popup

Submissions

No Date Request Urls Hosts IDS Rule Score Zero VT Player Etc
1 2024-11-05 04:18 VST32License.exe  

340dc61a684cc553c6e487da9d1692d4


Generic Malware Malicious Library UPX PE File PE32 OS Processor Check VirusTotal Malware PDB unpack itself 		1.8 11 guest

2 2024-11-05 03:57 VST32License.exe  

340dc61a684cc553c6e487da9d1692d4


Generic Malware Malicious Library UPX PE File PE32 OS Processor Check VirusTotal Malware PDB unpack itself 		1.8 11 guest

3 2024-11-03 13:44 DocTromTinNhan.exe  

25dd80dc8b9c5e1afc5afb8c47253681


Gen1 Generic Malware Downloader Malicious Library ASPack UPX Create Service Socket DGA Http API ScreenShot Escalate priviledges Steal credential PWS Sniff Audio HTTP DNS Code injection Internet API persistence FTP KeyLogger P2P Anti_VM AntiDebug AntiVM PE Check memory Checks debugger Creates executable files unpack itself 		2.0 32 guest

4 2024-11-01 18:14 MPDW-constraints.vbs  

d27816d0f221aaf7a0362700a3e0a5b4

VirusTotal Malware DNS 		1 1 0.4 3 ZeroCERT

5 2024-11-01 18:12 87f3f2.exe  

57ad05a16763721af8dae3e699d93055


Generic Malware Malicious Library Malicious Packer UPX PE File .NET EXE PE32 DLL OS Processor Check VirusTotal Malware Check memory Checks debugger Creates executable files unpack itself AppData folder crashed 		3.4 45 ZeroCERT

6 2024-11-01 18:10 Client-built.exe  

cef03024e5b35b5197c1337596109958


Malicious Library Malicious Packer .NET framework(MSIL) UPX PE File .NET EXE PE32 VirusTotal Malware Check memory Checks debugger unpack itself 		2.0 62 ZeroCERT

7 2024-11-01 18:10 norm.exe  

7cfe878555b8cc04fc52385219b423d7


Themida PE File PE32 VirusTotal Malware AutoRuns unpack itself Checks Bios Detects VirtualBox Detects VMWare AppData folder VMware anti-virtualization Windows Remote Code Execution Firmware DNS crashed 		1 9.6 20 ZeroCERT

8 2024-11-01 18:08 chrome_131.exe  

d9a5e741b1f67593422bfb1a165288bb


Themida Generic Malware PE File PE64 VirusTotal Malware unpack itself Windows crashed 		2.8 32 ZeroCERT

9 2024-11-01 18:08 kjrhjijawdkrjhh.exe  

c98fd7becd6564b80e06e88c1d47fa77


Generic Malware Antivirus PE File .NET EXE PE32 VirusTotal Malware powershell PDB suspicious privilege Check memory Checks debugger Creates shortcut unpack itself powershell.exe wrote Check virtual network interfaces suspicious process WriteConsoleW Windows ComputerName Cryptographic key 		1 6.0 21 ZeroCERT

10 2024-11-01 09:55 Calibre_Installer.exe  

3722d2ad2f7e099039229456b7472711


Suspicious_Script Generic Malware Malicious Library Admin Tool (Sysinternals etc ...) Malicious Packer UPX PE File PE64 VirusTotal Malware 		1.6 45 ZeroCERT

11 2024-11-01 09:53 XC.exe  

1b76c0d5d1d6a5197d055223b134dcca


Antivirus UPX PE File .NET EXE PE32 OS Processor Check VirusTotal Malware AutoRuns suspicious privilege MachineGuid Check memory Checks debugger Creates shortcut Creates executable files unpack itself AntiVM_Disk VM Disk Size Check Windows ComputerName 		5.2 54 ZeroCERT

12 2024-11-01 09:51 a.hta  

9d17c4b02df4c09f0912771f0768ff44

VirusTotal Malware Check memory RWX flags setting unpack itself Interception 		2 2.0 7 ZeroCERT

13 2024-11-01 09:38 cummmconstraints.vbs  

5be1b5d2d9d40c68c02e9b54c65908b6

VirusTotal Malware DNS crashed 		1 1 0.6 3 ZeroCERT

14 2024-11-01 09:37 cred64.dll  

4ee14c120abf1d75584ce94b307acfb3


Generic Malware Malicious Library UPX Antivirus PE File DLL PE64 OS Processor Check Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware Cryptocurrency wallets Cryptocurrency PDB suspicious privilege MachineGuid Check memory Checks debugger Creates shortcut unpack itself Windows utilities suspicious process sandbox evasion installed browsers check Windows Browser Email ComputerName DNS Cryptographic key Software 		1 9.6 55 ZeroCERT

15 2024-11-01 09:34 cred64.dll  

e0fa46dcdfa93a3769a567a1498742d7


Generic Malware Malicious Library UPX Antivirus PE File DLL PE64 OS Processor Check Browser Info Stealer FTP Client Info Stealer VirusTotal Malware Cryptocurrency wallets Cryptocurrency powershell PDB suspicious privilege MachineGuid Check memory Checks debugger Creates shortcut unpack itself Windows utilities powershell.exe wrote suspicious process sandbox evasion installed browsers check Windows Browser ComputerName DNS Cryptographic key Software 		1 9.6 48 ZeroCERT

keyword