8f7191509d8dc1b69 UPX Malicious Library OS Processor Check PE32 PE File VirusTotal Malware unpack itself Remote Code Execution					2.0	M	35	ZeroCERT

14510	2023-03-16 10:31	parmashdy3.1.exe bdfb2c5a346d6684824b78499b36b88d UPX Malicious Library PE32 PE File FormBook Malware download VirusTotal Malware suspicious privilege Malicious Traffic Check memory Creates executable files unpack itself suspicious TLD	4 Keyword trend analysis Info http://www.hatterascharters.com/s26y/?xVJtG4Th=cvNALa4IK27Ro6rtXOeXYUfpmrm3HoImnwXbSTSK6JETCyzPBx85LajqaSCh8zKc7b3z2v0K&1bw=L6Adp0nXjfjLdR2p - rule_id: 27524 http://www.thereallifeguild.app/s26y/?xVJtG4Th=ztcHOa7slkLvMVmIwFVD+MxqaM7ohUfwpwKohan9eDFMAOiKstevJtoFNxACBjZ48g0ugAFk&1bw=L6Adp0nXjfjLdR2p http://www.drain-pipe-cleaning-81784.com/s26y/?xVJtG4Th=xifof8+AcnXYXdMQ3P6+Gp6nTFK1K7BHbiRnlOZOb5nZkb3/gR0wuwfXLP1X2cmFaGUzIp/v&1bw=L6Adp0nXjfjLdR2p http://www.nikol-beauty.ru/s26y/?xVJtG4Th=zNa4SwDr0KBpy31l5KYIDaXbaS4SRxFhmO4CadMaCoCUEqg240jhfCVWHeE/FLPBCdnN9g63&1bw=L6Adp0nXjfjLdR2p	8	1	1	4.4	M	37	ZeroCERT

14511	2023-03-16 10:29	Hack Bold Italic Nerd Font Com... 715b054e75bfe030884f63623b3715e7 AntiDebug AntiVM Check memory unpack itself					1.0			guest

14512	2023-03-16 10:25	extracted_at_0x26b03.rtf ca13b795274025cc04af59a51abfcd76 MS_RTF_Obfuscation_Objects exploit crash Exploit crashed					1.0			guest

14513	2023-03-16 10:25	extracted_at_0x26a99.rtf 2d532ffc3c01706fe19ad1621fb2760b MS_RTF_Obfuscation_Objects RWX flags setting					0.8			guest

14514	2023-03-16 10:25	extracted_at_0x25da7.rtf 56db5c43cf89cd7d789ebd3ec7d33a1e MS_RTF_Obfuscation_Objects unpack itself					0.8			guest

14515	2023-03-16 10:23	extracted_at_0x25b50.rtf 8ed8e04438978a70ee07b396659ca136 MS_RTF_Obfuscation_Objects exploit crash Exploit crashed					1.0			guest

14516	2023-03-16 10:23	extracted_at_0x25aeb.rtf 213e71511089e03d422497febb33e0d3 MS_RTF_Obfuscation_Objects RWX flags setting					0.8			guest

14517	2023-03-16 10:23	extracted_at_0x25a69.rtf b912913655d64f9aa1fa3dfbc0086928 MS_RTF_Obfuscation_Objects unpack itself					0.8			guest

14518	2023-03-16 10:21	extracted_at_0x24f80.rtf bac188aa8a0dd072f57ad52c6009426b MS_RTF_Obfuscation_Objects exploit crash Exploit crashed					1.0			guest

14519	2023-03-16 10:21	extracted_at_0x24f11.rtf 030618d1ccddbdb711bc2ebd8d6c3d0f MS_RTF_Obfuscation_Objects RWX flags setting					0.8			guest

14520	2023-03-16 10:20	extracted_at_0x24e2e.rtf e217ebae4048f4215100bd4b0b4ad175 MS_RTF_Obfuscation_Objects unpack itself					0.8			guest