popup

Submissions

No Date Request Urls Hosts IDS Rule Score Zero VT Player Etc
151 2023-06-19 07:44 fotod85.exe  

1b434201661bf03643dee979e896d283


Gen1 Emotet UPX Malicious Library Malicious Packer Admin Tool (Sysinternals etc ...) CAB PE32 PE File OS Processor Check DLL Browser Info Stealer RedLine Malware download Amadey FTP Client Info Stealer VirusTotal Malware AutoRuns PDB suspicious privilege Malicious Traffic Check memory Checks debugger WMI Creates executable files unpack itself Windows utilities Disables Windows Security Collect installed applications suspicious process AppData folder AntiVM_Disk WriteConsoleW VM Disk Size Check installed browsers check Stealer Windows Update Browser ComputerName Remote Code Execution DNS Cryptographic key Software crashed 		3 2 10 3 16.8 M 44 ZeroCERT

152 2023-06-19 07:45 foto166.exe  

5588669e4aad613744e9d61d340fd20d


Gen1 Emotet UPX Malicious Library Malicious Packer Admin Tool (Sysinternals etc ...) CAB PE32 PE File OS Processor Check DLL Browser Info Stealer RedLine Malware download Amadey FTP Client Info Stealer Malware AutoRuns PDB suspicious privilege Malicious Traffic Check memory Checks debugger WMI Creates executable files unpack itself Windows utilities Disables Windows Security Collect installed applications suspicious process AppData folder AntiVM_Disk WriteConsoleW VM Disk Size Check installed browsers check Stealer Windows Update Browser ComputerName Remote Code Execution DNS Cryptographic key Software crashed 		3 2 10 3 16.0 M ZeroCERT

153 2023-06-19 07:47 fotod85.exe  

2769dce2f501a2a1e34bf2804532fcd5


Gen1 Emotet UPX Malicious Library Malicious Packer Admin Tool (Sysinternals etc ...) CAB PE32 PE File OS Processor Check DLL Browser Info Stealer RedLine Malware download Amadey FTP Client Info Stealer VirusTotal Malware AutoRuns PDB suspicious privilege Malicious Traffic Check memory Checks debugger WMI Creates executable files unpack itself Windows utilities Disables Windows Security Collect installed applications suspicious process AppData folder AntiVM_Disk WriteConsoleW VM Disk Size Check installed browsers check Stealer Windows Update Browser ComputerName Remote Code Execution DNS Cryptographic key Software crashed 		3 2 10 3 16.8 M 43 ZeroCERT

154 2023-06-19 09:43 fiki0614242.exe  

d0fe5e997fb01417b2fe62989f94f6d6


Gen1 Emotet Gen2 Generic Malware UPX Malicious Library Malicious Packer CAB PE32 PE File OS Processor Check VirusTotal Malware AutoRuns PDB suspicious privilege Check memory Checks debugger WMI Creates shortcut Creates executable files RWX flags setting unpack itself Windows utilities Check virtual network interfaces suspicious process AntiVM_Disk sandbox evasion WriteConsoleW anti-virtualization VM Disk Size Check installed browsers check Windows Browser ComputerName Remote Code Execution crashed 		5 10.8 M 6 ZeroCERT

155 2023-06-20 17:33 ageelectronicie32.exe  

482df2c11dc09fe2bdafae64e2edec32


Gen1 Emotet UPX Malicious Library CAB PE File PE32 VirusTotal Malware AutoRuns PDB MachineGuid Check memory Checks debugger Creates executable files unpack itself AntiVM_Disk VM Disk Size Check Windows ComputerName Remote Code Execution 		4.4 34 ZeroCERT

156 2023-06-20 17:35 bluesubstantialie64.exe  

2bd2470d90bd8de8e260ff88a3fb181b


Gen1 Emotet UPX Malicious Library CAB PE64 PE File .NET EXE PE32 VirusTotal Malware AutoRuns PDB MachineGuid Check memory Checks debugger Creates executable files unpack itself AppData folder Windows ComputerName Remote Code Execution 		4.6 18 ZeroCERT

157 2023-07-07 07:40 glassadequatepro.exe  

fa6ec356a90ef16403ad579d87b05ee5


Gen1 Emotet UPX Malicious Library .NET framework(MSIL) CAB PE64 PE File OS Processor Check .NET EXE PE32 AutoRuns PDB Check memory Checks debugger Creates executable files unpack itself Check virtual network interfaces AppData folder Windows Remote Code Execution DNS 		2 6.2 ZeroCERT

158 2023-07-11 07:45 photo540.exe  

0b18dc187ed40a7a6310a6c4ba98ec91


Gen1 Emotet SmokeLoader UPX Malicious Library Admin Tool (Sysinternals etc ...) Malicious Packer CAB PE File PE32 OS Processor Check DLL Browser Info Stealer RedLine Malware download Amadey FTP Client Info Stealer Malware AutoRuns PDB suspicious privilege MachineGuid Malicious Traffic Check memory Checks debugger WMI Creates executable files RWX flags setting unpack itself Windows utilities Disables Windows Security Collect installed applications suspicious process AppData folder AntiVM_Disk WriteConsoleW VM Disk Size Check installed browsers check Stealer Windows Update Browser ComputerName Remote Code Execution DNS Cryptographic key Software crashed Downloader 		5 3 13 17.4 M ZeroCERT

