popup

Submissions

No Date Request Urls Hosts IDS Rule Score Zero VT Player Etc
14851 2023-03-06 11:35 [Content_Types].xml  

fc309b7562155243395b07fedd6dce54


PWS[m] Downloader Create Service DGA Socket ScreenShot DNS Internet API Code injection Hijack Network Sniff Audio HTTP Steal credential KeyLogger P2P Escalate priviledges persistence FTP Http API AntiDebug AntiVM MSOffice File Code Injection RWX flags setting exploit crash unpack itself Windows utilities malicious URLs Tofsee Windows Exploit DNS crashed 		2 4.2 guest

14852 2023-03-06 11:34 [Content_Types].xml  

fc309b7562155243395b07fedd6dce54


AntiDebug AntiVM MSOffice File Code Injection RWX flags setting exploit crash unpack itself Windows utilities Windows Exploit DNS crashed 		3.8 guest

14853 2023-03-06 10:44 mohta5.exe  

ce9e476de13fb6f7297d062b234ee4ec


Gen1 Emotet Malicious Library UPX CAB PE File PE32 Browser Info Stealer FTP Client Info Stealer AutoRuns PDB suspicious privilege Check memory Checks debugger buffers extracted WMI Creates executable files unpack itself Collect installed applications AntiVM_Disk VM Disk Size Check installed browsers check Windows Browser ComputerName Remote Code Execution DNS Cryptographic key Software crashed 		1 8.2 ZeroCERT

14854 2023-03-06 10:21 DHL722918767AA.doc  

a8c9121e6ee657a0451f4eeb6e6865c6


MS_RTF_Obfuscation_Objects RTF File doc VirusTotal Malware exploit crash unpack itself Exploit DNS crashed 		1 4.8 34 r0d

14855 2023-03-06 10:18 O_O.DOC  

a3abd638cccbba1a516aea8fd2d63371


MS_RTF_Obfuscation_Objects RTF File doc Malware download VirusTotal Malware Malicious Traffic exploit crash unpack itself Exploit DNS crashed Downloader 		1 1 2 1 4.6 M 34 r0d

14856 2023-03-06 10:09 cc...............................  

0abfe119e17fbffb3bd81577d97de405


MS_RTF_Obfuscation_Objects RTF File doc Malware download VirusTotal Malware Malicious Traffic exploit crash unpack itself Exploit DNS crashed Downloader 		1 1 2 4.4 M 27 r0d

14857 2023-03-06 09:58 fudpgk.hta.html  

e04b070bac40abf5159244c3cdfcba11


AntiDebug AntiVM MSOffice File VirusTotal Malware Code Injection RWX flags setting exploit crash unpack itself Windows utilities Tofsee Windows Exploit DNS crashed 		2 4.4 14 ZeroCERT

14858 2023-03-06 09:49 blue32_c.exe  

f74f38976fb53d18f9ac2d912620c52f


Hide_EXE Generic Malware Antivirus AntiDebug AntiVM .NET EXE PE32 PE File VirusTotal Malware powershell AutoRuns suspicious privilege Code Injection Check memory Checks debugger buffers extracted Creates shortcut unpack itself powershell.exe wrote suspicious process Windows ComputerName Cryptographic key crashed 		10.6 M 52 ZeroCERT

14859 2023-03-06 09:49 cacert.exe  

47ca254d94b8ba124ba8a3fdb4a52653


UPX Malicious Library AntiDebug AntiVM OS Processor Check PE32 PE File PE64 Malware download Cobalt Strike Cobalt VirusTotal Malware PDB Code Injection Checks debugger Creates executable files RWX flags setting unpack itself ComputerName Remote Code Execution DNS 		1 1 1 6.2 52 ZeroCERT

14860 2023-03-06 09:46 nik0300.exe  

646f9a44ad9c8719b45951a29f8d3c6d


Gen2 UPX Malicious Library Malicious Packer OS Processor Check PE32 PE File DLL VirusTotal Malware Check memory Checks debugger buffers extracted Creates executable files unpack itself AppData folder IP Check Tofsee 		2 6 2 6.0 M 53 ZeroCERT

14861 2023-03-06 09:46 serko4.exe  

574653547a5e36e4be1866e522ac6c10


Gen1 Emotet UPX Malicious Library CAB PE32 PE File Browser Info Stealer FTP Client Info Stealer AutoRuns PDB suspicious privilege MachineGuid Check memory Checks debugger buffers extracted WMI Creates executable files unpack itself Disables Windows Security Collect installed applications AntiVM_Disk VM Disk Size Check installed browsers check Windows Update Browser ComputerName Remote Code Execution DNS Cryptographic key Software crashed 		1 10.6 ZeroCERT

14862 2023-03-06 09:44 vbc.exe  

10719af09de2df1eab59c94c0123bc97


UPX Malicious Library OS Processor Check PE32 PE File VirusTotal Malware PDB unpack itself Remote Code Execution 		2.0 44 ZeroCERT

14863 2023-03-06 09:43 106.exe  

c3b975941fbb27386657f9cdec4dd02b


Gen1 Gen2 Malicious Library UPX Malicious Packer PE32 PE File OS Processor Check DLL Browser Info Stealer Malware download VirusTotal Malware RecordBreaker MachineGuid Malicious Traffic Check memory Creates executable files unpack itself Collect installed applications AppData folder installed browsers check Stealer Windows Browser DNS crashed 		9 1 5 7.4 17 ZeroCERT

14864 2023-03-06 09:35 esp.exe  

af46c0772ef6c5378f13502c1ee065cc


UPX Admin Tool (Sysinternals etc ...) OS Processor Check PE32 PE File VirusTotal Malware PDB 		1.2 M 31 ZeroCERT

14865 2023-03-05 18:02 phone-to-name.kvcache  

0e08f83592fb86c04631c67ad4c26f66


AntiDebug AntiVM Email Client Info Stealer suspicious privilege Checks debugger Creates shortcut unpack itself installed browsers check Windows Browser Email ComputerName keylogger 		4.0 BRY

keyword