popup

Submissions

No Date Request Urls Hosts IDS Rule Score Zero VT Player Etc
14596 2023-03-16 09:24 extracted_at_0x1c9ad.rtf  

2b4b7544794d27dd00ce345d8958ebf4


MS_RTF_Obfuscation_Objects VirusTotal Malware RWX flags setting 		1.2 2 guest

14597 2023-03-16 09:24 extracted_at_0x1c7bb.rtf  

be975b96947f0c9f0a09396755c37ee6


MS_RTF_Obfuscation_Objects Vulnerability VirusTotal Malware unpack itself 		1.8 2 guest

14598 2023-03-16 09:22 extracted_at_0x1bd9e.rtf  

de4bd754d41b59072cf82fc79ecbd735


MS_RTF_Obfuscation_Objects exploit crash Exploit crashed 		1.0 guest

14599 2023-03-16 09:22 extracted_at_0x1bf88.rtf  

5b059181ad6f31e04769bd2009cb96b8


MS_RTF_Obfuscation_Objects VirusTotal Malware RWX flags setting 		1.2 2 guest

14600 2023-03-16 09:22 extracted_at_0x0.rtf  

cd28b51516a9309b350607dc57faca76

Vulnerability buffers extracted unpack itself 		2.2 guest

14601 2023-03-16 09:18 extracted_at_0x2036a.rtf  

52dc0e0a67f2472079b7bfa45072b6f8


MS_RTF_Obfuscation_Objects unpack itself 		0.8 guest

14602 2023-03-16 09:04 extracted_at_0x1d0ce.rtf  

1e91c0e2616bba5aab72ef3813ba97a1


MS_RTF_Obfuscation_Objects VirusTotal Malware unpack itself 		1.2 2 guest

14603 2023-03-16 07:59 PXN5J  

27c6e6bc4b46148fb4dcc6a6a9346914


UPX Malicious Library Malicious Packer OS Processor Check DLL PE64 PE File VirusTotal Malware Report Checks debugger unpack itself suspicious process sandbox evasion human activity check ComputerName Remote Code Execution DNS 		7 4 6.6 M 10 ZeroCERT

14604 2023-03-16 07:47 Ses8712iGR8du  

bfc060937dc90b273eccb6825145f298


UPX Malicious Library Malicious Packer OS Processor Check DLL PE64 PE File VirusTotal Malware Report Checks debugger unpack itself suspicious process sandbox evasion ComputerName Remote Code Execution DNS 		9 5 6.0 9 ZeroCERT

14605 2023-03-15 16:35 AnyDesk.exe  

33614c059849aaeacaa68422b11a9795


Gen2 Emotet Generic Malware UPX Malicious Library Malicious Packer ASPack Antivirus OS Processor Check CAB MSOffice File PE32 PE File VirusTotal Malware Check memory unpack itself WriteConsoleW Windows Remote Code Execution Cryptographic key 		2.6 36 ZeroCERT

14606 2023-03-15 15:13 file.zip  

e2dbdc78e35b9e2a41fb7a966ddf02dc


ZIP Format VirusTotal Malware 		2 2 1.2 M 22 ZeroCERT

14607 2023-03-15 13:21 aEYnbsDbnQ.zip  

f4bc186107b74715370913c7c37e3e40


ZIP Format Report DNS 		6 3 2.2 ZeroCERT

14608 2023-03-15 12:25 foto0120.exe  

70edc98674c7ea3fe7070ae75d2a5a2a


Gen1 Emotet UPX Malicious Library CAB PE32 PE File Browser Info Stealer FTP Client Info Stealer AutoRuns PDB suspicious privilege MachineGuid Check memory Checks debugger buffers extracted WMI Creates executable files unpack itself Disables Windows Security Collect installed applications AntiVM_Disk VM Disk Size Check installed browsers check Windows Update Browser ComputerName Remote Code Execution DNS Cryptographic key Software crashed 		1 10.6 M ZeroCERT

14609 2023-03-15 12:24 vbc.exe  

184ebe4739ba99e9a464b7e1dd553a62


RAT SMTP PWS[m] KeyLogger AntiDebug AntiVM .NET EXE PE32 PE File Browser Info Stealer Malware download FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself Check virtual network interfaces IP Check Windows Browser Email ComputerName DNS Cryptographic key DDNS Software crashed keylogger 		1 2 5 12.2 M 24 ZeroCERT

14610 2023-03-15 12:20 photo_004.exe  

cdede5029e973ba3810d42bc63892d27


UPX Malicious Library OS Processor Check PE32 PE File VirusTotal Malware unpack itself Remote Code Execution 		1.8 M 21 ZeroCERT

keyword