Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Rule	Score	Zero	VT	Player
14866	2023-03-06 10:18	O_O.DOC a3abd638cccbba1a516aea8fd2d63371 MS_RTF_Obfuscation_Objects RTF File doc Malware download VirusTotal Malware Malicious Traffic exploit crash unpack itself Exploit DNS crashed Downloader	1 Keyword trend analysis	1	2	1	4.6	M	34	r0d

14867	2023-03-06 10:09	cc............................... 0abfe119e17fbffb3bd81577d97de405 MS_RTF_Obfuscation_Objects RTF File doc Malware download VirusTotal Malware Malicious Traffic exploit crash unpack itself Exploit DNS crashed Downloader	1 Keyword trend analysis	1	2		4.4	M	27	r0d

14868	2023-03-06 09:58	fudpgk.hta.html e04b070bac40abf5159244c3cdfcba11 AntiDebug AntiVM MSOffice File VirusTotal Malware Code Injection RWX flags setting exploit crash unpack itself Windows utilities Tofsee Windows Exploit DNS crashed			2		4.4		14	ZeroCERT

14869	2023-03-06 09:49	blue32_c.exe f74f38976fb53d18f9ac2d912620c52f Hide_EXE Generic Malware Antivirus AntiDebug AntiVM .NET EXE PE32 PE File VirusTotal Malware powershell AutoRuns suspicious privilege Code Injection Check memory Checks debugger buffers extracted Creates shortcut unpack itself powershell.exe wrote suspicious process Windows ComputerName Cryptographic key crashed					10.6	M	52	ZeroCERT

14870	2023-03-06 09:49	cacert.exe 47ca254d94b8ba124ba8a3fdb4a52653 UPX Malicious Library AntiDebug AntiVM OS Processor Check PE32 PE File PE64 Malware download Cobalt Strike Cobalt VirusTotal Malware PDB Code Injection Checks debugger Creates executable files RWX flags setting unpack itself ComputerName Remote Code Execution DNS	1 Keyword trend analysis	1	1		6.2		52	ZeroCERT

14871	2023-03-06 09:46	nik0300.exe 646f9a44ad9c8719b45951a29f8d3c6d Gen2 UPX Malicious Library Malicious Packer OS Processor Check PE32 PE File DLL VirusTotal Malware Check memory Checks debugger buffers extracted Creates executable files unpack itself AppData folder IP Check Tofsee	2 Keyword trend analysis	6	2		6.0	M	53	ZeroCERT

14872	2023-03-06 09:46	serko4.exe 574653547a5e36e4be1866e522ac6c10 Gen1 Emotet UPX Malicious Library CAB PE32 PE File Browser Info Stealer FTP Client Info Stealer AutoRuns PDB suspicious privilege MachineGuid Check memory Checks debugger buffers extracted WMI Creates executable files unpack itself Disables Windows Security Collect installed applications AntiVM_Disk VM Disk Size Check installed browsers check Windows Update Browser ComputerName Remote Code Execution DNS Cryptographic key Software crashed		1			10.6			ZeroCERT

14873	2023-03-06 09:44	vbc.exe 10719af09de2df1eab59c94c0123bc97 UPX Malicious Library OS Processor Check PE32 PE File VirusTotal Malware PDB unpack itself Remote Code Execution					2.0		44	ZeroCERT

14874	2023-03-06 09:43	106.exe c3b975941fbb27386657f9cdec4dd02b Gen1 Gen2 Malicious Library UPX Malicious Packer PE32 PE File OS Processor Check DLL Browser Info Stealer Malware download VirusTotal Malware RecordBreaker MachineGuid Malicious Traffic Check memory Creates executable files unpack itself Collect installed applications AppData folder installed browsers check Stealer Windows Browser DNS crashed	9 Keyword trend analysis Info http://45.9.74.36/ http://45.9.74.36/aN7jD0qO6kT5bK5bQ4eR8fE1xP7hL2vK/mozglue.dll http://45.9.74.36/aN7jD0qO6kT5bK5bQ4eR8fE1xP7hL2vK/nss3.dll http://45.9.74.36/aN7jD0qO6kT5bK5bQ4eR8fE1xP7hL2vK/freebl3.dll http://45.9.74.36/aN7jD0qO6kT5bK5bQ4eR8fE1xP7hL2vK/vcruntime140.dll http://45.9.74.36/aN7jD0qO6kT5bK5bQ4eR8fE1xP7hL2vK/sqlite3.dll http://45.9.74.36/c3bdf1b0a7b9fb651b36d7baa7139b6b http://45.9.74.36/aN7jD0qO6kT5bK5bQ4eR8fE1xP7hL2vK/msvcp140.dll http://45.9.74.36/aN7jD0qO6kT5bK5bQ4eR8fE1xP7hL2vK/softokn3.dll	1	5		7.4		17	ZeroCERT

14875	2023-03-06 09:35	esp.exe af46c0772ef6c5378f13502c1ee065cc UPX Admin Tool (Sysinternals etc ...) OS Processor Check PE32 PE File VirusTotal Malware PDB					1.2	M	31	ZeroCERT

14876	2023-03-05 18:02	phone-to-name.kvcache 0e08f83592fb86c04631c67ad4c26f66 AntiDebug AntiVM Email Client Info Stealer suspicious privilege Checks debugger Creates shortcut unpack itself installed browsers check Windows Browser Email ComputerName keylogger					4.0			BRY

14877	2023-03-05 16:59	C86954DA-A0EC-45C2-9654-1C03EC... dc32b4116b811ce50fbe7ac1803b2a98 AntiDebug AntiVM Email Client Info Stealer suspicious privilege Checks debugger Creates shortcut unpack itself installed browsers check Browser Email ComputerName					3.4			BRY

14878	2023-03-05 16:14	A4D2B1EA-33A4-398A-8455-86E681... 57f67baa080f1153fd4179b5d277da11 AntiDebug AntiVM Email Client Info Stealer suspicious privilege Checks debugger Creates shortcut unpack itself installed browsers check Browser Email ComputerName					3.4			BRY

14879	2023-03-05 14:53	handdiy_6.exe 18669b21194b03105d0a9145635a1ce6 AgentTesla PWS[m] Gen2 Trojan_PWS_Stealer browser info stealer Credential User Data Generic Malware Google Chrome Downloader Malicious Packer SQLite Cookie UPX Malicious Library Create Service DGA Socket ScreenShot DNS BitCoin Internet API Code Browser Info Stealer VirusTotal Malware suspicious privilege Code Injection Checks debugger WMI Creates executable files exploit crash unpack itself Windows utilities suspicious process malicious URLs WriteConsoleW installed browsers check Tofsee Windows Exploit Browser ComputerName Remote Code Execution DNS crashed	1 Keyword trend analysis	4	3		10.4	M	55	ZeroCERT

14880	2023-03-05 14:45	doz.exe aaadcfe6655e23c6c263132085d59dbd UPX Malicious Library OS Processor Check PE32 PE File VirusTotal Malware unpack itself Remote Code Execution DNS		1			2.6	M	31	ZeroCERT