Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Score	VT	Player
14581	2023-03-16 09:35	extracted_at_0x1e9b3.rtf 96d2c4c6375a8ee6979dbd6e61d861c5 MS_RTF_Obfuscation_Objects exploit crash Exploit crashed				1.0		guest

14582	2023-03-16 09:35	extracted_at_0x1e7d6.rtf 67b892b52e03a8b04dbc72923f099352 MS_RTF_Obfuscation_Objects RWX flags setting				0.8		guest

14583	2023-03-16 09:35	extracted_at_0x1e6b0.rtf 064027fc24159236b2e95da971729860 MS_RTF_Obfuscation_Objects unpack itself DNS		1		2.4		guest

14584	2023-03-16 09:33	extracted_at_0x1e3b7.rtf 420e9702828887859b3bcb24c2b274cb MS_RTF_Obfuscation_Objects exploit crash Exploit crashed				1.0		guest

14585	2023-03-16 09:33	extracted_at_0x1e2e3.rtf 1ecfa52b2d3354b966ac77ff3a280134 MS_RTF_Obfuscation_Objects RWX flags setting				0.8		guest

14586	2023-03-16 09:31	extracted_at_0x1e1a9.rtf 6d2f45e76532ce322d9a18ca33126c2c MS_RTF_Obfuscation_Objects exploit crash Exploit crashed				1.0		guest

14587	2023-03-16 09:31	vbc.exe e5e52fbd154bc8f2ac5bc61252c52055 UPX Malicious Library Malicious Packer PE32 PE File Browser Info Stealer LokiBot Malware download FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware c&c suspicious privilege MachineGuid Malicious Traffic Check memory Creates executable files unpack itself suspicious TLD installed browsers check Browser Email ComputerName DNS Software	1 Keyword trend analysis	2	9 Info ET DNS Query for .su TLD (Soviet Union) Often Malware Related ET MALWARE LokiBot User-Agent (Charon/Inferno) ET MALWARE LokiBot Checkin ET POLICY HTTP Request to .su TLD (Soviet Union) Often Malware Related ET MALWARE LokiBot Application/Credential Data Exfiltration Detected M1 ET MALWARE LokiBot Application/Credential Data Exfiltration Detected M2 ET MALWARE LokiBot Request for C2 Commands Detected M1 ET MALWARE LokiBot Request for C2 Commands Detected M2 ET MALWARE LokiBot Fake 404 Response	8.2	33	ZeroCERT

14588	2023-03-16 09:31	extracted_at_0x1dfdf.rtf 19bed9026283b568e85f96cd98edaade MS_RTF_Obfuscation_Objects RWX flags setting				0.8		guest

14589	2023-03-16 09:29	extracted_at_0x1d56f.rtf 2df783337034d88d73b48539901c5bf4 MS_RTF_Obfuscation_Objects exploit crash Exploit crashed				1.0		guest

14590	2023-03-16 09:28	extracted_at_0x1d24e.rtf 88b390247ef91e19affd43a11c6d6387 MS_RTF_Obfuscation_Objects RWX flags setting				0.8		guest

14591	2023-03-16 09:28	extracted_at_0x1d15f.rtf f2f52987a8386d72d9ad7796aeeea31c MS_RTF_Obfuscation_Objects unpack itself				0.8		guest

14592	2023-03-16 09:26	extracted_at_0x1d4dc.rtf f55a50a7f1172ee6c8bb246f0b7c5d58 MS_RTF_Obfuscation_Objects exploit crash Exploit crashed				1.0		guest

14593	2023-03-16 09:26	extracted_at_0x1d3ad.rtf 09f98c652f59e9ccd00d91f500634c53 MS_RTF_Obfuscation_Objects RWX flags setting				0.8		guest

14594	2023-03-16 09:26	extracted_at_0x1d2c0.rtf 7c6cc026017bfdf940f25f084611b63c MS_RTF_Obfuscation_Objects unpack itself				0.8		guest

14595	2023-03-16 09:24	extracted_at_0x1d0ce.rtf 1e91c0e2616bba5aab72ef3813ba97a1 MS_RTF_Obfuscation_Objects VirusTotal Malware exploit crash Exploit crashed				1.4	2	guest