Submissions

No Date Request Urls Hosts IDS Rule Score Zero VT Player Etc
14791 2023-03-16 10:03 extracted_at_0x21c5a.rtf  

6faa860c05e6d4b0bcf3275d54e425dd


MS_RTF_Obfuscation_Objects RWX flags setting
0.8 guest

14792 2023-03-16 10:03 extracted_at_0x21b16.rtf  

667054a9add6772bd28b26b5ceb7a6af


MS_RTF_Obfuscation_Objects unpack itself
0.8 guest

14793 2023-03-16 10:03 extracted_at_0x21aa3.rtf  

cc0f57c92d83e4f27cce066f2b16f493


MS_RTF_Obfuscation_Objects exploit crash Exploit crashed
1.0 guest

14794 2023-03-16 10:01 extracted_at_0x21a0a.rtf  

c65491c8e739cc09d3beed02edb55495


MS_RTF_Obfuscation_Objects RWX flags setting
0.8 guest

14795 2023-03-16 10:01 extracted_at_0x20fb9.rtf  

199bd488721795459f9760c7f062a8cc


MS_RTF_Obfuscation_Objects unpack itself
0.8 guest

14796 2023-03-16 10:00 extracted_at_0x20db0.rtf  

c9a1d61a0ed042303527c669384c6d0c


MS_RTF_Obfuscation_Objects exploit crash Exploit crashed
1.0 guest

14797 2023-03-16 09:59 extracted_at_0x20f46.rtf  

517b863abc6e03c7d45df11ad7c1aa5f


MS_RTF_Obfuscation_Objects RWX flags setting
0.8 guest

14798 2023-03-16 09:59 extracted_at_0x20c7e.rtf  

4b5a41f086007a74dcae5b651f3c1e76


MS_RTF_Obfuscation_Objects unpack itself
0.8 guest

14799 2023-03-16 09:58 extracted_at_0x20b0c.rtf  

bd5f7ac89ede79f15fdd3f4fa315566d


MS_RTF_Obfuscation_Objects exploit crash Exploit crashed
1.0 guest

14800 2023-03-16 09:57 vbc.exe  

6a0d9778f0c3c7b539e35e53985cdcdb


RAT UPX SMTP PWS[m] KeyLogger AntiDebug AntiVM .NET EXE PE32 PE File Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware AutoRuns suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself Windows Browser Email ComputerName Cryptographic key Software crashed
12.4 M 30 ZeroCERT

14801 2023-03-16 09:57 extracted_at_0x20a9f.rtf  

1abb3c92c13e9e48f0231aaba25fed96


MS_RTF_Obfuscation_Objects RWX flags setting
0.8 guest

14802 2023-03-16 09:56 extracted_at_0x1ffd0.rtf  

053c2af8ceb22f54180f95cf84d39150


MS_RTF_Obfuscation_Objects exploit crash Exploit crashed
1.0 guest

14803 2023-03-16 09:55 86.exe  

5343b3beaadd15a14319e4b21dc68077


NPKI UPX Admin Tool (Sysinternals etc ...) Create Service Socket ScreenShot DNS PWS[m] KeyLogger Escalate priviledges persistence BitCoin AntiDebug AntiVM .NET EXE PE32 PE File Browser Info Stealer VirusTotal Malware Cryptocurrency wallets Cryptocurrency PDB MachineGuid Code Injection Check memory Checks debugger buffers extracted WMI Creates shortcut unpack itself Windows utilities suspicious process malicious URLs Ransomware Windows Browser ComputerName DNS Cryptographic key crashed
1 13.6 M 43 ZeroCERT

14804 2023-03-16 09:55 extracted_at_0x1fefb.rtf  

04d073434805a5b1c8a414b67120ebc0


MS_RTF_Obfuscation_Objects RWX flags setting
0.8 guest

14805 2023-03-16 09:54 extracted_at_0x1fe28.rtf  

732f8a490e170d3eb7d3cc51828146a5


MS_RTF_Obfuscation_Objects exploit crash Exploit crashed
1.0 guest