Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Rule	Score	Zero	VT	Player
1	2025-04-28 10:48	Distribution Document.pdf.msc 88a97131e57b1a857d13bb0cae48380e ScreenShot KeyLogger AntiDebug AntiVM VirusTotal Malware MachineGuid Code Injection Check memory RWX flags setting unpack itself					2.8		13	ZeroCERT

2	2025-04-28 10:48	pik.ps1 61d5db12ed0611000c59d5fd7fe884c2 Generic Malware Antivirus Malware download VirusTotal Malware powershell Malicious Traffic Check memory buffers extracted unpack itself Check virtual network interfaces WriteConsoleW Windows ComputerName DNS Cryptographic key Downloader	1 Keyword trend analysis	1	5 Info ET INFO Executable Download from dotted-quad Host ET MALWARE Terse alphanumeric executable downloader high likelihood of being hostile ET POLICY PE EXE or DLL Windows file download HTTP ET INFO Executable Retrieved With Minimal HTTP Headers - Potential Second Stage Download ET HUNTING SUSPICIOUS Dotted Quad Host MZ Response	1	5.6	M	21	ZeroCERT

3	2025-04-28 10:48	123.hta b91518fd7d17897900029527a74c3e0d Generic Malware Antivirus AntiDebug AntiVM Malware powershell suspicious privilege MachineGuid Code Injection Malicious Traffic Check memory Checks debugger buffers extracted Creates shortcut RWX flags setting unpack itself Windows utilities powershell.exe wrote Check virtual network interfaces suspicious process Tofsee Windows ComputerName Cryptographic key	1 Keyword trend analysis	2	1		9.6			ZeroCERT

4	2025-04-28 10:44	verify-sec 7b5660eccce9ebca4c58bd1181c636c7 Generic Malware Malicious Library UPX PE File PE64 OS Processor Check VirusTotal Malware Check memory					1.6	M	46	ZeroCERT

5	2025-04-28 10:38	nums.vbs fe71e84d826e568fb59858c87d53d966 Generic Malware Antivirus PowerShell Malware download VirusTotal Malware powershell suspicious privilege Malicious Traffic Check memory Checks debugger buffers extracted heapspray Creates shortcut unpack itself Check virtual network interfaces suspicious process WriteConsoleW Windows ComputerName DNS Cryptographic key Downloader	1 Keyword trend analysis	1	6 Info ET INFO PS1 Powershell File Request ET INFO Executable Download from dotted-quad Host ET MALWARE Terse alphanumeric executable downloader high likelihood of being hostile ET POLICY PE EXE or DLL Windows file download HTTP ET INFO Executable Retrieved With Minimal HTTP Headers - Potential Second Stage Download ET HUNTING SUSPICIOUS Dotted Quad Host MZ Response		10.0	M	8	ZeroCERT

6	2025-04-28 10:27	op.exe 1dce3688462e3f544ecde911071a04cf .NET framework(MSIL) Malicious Packer Antivirus Malicious Library UPX PE File .NET EXE PE32 OS Processor Check VirusTotal Malware Check memory Checks debugger unpack itself					2.4	M	57	ZeroCERT

7	2025-04-28 10:25	cred.dll c0333847dd277e47f3a803790032e69d Generic Malware Malicious Library UPX Antivirus PE File DLL PE32 OS Processor Check Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware Cryptocurrency wallets Cryptocurrency suspicious privilege MachineGuid Check memory Checks debugger Creates shortcut unpack itself Windows utilities suspicious process sandbox evasion installed browsers check Windows Browser Email ComputerName DNS Cryptographic key Software		1			9.2	M	56	ZeroCERT

8	2025-04-28 10:22	fgg.exe 5e064fc01e895ce732c9ce357ef96910 Generic Malware Malicious Library UPX PE File PE64 OS Processor Check VirusTotal Malware					1.2	M	49	ZeroCERT

9	2025-04-28 10:20	random.exe 79cc14b6c431d56af69f1aa815a8e5b7 Themida UPX PE File PE32 VirusTotal Malware Checks debugger unpack itself Checks Bios Detects VMWare VMware anti-virtualization Windows crashed					5.4	M	45	ZeroCERT

10	2025-04-28 10:20	clip64.dll 2a2a154e8cfb9c8393b610632f49c5cb Amadey Generic Malware Malicious Library UPX PE File DLL PE32 OS Processor Check VirusTotal Malware Malicious Traffic Checks debugger unpack itself DNS	1 Keyword trend analysis	1			3.6	M	54	ZeroCERT

11	2025-04-28 10:18	namen.ps1 e4ea2ac8d2a17b90650633ce30c5d7cd Generic Malware Antivirus URL Format VirusTotal Malware VBScript powershell AutoRuns Malicious Traffic Check memory buffers extracted Creates executable files unpack itself Check virtual network interfaces WriteConsoleW Windows ComputerName DNS Cryptographic key		1	6 Info ET INFO Executable Download from dotted-quad Host ET POLICY PE EXE or DLL Windows file download HTTP ET INFO Executable Retrieved With Minimal HTTP Headers - Potential Second Stage Download ET HUNTING SUSPICIOUS Dotted Quad Host MZ Response ET INFO Dotted Quad Host VBS Request ET HUNTING PowerShell DownloadString Command Common In Powershell Stagers		6.4	M	19	ZeroCERT

12	2025-04-28 10:18	clip64.dll e5c8cfb872996ad51af92a5c30246025 Amadey Generic Malware Malicious Library UPX PE File DLL PE32 OS Processor Check VirusTotal Malware Checks debugger unpack itself DNS		1			3.4	M	51	ZeroCERT

13	2025-04-28 10:16	cred64.dll d07cf2437774da1a750a65f28b4ab5a1 Generic Malware Malicious Library UPX Antivirus PE File PE64 DLL OS Processor Check Browser Info Stealer FTP Client Info Stealer VirusTotal Malware Cryptocurrency wallets Cryptocurrency powershell PDB suspicious privilege MachineGuid Malicious Traffic Check memory Checks debugger Creates shortcut unpack itself Windows utilities powershell.exe wrote suspicious process installed browsers check Windows Browser ComputerName DNS Cryptographic key Software	1 Keyword trend analysis	1			9.4		52	ZeroCERT

14	2025-04-28 10:16	cred.dll 69aba41ff3745b625a9e73b0f167b0e2 Generic Malware Malicious Library UPX Antivirus PE File DLL PE32 OS Processor Check Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware Cryptocurrency wallets Cryptocurrency suspicious privilege MachineGuid Malicious Traffic Check memory Checks debugger Creates shortcut unpack itself Windows utilities suspicious process sandbox evasion installed browsers check Windows Browser Email ComputerName DNS Cryptographic key Software	1 Keyword trend analysis	2			9.4		50	ZeroCERT

15	2025-04-28 10:14	random.exe bfd4ad6d57c086d2e64ccd39398a908e Gen1 Themida Generic Malware PhysicalDrive Downloader UPX Malicious Packer Malicious Library Antivirus Create Service Socket DGA Http API ScreenShot Escalate priviledges Steal credential PWS Sniff Audio HTTP DNS Code injection Internet API FTP KeyLogger P VirusTotal Malware suspicious privilege Code Injection Check memory WMI Creates executable files unpack itself Windows utilities suspicious process AppData folder WriteConsoleW Windows ComputerName crashed					7.8	M	33	ZeroCERT