Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Score	Zero	VT	Player
14656	2023-03-13 09:51	1.exe ef57f8d8a632b8cf2b89021e2a7be68e UPX OS Processor Check PE64 PE File VirusTotal Malware suspicious privilege Check memory Checks debugger sandbox evasion Browser ComputerName DNS		2		3.2	M	24	ZeroCERT

14657	2023-03-13 09:49	yam.exe 961c9c4f65267e43e44e13b6bf265f6f UPX Malicious Library PE32 PE File OS Processor Check Remcos VirusTotal Malware Malicious Traffic Check memory Creates executable files unpack itself AppData folder	1 Keyword trend analysis	4	1	4.4	M	38	ZeroCERT

14658	2023-03-13 09:48	clip64.dll 16cf28ebb6d37dbaba93f18320c6086e UPX Malicious Library Admin Tool (Sysinternals etc ...) OS Processor Check DLL PE32 PE File VirusTotal Malware PDB Checks debugger unpack itself				2.0	M	58	ZeroCERT

14659	2023-03-13 09:46	photo_004.exe 481c2803b743340fd71570b56f460f9f UPX Malicious Library OS Processor Check PE32 PE File unpack itself DNS		1		1.4	M		ZeroCERT

14660	2023-03-13 09:45	sv........sv........sv.doc 68e4e02abb6cfe1a980aa3a97bcad4f8 MS_RTF_Obfuscation_Objects RTF File doc FormBook Malware download Remcos VirusTotal Malware Malicious Traffic RWX flags setting exploit crash Windows Exploit DNS crashed Downloader	4 Keyword trend analysis Info http://www.gg10siyahposet.xyz/ho62/?-ZYX_nx=hUcp6SmQlvbDSi7oi4pq/T24C/UpiZGa5FaW0tt/+XmB+2rTuwgF8+ymt4mCqcgzpad6Yfne&CxoHs=2djxG http://geoplugin.net/json.gp http://www.kasoraenterprises.com/ho62/?-ZYX_nx=ILx0eS9ddKaLXR32wcm3Ge3yfVAzF5408XJt2aWWkfbZxqutDY57VuSUoMZC8CpGzmmcV23v&CxoHs=2djxG http://18.190.160.39/yam/yam.exe	11 Info www.centerverified.online() www.kasoraenterprises.com(34.102.136.180) geoplugin.net(178.237.33.50) www.gg10siyahposet.xyz(31.186.11.254) www.ehirtt.com() top.noforabusers1.xyz(103.114.163.134) 178.237.33.50 34.102.136.180 - mailcious 18.190.160.39 - mailcious 103.114.163.134 31.186.11.254 - mailcious	9 Info ET JA3 Hash - Remcos 3.x TLS Connection ET INFO Executable Download from dotted-quad Host ET MALWARE Terse alphanumeric executable downloader high likelihood of being hostile ET MALWARE Likely Evil EXE download from dotted Quad by MSXMLHTTP M1 ET POLICY PE EXE or DLL Windows file download HTTP ET MALWARE Likely Evil EXE download from dotted Quad by MSXMLHTTP M2 ET HUNTING SUSPICIOUS Dotted Quad Host MZ Response ET MALWARE FormBook CnC Checkin (GET) ET HUNTING Request to .XYZ Domain with Minimal Headers	4.6	M	31	ZeroCERT

14661	2023-03-13 09:44	PureHVNCFINAL.exe 60494980f66242d3c1b11b0477c4fa8b UPX .NET EXE PE32 PE File VirusTotal Malware suspicious privilege Check memory Checks debugger unpack itself Windows ComputerName DNS Cryptographic key crashed		1		3.8	M	39	ZeroCERT

14662	2023-03-13 09:42	CHEAT-MENU-LINK-1.exe 43c3f3e2e28157583e7eda204b2b103f Hide_EXE Generic Malware Anti_VM Antivirus .NET EXE PE32 PE File VirusTotal Malware suspicious privilege Check memory Checks debugger Creates shortcut unpack itself suspicious process AppData folder Windows ComputerName Cryptographic key				4.4	M	54	ZeroCERT

14663	2023-03-13 09:42	New1.exe 1cc0a962c3a1ff3a4adbdcaa49809867 Malicious Library PE32 PE File VirusTotal Malware Buffer PE PDB Checks debugger buffers extracted unpack itself sandbox evasion ComputerName		1		3.6	M	21	ZeroCERT

14664	2023-03-13 09:40	vbc.exe bcae06ceab767b7cfe609336242afe02 UPX Malicious Library PE32 PE File VirusTotal Malware PDB		1		1.8	M	28	ZeroCERT

14665	2023-03-13 09:40	cc.exe e103f1c9f7750083959c6cf1bc48b308 UPX Malicious Library OS Processor Check PE32 PE File VirusTotal Malware unpack itself				1.8	M	30	ZeroCERT

14666	2023-03-13 09:38	vbc.exe 2ae3f03e02368a6c5c4c91a136655643 PWS .NET framework Generic Malware Antivirus SMTP KeyLogger AntiDebug AntiVM .NET EXE PE32 PE File Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware AutoRuns suspicious privilege Code Injection Check memory Checks debugger buffers extracted Creates shortcut unpack itself Windows utilities Check virtual network interfaces suspicious process WriteConsoleW IP Check Tofsee Windows Browser Email ComputerName Cryptographic key Software crashed keylogger	1 Keyword trend analysis	2	1	16.4	M	46	ZeroCERT

14667	2023-03-13 09:38	photo_004.exe 0c577c96ab7fd8f9164b6b22e5fb519f UPX Malicious Library OS Processor Check PE32 PE File unpack itself				0.8	M		ZeroCERT

14668	2023-03-13 03:37	assignment2.exe 28f81fad984a66e7078ffa11a1000d0d Gen1 Gen2 Generic Malware UPX Malicious Library Malicious Packer Anti_VM OS Processor Check PE64 PE File DLL ZIP Format VirusTotal Malware Check memory Creates executable files				1.6		7	guest

14669	2023-03-13 03:25	assignment2.exe 28f81fad984a66e7078ffa11a1000d0d Gen1 Gen2 Generic Malware UPX Malicious Library Malicious Packer Anti_VM OS Processor Check PE64 PE File DLL ZIP Format VirusTotal Malware Check memory Creates executable files				1.6		7	guest

14670	2023-03-12 21:46	TtaGNlxGDP9.exe c80c4970626ec8f3f54df91063c04731 PE File							guest