Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Score	Zero	VT	Player
61	2024-06-26 07:32	rise2406.exe c6c9f27d335d4e47b5ea12653e806be6 Generic Malware Malicious Library UPX PE File PE32 OS Processor Check VirusTotal Malware unpack itself WriteConsoleW crashed				2.6		56	ZeroCERT

62	2024-06-25 07:57	Main.exe 9ec7f08c85bfa1b267761f225b68ab0b Malicious Library Antivirus UPX PE File PE32 OS Processor Check VirusTotal Malware Telegram MachineGuid Malicious Traffic WMI Tofsee ComputerName DNS crashed	2 Keyword trend analysis	5	3	6.2	M	61	ZeroCERT

63	2024-06-25 07:55	288c47bbc1871b439df19ff4df68f0... ba354d029f0e09cb6b02a4c196524da4 Generic Malware Malicious Library UPX PE File .NET EXE PE32 OS Processor Check VirusTotal Malware Check memory Checks debugger Creates executable files unpack itself AppData folder				3.6		57	ZeroCERT

64	2024-06-25 07:53	chromedriver.exe 7e9e5a3bb475784e3fd62cd8ec68901b Malicious Library .NET framework(MSIL) PE File .NET EXE PE32 VirusTotal Malware Check memory Checks debugger unpack itself ComputerName				2.6	M	53	ZeroCERT

65	2024-06-25 07:52	cap.exe 22e35bea6a2653c8393db13a83b0cf97 Malicious Library PE File PE64 VirusTotal Malware Buffer PE PDB MachineGuid Check memory Checks debugger buffers extracted unpack itself crashed				3.6	M	58	ZeroCERT

66	2024-06-25 07:52	num.exe 919db35f2bf4dad6dd23e16b68dbb205 Gen1 Generic Malware Malicious Library UPX Malicious Packer Anti_VM PE File PE32 DLL OS Processor Check Browser Info Stealer Malware download FTP Client Info Stealer Vidar VirusTotal Email Client Info Stealer Malware c&c Malicious Traffic Check memory Creates executable files unpack itself Checks Bios Collect installed applications Detects VMWare sandbox evasion VMware anti-virtualization installed browsers check Stealc Stealer Windows Browser Email ComputerName Firmware DNS Software crashed plugin	8 Keyword trend analysis Info http://85.28.47.4/69934896f997d5bb/freebl3.dll http://85.28.47.4/69934896f997d5bb/nss3.dll http://85.28.47.4/69934896f997d5bb/vcruntime140.dll http://85.28.47.4/69934896f997d5bb/mozglue.dll http://85.28.47.4/69934896f997d5bb/softokn3.dll http://85.28.47.4/920475a59bac849d.php http://85.28.47.4/69934896f997d5bb/msvcp140.dll http://85.28.47.4/69934896f997d5bb/sqlite3.dll	1	15 Info ET MALWARE [SEKOIA.IO] Win32/Stealc C2 Check-in ET MALWARE Win32/Stealc Requesting browsers Config from C2 ET MALWARE Win32/Stealc Active C2 Responding with browsers Config M1 ET INFO Dotted Quad Host DLL Request ET HUNTING HTTP GET Request for freebl3.dll - Possible Infostealer Activity ET MALWARE Win32/Stealc Requesting plugins Config from C2 ET POLICY PE EXE or DLL Windows file download HTTP ET INFO Executable Retrieved With Minimal HTTP Headers - Potential Second Stage Download ET MALWARE Win32/Stealc/Vidar Stealer Active C2 Responding with plugins Config M1 ET MALWARE Win32/Stealc Submitting System Information to C2 ET HUNTING HTTP GET Request for sqlite3.dll - Possible Infostealer Activity ET HUNTING HTTP GET Request for mozglue.dll - Possible Infostealer Activity ET HUNTING HTTP GET Request for nss3.dll - Possible Infostealer Activity ET HUNTING HTTP GET Request for softokn3.dll - Possible Infostealer Activity ET HUNTING HTTP GET Request for vcruntime140.dll - Possible Infostealer Activity	11.0	M	40	ZeroCERT

67	2024-06-25 07:48	288c47bbc1871b439df19ff4df68f0... 4645adc87acf83b55edff3c5ce2fc28e Generic Malware Malicious Library UPX PE File .NET EXE PE32 OS Processor Check VirusTotal Malware Check memory Checks debugger Creates executable files unpack itself AppData folder				3.6		58	ZeroCERT

68	2024-06-24 07:48	epitheliogeneticTFr.exe 7ca21eefff568606fed91321aaa31ba2 Generic Malware Malicious Library ASPack UPX PE File PE32 OS Processor Check VirusTotal Malware Cryptocurrency wallets Cryptocurrency Check memory unpack itself ComputerName DNS		1		3.8		63	ZeroCERT

69	2024-06-24 07:35	uYtF.exe 4691a9fe21f8589b793ea16f0d1749f1 PE File PE64 VirusTotal Cryptocurrency Miner Malware Cryptocurrency DNS CoinMiner		2	2	1.4		55	ZeroCERT

70	2024-06-24 07:33	0x3fg.exe c4aeaafc0507785736e000ff7e823f5e Generic Malware Malicious Library Malicious Packer UPX PE File PE32 OS Processor Check PE64 Malware download Amadey VirusTotal Cryptocurrency Miner Malware Cryptocurrency AutoRuns Malicious Traffic Creates executable files unpack itself AppData folder suspicious TLD human activity check Windows DNS CoinMiner	2 Keyword trend analysis	4	10 Info ET DNS Query to a .top domain - Likely Hostile ET INFO HTTP Request to a .top domain ET INFO Executable Download from dotted-quad Host ET INFO Packed Executable Download ET POLICY PE EXE or DLL Windows file download HTTP ET INFO Executable Retrieved With Minimal HTTP Headers - Potential Second Stage Download ET HUNTING SUSPICIOUS Dotted Quad Host MZ Response ET MALWARE Win32/Amadey Host Fingerprint Exfil (POST) M2 ET COINMINER CoinMiner Domain in DNS Lookup (pool .hashvault .pro) ET POLICY Cryptocurrency Miner Checkin	6.8		60	ZeroCERT

71	2024-06-24 07:28	a.exe 3c7cb3033983cabd6e2fbcded29ab704 Malicious Library UPX PE File .NET EXE PE32 VirusTotal Malware PDB Check memory Checks debugger unpack itself				3.2		51	ZeroCERT

72	2024-06-21 16:42	AdBlock-1.7.5-install.exe 85a156ed1856c0eda8d7d6b60ef9ab31 Generic Malware Malicious Library UPX PE File PE64 OS Processor Check VirusTotal Malware Check memory crashed				2.2		52	ZeroCERT

73	2024-06-20 17:36	vidar1906.exe b2f5d04fc1d63f47ec7cdc2b326b7e83 Generic Malware Malicious Library UPX PE File PE32 OS Processor Check VirusTotal Malware unpack itself crashed				2.2		50	ZeroCERT

74	2024-06-20 17:36	lumma1906_2.exe f7a5c03e582fc4a5034da5fa422a0f6c Generic Malware Malicious Library UPX PE File PE32 OS Processor Check VirusTotal Malware unpack itself crashed				2.2		49	ZeroCERT

75	2024-06-20 17:33	rise1906.exe 9f7d8785aa5e359848ebe4d771f3de8d Generic Malware Malicious Library UPX PE File PE32 OS Processor Check VirusTotal Malware unpack itself crashed				2.2		47	ZeroCERT