Submissions

No Date Request Urls Hosts IDS Rule Score Zero VT Player Etc
14806 2023-03-16 09:52 extracted_at_0x1fcfe.rtf  

a2e65ee8b8053a33bb6f72dd96da0cb1


MS_RTF_Obfuscation_Objects RWX flags setting
0.8 guest

14807 2023-03-16 09:52 vbc.exe  

78bfa5db909ad9e080b957dd9acd4f6b


UPX Malicious Library Malicious Packer PE32 PE File VirusTotal Malware Check memory Creates executable files unpack itself AppData folder Windows keylogger
2 5.6 M 37 ZeroCERT

14808 2023-03-16 09:51 extracted_at_0x1f508.rtf  

f6fb6d0f1d993497016533befd6f8453


MS_RTF_Obfuscation_Objects exploit crash Exploit crashed
1.0 guest

14809 2023-03-16 09:50 999..........................9...  

0f08eb0a48abbd926b1028b4371c15df


MS_RTF_Obfuscation_Objects RTF File doc Malware download VirusTotal Malware Malicious Traffic exploit crash unpack itself Windows Exploit DNS crashed Downloader
1 3 7 5.6 M 30 ZeroCERT

14810 2023-03-16 09:50 extracted_at_0x1f399.rtf  

c23384980dbea19471162bd2671e1b3c


MS_RTF_Obfuscation_Objects RWX flags setting
0.8 guest

14811 2023-03-16 09:49 extracted_at_0x1f93b.rtf  

abf293a7ffa9b6368b2d06163cd6a552


MS_RTF_Obfuscation_Objects exploit crash Exploit crashed
1.0 guest

14812 2023-03-16 09:48 vbc.exe  

8464e5ded61cc6085adeb10e81fc6483


RAT Generic Malware UPX Antivirus .NET EXE PE32 PE File VirusTotal Malware powershell suspicious privilege Code Injection Check memory Checks debugger Creates shortcut unpack itself Windows utilities powershell.exe wrote suspicious process WriteConsoleW Windows ComputerName Cryptographic key
8.0 M 31 ZeroCERT

14813 2023-03-16 09:48 extracted_at_0x1f45a.rtf  

6820ff0c972ed601cd5a2a2f53460149


MS_RTF_Obfuscation_Objects RWX flags setting
0.8 guest

14814 2023-03-16 09:47 extracted_at_0x1f9d5.rtf  

2fbba6115a9c80f024c480ed48a0e6c6


MS_RTF_Obfuscation_Objects exploit crash Exploit crashed
1.0 guest

14815 2023-03-16 09:46 vbc.exe  

0d9b2efac64b4245292e7c3112ec8771


RAT UPX PWS[m] AntiDebug AntiVM .NET EXE PE32 PE File FormBook Malware download VirusTotal Malware suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted unpack itself
1 4 1 8.2 M 30 ZeroCERT

14816 2023-03-16 09:46 extracted_at_0x1f8d7.rtf  

eb8d3dcc65e815b8bea8baa4004bacd8


MS_RTF_Obfuscation_Objects RWX flags setting
0.8 guest

14817 2023-03-16 09:45 extracted_at_0x1f6d1.rtf  

1f3d9820a1957a724c30b14ba1e31669


MS_RTF_Obfuscation_Objects exploit crash Exploit crashed
1.0 guest

14818 2023-03-16 09:44 oloriolori.exe  

ac9303872d21893ff80fab77f557f94a


NPKI SMTP KeyLogger AntiDebug AntiVM PE64 PE File VirusTotal Malware Buffer PE PDB suspicious privilege MachineGuid Code Injection Check memory Checks debugger buffers extracted unpack itself Windows Cryptographic key crashed
6.8 M 24 ZeroCERT

14819 2023-03-16 09:44 extracted_at_0x1f2b2.rtf  

827eb08a8f63b385eb5726a886fbcc9b


MS_RTF_Obfuscation_Objects RWX flags setting
0.8 guest

14820 2023-03-16 09:42 extracted_at_0x1ef92.rtf  

129dcf11efc910dc4f30070accde518b


MS_RTF_Obfuscation_Objects exploit crash Exploit crashed
1.0 guest