Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Score	Zero	VT	Player
14806	2023-03-08 11:07	photo_004.exe c043039d011fe79d35f7b0bca0e4b9ac UPX Malicious Library OS Processor Check PE32 PE File VirusTotal Malware PDB unpack itself Remote Code Execution				2.4	M	28	ZeroCERT

14807	2023-03-08 11:05	11.........................11.... 46ed76d1d2f6fd37e4eb4c9f07e078ca MS_RTF_Obfuscation_Objects RTF File doc Malware download VirusTotal Malware Malicious Traffic RWX flags setting exploit crash IP Check Windows Exploit DNS DDNS crashed keylogger Downloader	2 Keyword trend analysis	3	12 Info ET INFO Executable Download from dotted-quad Host ET MALWARE MSIL/GenKryptik.FQRH Download Request ET MALWARE Terse alphanumeric executable downloader high likelihood of being hostile ET MALWARE Likely Evil EXE download from dotted Quad by MSXMLHTTP M1 ET MALWARE 404/Snake/Matiex Keylogger Style External IP Check ET POLICY External IP Lookup - checkip.dyndns.org ET INFO DYNAMIC_DNS HTTP Request to a .dyndns .org Domain ET POLICY PE EXE or DLL Windows file download HTTP ET MALWARE Likely Evil EXE download from dotted Quad by MSXMLHTTP M2 ET HUNTING SUSPICIOUS Dotted Quad Host MZ Response ET INFO DYNAMIC_DNS Query to a .dyndns .org Domain ET INFO DYNAMIC_DNS Query to *.dyndns. Domain	5.4	M	33	ZeroCERT

14808	2023-03-08 11:05	vbc.exe fea070006007750c1c69082e0563f7af RAT Generic Malware Antivirus .NET EXE PE32 PE File VirusTotal Malware powershell PDB suspicious privilege Check memory Checks debugger buffers extracted Creates shortcut unpack itself powershell.exe wrote suspicious process WriteConsoleW Windows ComputerName Cryptographic key crashed				5.4	M	37	ZeroCERT

14809	2023-03-08 09:51	bR2j39T8KXnqkNd.dll 4e7c0febeab7b8257bb5a9a5b41964be Malicious Library Malicious Packer DLL PE File PE64 Remote Code Execution				0.8		1	guest

14810	2023-03-08 09:48	bR2j39T8KXnqkNd.dll 4e7c0febeab7b8257bb5a9a5b41964be Malicious Library Malicious Packer DLL PE File PE64 Remote Code Execution				0.8		1	guest

14811	2023-03-08 09:43	bR2j39T8KXnqkNd.dll 4e7c0febeab7b8257bb5a9a5b41964be Malicious Library Malicious Packer DLL PE File PE64 Remote Code Execution				0.8		1	guest

14812	2023-03-08 09:27	KgOsSXS0qerKyPTC.zip a1cee8e9a84548cb2bb043f9c0b99eb3							guest

14813	2023-03-08 08:03	diyige.exe 64c467cadb010b645ad1a04bb9ae000b UPX Malicious Library Malicious Packer Anti_VM PE32 PE File VirusTotal Malware Check memory Checks debugger unpack itself Browser DNS crashed		2		4.2	M	43	ZeroCERT

14814	2023-03-08 08:01	kizzd.exe 6bb3828d5bd61e4b73581121630c82e3 UPX Malicious Library Malicious Packer Anti_VM PE32 PE File VirusTotal Malware Check memory Checks debugger unpack itself suspicious TLD sandbox evasion Browser DNS crashed		3	1	5.8	M	36	ZeroCERT

14815	2023-03-08 07:59	358.exe 34517f9ebbfdc93ea5590bdff48b8c0b UPX Malicious Library Malicious Packer Anti_VM PE32 PE File VirusTotal Malware Check memory Checks debugger buffers extracted RWX flags setting unpack itself AntiVM_Disk sandbox evasion VM Disk Size Check Browser DNS crashed		1		6.4	M	42	ZeroCERT

14816	2023-03-08 07:59	zckop.exe 8ed2a04ece93bee35023ce41afccae0b UPX Malicious Library Malicious Packer Anti_VM PE32 PE File VirusTotal Malware Check memory Checks debugger unpack itself sandbox evasion Browser DNS crashed		1		5.0	M	38	ZeroCERT

14817	2023-03-08 07:46	zmp2.exe 212c5beb7e726a395316402bc999a534 UPX Malicious Library Malicious Packer Anti_VM PE32 PE File VirusTotal Malware Checks debugger unpack itself DNS crashed		1		4.2	M	29	ZeroCERT

14818	2023-03-07 18:07	ChatGPT.scr a0b3955d2406cf5b66628ea21bb1a41a RedLine stealer[m] UPX Malicious Library AntiDebug AntiVM OS Processor Check PE32 PE File Buffer PE Code Injection Check memory Checks debugger buffers extracted unpack itself Windows DNS Cryptographic key		1		8.0			ZeroCERT

14819	2023-03-07 17:32	Setup.scr fe78071bcd7b5fd9105734aaa485f816 RedLine stealer[m] UPX Malicious Library AntiDebug AntiVM OS Processor Check PE32 PE File Buffer PE Code Injection Check memory Checks debugger buffers extracted unpack itself Windows DNS Cryptographic key		1		8.6			ZeroCERT

14820	2023-03-07 17:28	Injection.scr 4e32c1ae7807c0a82e3b68b6791345fc RedLine stealer[m] UPX Malicious Library AntiDebug AntiVM OS Processor Check PE32 PE File Buffer PE Code Injection Check memory Checks debugger buffers extracted unpack itself Windows DNS Cryptographic key		1		8.0			ZeroCERT