159 2023-07-18 07:21 fotod25.exe  

74b51238ceac125ca090efeb2b3bce46


Gen1 Emotet UPX Malicious Library Admin Tool (Sysinternals etc ...) Malicious Packer CAB PE File PE32 OS Processor Check DLL Browser Info Stealer RedLine Malware download Amadey FTP Client Info Stealer VirusTotal Malware AutoRuns PDB suspicious privilege Malicious Traffic Check memory Checks debugger WMI Creates executable files unpack itself Windows utilities Disables Windows Security Collect installed applications suspicious process AppData folder AntiVM_Disk WriteConsoleW VM Disk Size Check installed browsers check Stealer Windows Update Browser ComputerName Remote Code Execution DNS Cryptographic key Software crashed 		6 2 10 3 16.6 44 ZeroCERT

160 2023-07-18 07:24 foto135.exe  

327b57745b8c136ea8d4e4e1519f508d


Gen1 Emotet RedLine Infostealer RedLine stealer UPX Malicious Library .NET framework(MSIL) Confuser .NET Admin Tool (Sysinternals etc ...) Malicious Packer CAB PE File PE32 OS Processor Check .NET EXE DLL Browser Info Stealer RedLine Malware download Amadey FTP Client Info Stealer VirusTotal Malware AutoRuns PDB suspicious privilege MachineGuid Malicious Traffic Check memory Checks debugger WMI Creates executable files RWX flags setting unpack itself Windows utilities Disables Windows Security Collect installed applications suspicious process AppData folder AntiVM_Disk WriteConsoleW VM Disk Size Check installed browsers check Kelihos Stealer Windows Update Browser ComputerName Remote Code Execution DNS Cryptographic key Software crashed Downloader 		9 3 14 3 17.8 42 ZeroCERT

161 2023-07-19 07:21 theoryabilitypro.exe  

5b4e9c25ebf1d7e5a91e85be8c2e4594


Gen1 Emotet UPX Malicious Library CAB PE64 PE File .NET EXE PE32 OS Processor Check AutoRuns PDB Check memory Checks debugger Creates executable files unpack itself Check virtual network interfaces AppData folder Tofsee Windows Remote Code Execution Cryptographic key 		2 2 4.8 M ZeroCERT

162 2023-07-19 07:34 photo113.exe  

7308bb341cd27493d2939ecbbc6c7436


Gen1 Emotet UPX Malicious Library Admin Tool (Sysinternals etc ...) Malicious Packer CAB PE File PE32 OS Processor Check DLL Browser Info Stealer RedLine Malware download Amadey FTP Client Info Stealer Malware AutoRuns PDB suspicious privilege Malicious Traffic Check memory Checks debugger WMI Creates executable files unpack itself Windows utilities Disables Windows Security Collect installed applications suspicious process AppData folder AntiVM_Disk WriteConsoleW VM Disk Size Check installed browsers check Stealer Windows Update Browser ComputerName Remote Code Execution DNS Cryptographic key Software crashed 		6 3 11 3 17.0 ZeroCERT

163 2023-07-19 07:37 lega.exe  

19771209e384f1f8e7ca013b72e0d1fe


Gen1 Emotet UPX Malicious Library Malicious Packer Admin Tool (Sysinternals etc ...) CAB PE File PE32 OS Processor Check DLL Browser Info Stealer RedLine Malware download Amadey FTP Client Info Stealer Malware AutoRuns PDB suspicious privilege MachineGuid Malicious Traffic Check memory Checks debugger WMI Creates executable files unpack itself Windows utilities Disables Windows Security Collect installed applications suspicious process AppData folder AntiVM_Disk WriteConsoleW VM Disk Size Check installed browsers check Stealer Windows Update Browser ComputerName Remote Code Execution DNS Cryptographic key Software crashed 		3 2 9 15.8 ZeroCERT

164 2023-07-24 07:42 photo170.exe  

65c0aab9f3cc5187b6d90b66fc734abc


Gen1 Emotet RedLine Infostealer RedLine stealer UPX Malicious Library Admin Tool (Sysinternals etc ...) Malicious Packer .NET framework(MSIL) Confuser .NET CAB PE File PE32 OS Processor Check DLL PE64 .NET EXE Browser Info Stealer RedLine Malware download Amadey FTP Client Info Stealer Malware AutoRuns PDB suspicious privilege MachineGuid Malicious Traffic Check memory Checks debugger WMI Creates executable files unpack itself Windows utilities Disables Windows Security Collect installed applications Check virtual network interfaces suspicious process AppData folder AntiVM_Disk WriteConsoleW VM Disk Size Check installed browsers check Kelihos Tofsee Stealer Windows Update Browser ComputerName Remote Code Execution DNS Cryptographic key Software crashed Downloader 		6 6 18 6 18.4 M ZeroCERT

165 2023-07-25 07:37 lega.exe  

0cca805bb1bb946b8683dd3cfdaed406


Gen1 Emotet UPX Malicious Library Malicious Packer Admin Tool (Sysinternals etc ...) CAB PE File PE32 OS Processor Check DLL Browser Info Stealer RedLine Malware download Amadey FTP Client Info Stealer Malware Cryptocurrency wallets Cryptocurrency AutoRuns PDB suspicious privilege MachineGuid Malicious Traffic Check memory Checks debugger buffers extracted WMI Creates executable files unpack itself Windows utilities Disables Windows Security Collect installed applications suspicious process AppData folder AntiVM_Disk sandbox evasion WriteConsoleW VM Disk Size Check installed browsers check Tofsee Ransomware Lumma Stealer Windows Update Browser ComputerName Remote Code Execution Firmware DNS Cryptographic key Software crashed 		10 6 16 18.6 ZeroCERT

keyword