Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Score	Zero	VT	Player
14821	2023-03-07 17:04	Invoice-1449260.pdf adfc880ef5985ca36a7c9b7477a5b899 PDF Suspicious Link PDF unpack itself Windows utilities Windows				1.4			ZeroCERT

14822	2023-03-07 16:46	Qqmgu.exe d51b795d07157787fcbd5a19a70f1a01 .NET EXE PE32 PE File VirusTotal Malware suspicious privilege Check memory Checks debugger unpack itself Windows ComputerName Cryptographic key crashed				3.0	M	26	ZeroCERT

14823	2023-03-07 16:46	EKL.exe 21eee575b2425a16123e5eccb8d280c6 AgentTesla PWS[m] browser info stealer Google Chrome User Data Downloader Create Service Socket DNS Internet API Sniff Audio KeyLogger Escalate priviledges AntiDebug AntiVM .NET EXE PE32 PE File Remcos VirusTotal Malware AutoRuns Code Injection Malicious Traffic Check memory Checks debugger buffers extracted Creates executable files unpack itself suspicious process Windows DNS keylogger	1 Keyword trend analysis	5	2	13.6	M	49	ZeroCERT

14824	2023-03-07 16:43	cronometro.exe c936447056679be7cfbdb7273a1d98c8 RAT UPX Admin Tool (Sysinternals etc ...) .NET EXE PE32 PE File VirusTotal Malware PDB Malicious Traffic Check memory Checks debugger unpack itself Check virtual network interfaces Windows ComputerName	2 Keyword trend analysis	2		5.4	M	24	ZeroCERT

14825	2023-03-07 16:41	gr8t.exe 4d5347cd6edbad9c467080f19bb542b3 PWS .NET framework RAT UPX OS Processor Check .NET EXE PE32 PE File VirusTotal Malware PDB Malicious Traffic Check memory Checks debugger unpack itself Check virtual network interfaces Tofsee Windows	1 Keyword trend analysis	2	1	3.8		2	ZeroCERT

14826	2023-03-07 16:41	espI.exe db1128cf32902770d5b0075772bfc0b9 RAT UPX Malicious Library Malicious Packer OS Processor Check .NET EXE PE32 PE File VirusTotal Malware MachineGuid Check memory Checks debugger unpack itself AntiVM_Disk VM Disk Size Check ComputerName				2.8	M	40	ZeroCERT

14827	2023-03-07 15:32	Cliente.url 6bbce3224d51716918724a26773d1568 AntiDebug AntiVM MSOffice File VirusTotal Malware Code Injection RWX flags setting exploit crash unpack itself Windows utilities Tofsee Windows Exploit DNS crashed	1 Keyword trend analysis	1	2	5.8		2	ZeroCERT

14828	2023-03-07 14:23	s1.bin f2828ba07465ddb78784df30bf90b76f Malicious Library Anti_VM OS Processor Check crashed				0.2			guest

14829	2023-03-07 14:01	Servizi.url f7f200f9159e911f84ae40e1a0c4e745 AntiDebug AntiVM MSOffice File VirusTotal Malware Code Injection RWX flags setting exploit crash unpack itself Windows utilities Tofsee Windows Exploit DNS crashed	1 Keyword trend analysis	1	2	5.8		2	ZeroCERT

14830	2023-03-07 10:52	Launcher.scr 4e32c1ae7807c0a82e3b68b6791345fc RedLine stealer[m] Malicious Library UPX AntiDebug AntiVM OS Processor Check PE File PE32 Buffer PE Code Injection Check memory Checks debugger buffers extracted unpack itself Windows DNS Cryptographic key		1		8.0			ZeroCERT

14831	2023-03-07 10:01	Attachment-GAKND(28).js 097dd5c5e9df7e83a46ef98a0e4c97cc Generic Malware Antivirus Escalate priviledges AntiDebug AntiVM PowerShell powershell suspicious privilege Code Injection Check memory Checks debugger Creates shortcut unpack itself Windows utilities suspicious process WriteConsoleW Windows ComputerName Cryptographic key crashed	1 Keyword trend analysis			7.0			ZeroCERT

14832	2023-03-07 10:00	Attachment-Cc(731).js 4d6f207abc312202cfe05848020bfc91 Generic Malware Antivirus Escalate priviledges AntiDebug AntiVM PowerShell powershell suspicious privilege Code Injection Check memory Checks debugger Creates shortcut unpack itself Windows utilities suspicious process WriteConsoleW Windows ComputerName Cryptographic key crashed	1 Keyword trend analysis			7.0			ZeroCERT

14833	2023-03-07 10:00	KJH.exe 9fe11f84460abd22cc955530ca89cf8c AgentTesla PWS[m] browser info stealer Google Chrome User Data Downloader Create Service Socket DNS Internet API Sniff Audio KeyLogger Escalate priviledges AntiDebug AntiVM .NET EXE PE File PE32 Remcos VirusTotal Malware AutoRuns suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted Creates executable files unpack itself suspicious process Windows DNS DDNS crashed keylogger	1 Keyword trend analysis	4	2	14.8	M	35	ZeroCERT

14834	2023-03-07 09:57	curriculum_vitae-copie.vbs 5e175b3bb3d8dc97174238b3f620992c VirusTotal Malware VBScript wscript.exe payload download Tofsee crashed Dropper	1 Keyword trend analysis	2	2	10.0		1	ZeroCERT

14835	2023-03-07 09:55	vbc.exe fa09ac9744cb561fc7e626102cd56932 PWS[m] PWS .NET framework RAT Generic Malware UPX Antivirus SMTP KeyLogger AntiDebug AntiVM OS Processor Check .NET EXE PE File PE32 Browser Info Stealer Malware download FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware PDB suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted Creates shortcut unpack itself Check virtual network interfaces suspicious process IP Check Windows Browser Email ComputerName DNS Cryptographic key DDNS Software crashed keylogger	2 Keyword trend analysis	3	5	15.4	M	23	ZeroCERT