Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Rule	Score	Zero	VT	Player
1	2025-04-28 10:48	Distribution Document.pdf.msc 88a97131e57b1a857d13bb0cae48380e ScreenShot KeyLogger AntiDebug AntiVM VirusTotal Malware MachineGuid Code Injection Check memory RWX flags setting unpack itself					2.8		13	ZeroCERT

2	2025-04-28 10:48	pik.ps1 61d5db12ed0611000c59d5fd7fe884c2 Generic Malware Antivirus Malware download VirusTotal Malware powershell Malicious Traffic Check memory buffers extracted unpack itself Check virtual network interfaces WriteConsoleW Windows ComputerName DNS Cryptographic key Downloader	1 Keyword trend analysis	1	5 Info ET INFO Executable Download from dotted-quad Host ET MALWARE Terse alphanumeric executable downloader high likelihood of being hostile ET POLICY PE EXE or DLL Windows file download HTTP ET INFO Executable Retrieved With Minimal HTTP Headers - Potential Second Stage Download ET HUNTING SUSPICIOUS Dotted Quad Host MZ Response	1	5.6	M	21	ZeroCERT

3	2025-04-28 10:48	123.hta b91518fd7d17897900029527a74c3e0d Generic Malware Antivirus AntiDebug AntiVM Malware powershell suspicious privilege MachineGuid Code Injection Malicious Traffic Check memory Checks debugger buffers extracted Creates shortcut RWX flags setting unpack itself Windows utilities powershell.exe wrote Check virtual network interfaces suspicious process Tofsee Windows ComputerName Cryptographic key	1 Keyword trend analysis	2	1		9.6			ZeroCERT

4	2025-04-28 10:38	nums.vbs fe71e84d826e568fb59858c87d53d966 Generic Malware Antivirus PowerShell Malware download VirusTotal Malware powershell suspicious privilege Malicious Traffic Check memory Checks debugger buffers extracted heapspray Creates shortcut unpack itself Check virtual network interfaces suspicious process WriteConsoleW Windows ComputerName DNS Cryptographic key Downloader	1 Keyword trend analysis	1	6 Info ET INFO PS1 Powershell File Request ET INFO Executable Download from dotted-quad Host ET MALWARE Terse alphanumeric executable downloader high likelihood of being hostile ET POLICY PE EXE or DLL Windows file download HTTP ET INFO Executable Retrieved With Minimal HTTP Headers - Potential Second Stage Download ET HUNTING SUSPICIOUS Dotted Quad Host MZ Response		10.0	M	8	ZeroCERT

5	2025-04-28 10:18	namen.ps1 e4ea2ac8d2a17b90650633ce30c5d7cd Generic Malware Antivirus URL Format VirusTotal Malware VBScript powershell AutoRuns Malicious Traffic Check memory buffers extracted Creates executable files unpack itself Check virtual network interfaces WriteConsoleW Windows ComputerName DNS Cryptographic key		1	6 Info ET INFO Executable Download from dotted-quad Host ET POLICY PE EXE or DLL Windows file download HTTP ET INFO Executable Retrieved With Minimal HTTP Headers - Potential Second Stage Download ET HUNTING SUSPICIOUS Dotted Quad Host MZ Response ET INFO Dotted Quad Host VBS Request ET HUNTING PowerShell DownloadString Command Common In Powershell Stagers		6.4	M	19	ZeroCERT

6	2025-04-28 10:14	namen.ps1 a96761c1e3bed0f2c2f8e2d616f60d40 Generic Malware Antivirus URL Format Malware download VirusTotal Malware VBScript powershell AutoRuns Malicious Traffic Check memory buffers extracted Creates executable files unpack itself Check virtual network interfaces WriteConsoleW Windows ComputerName DNS Cryptographic key Downloader	2 Keyword trend analysis	1	7 Info ET INFO Executable Download from dotted-quad Host ET MALWARE Terse alphanumeric executable downloader high likelihood of being hostile ET POLICY PE EXE or DLL Windows file download HTTP ET INFO Executable Retrieved With Minimal HTTP Headers - Potential Second Stage Download ET HUNTING SUSPICIOUS Dotted Quad Host MZ Response ET INFO Dotted Quad Host VBS Request ET HUNTING PowerShell DownloadString Command Common In Powershell Stagers		6.4		14	ZeroCERT

7	2025-04-28 09:04	download_cradle.ps1 bfe7652f5d2f9fee4948d1c055e40d7b Generic Malware Antivirus VirusTotal Malware powershell Malicious Traffic unpack itself Check virtual network interfaces WriteConsoleW Windows ComputerName DNS Cryptographic key		1	1		4.6	M	1	ZeroCERT

8	2025-04-27 20:16	main-292e27553c8f5cb8.js.pobra... 874495b398069ff0290471371070dd47 AntiDebug AntiVM Email Client Info Stealer suspicious privilege Checks debugger Creates shortcut unpack itself installed browsers check Browser Email ComputerName					3.4			guest

9	2025-04-27 20:16	6814.91bf0d11abffee40.js.pobra... 3defdbd83726e2fee563556bb3f090fb AntiDebug AntiVM Email Client Info Stealer suspicious privilege Checks debugger Creates shortcut unpack itself installed browsers check Browser Email ComputerName					3.4			guest

10	2025-04-27 20:16	framework-ca706bf673a13738.js.... a10cf05471abf077fc03bf9169b017df AntiDebug AntiVM Email Client Info Stealer suspicious privilege Checks debugger Creates shortcut unpack itself installed browsers check Browser Email ComputerName					3.4			guest

11	2025-04-27 20:16	ee8b1517-cc4d7300db27284e.js.p... b1b00d018cfa02b19eaecc88db4e5565 AntiDebug AntiVM Email Client Info Stealer Checks debugger Creates shortcut unpack itself installed browsers check Browser Email ComputerName					3.0			guest

12	2025-04-27 20:16	webpack-6751726d88b2d8ee.js.po... 142ad883093e6714179239e85447ac63 AntiDebug AntiVM Email Client Info Stealer suspicious privilege Checks debugger Creates shortcut unpack itself installed browsers check Browser Email ComputerName					3.4			guest

13	2025-04-27 20:14	290-f42c07d7b35e4d71.js.pobran... a5047921d8be76930805c8c57e3cb084 AntiDebug AntiVM Email Client Info Stealer suspicious privilege Checks debugger Creates shortcut unpack itself installed browsers check Browser Email ComputerName					3.4			guest

14	2025-04-27 20:14	75fc9c18-02b28d24f737c2ca.js.p... 45d7d6b211da2e37bb773c8f19982ed0 AntiDebug AntiVM Email Client Info Stealer suspicious privilege Checks debugger Creates shortcut unpack itself installed browsers check Browser Email ComputerName					3.4			guest

15	2025-04-27 20:11	8827-697d853337e0da0d.js.pobra... 1bcceffdea71610446593fac8920e1fd AntiDebug AntiVM Email Client Info Stealer suspicious privilege Checks debugger Creates shortcut unpack itself installed browsers check Browser Email ComputerName					3.4			guest