Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Score	Zero	VT	Player
76	2024-06-20 17:33	lumma1906.exe 555259d9ac1f9da27667485bfc3ab9af Generic Malware Malicious Library UPX PE File PE32 OS Processor Check VirusTotal Malware unpack itself crashed				2.2		43	ZeroCERT

77	2024-06-20 09:28	UHH.txt.exe 72ffddcd4adf890a663396aaf31affc4 AgentTesla Malicious Library Malicious Packer UPX PE File OS Memory Check .NET EXE PE32 OS Name Check OS Processor Check Browser Info Stealer FTP Client Info Stealer Email Client Info Stealer Malware suspicious privilege Malicious Traffic Check memory Checks debugger buffers extracted unpack itself Check virtual network interfaces IP Check Tofsee Windows Browser Email ComputerName DNS Software crashed keylogger	2 Keyword trend analysis	4	4	7.0			ZeroCERT

78	2024-06-20 09:26	Photo.scr e16c628c4b2be310f75780fdeef94a75 PE File PE32 VirusTotal Malware				0.6		3	ZeroCERT

79	2024-06-19 21:44	Printsvc.exe f5ccac795e79c40d64e7e5a73c741785 UPX PE File PE64 OS Processor Check VirusTotal Malware unpack itself				1.0		13	guest

80	2024-06-19 19:03	svrhost.exe f5ccac795e79c40d64e7e5a73c741785 UPX PE File PE64 OS Processor Check VirusTotal Malware unpack itself				1.0		13	guest

81	2024-06-19 18:52	Printsvc.exe f5ccac795e79c40d64e7e5a73c741785 UPX PE File PE64 OS Processor Check VirusTotal Malware unpack itself				1.0		13	guest

82	2024-06-19 18:32	svrhost.exe f5ccac795e79c40d64e7e5a73c741785 UPX PE File PE64 OS Processor Check VirusTotal Malware unpack itself				1.0		13	guest

83	2024-06-19 18:17	Printsvc.exe f5ccac795e79c40d64e7e5a73c741785 UPX PE File PE64 OS Processor Check VirusTotal Malware unpack itself				1.0		13	guest

84	2024-06-19 17:17	legs.exe bbd06263062b2c536b5caacdd5f81b76 Generic Malware Malicious Library UPX PE File PE32 OS Processor Check VirusTotal Malware unpack itself DNS crashed		1	1	2.8		50	ZeroCERT

85	2024-06-19 17:15	voda.exe 61454bbf62a50d22bc3d52b44de73edd Malicious Packer UPX PE File PE32 Malware download VirusTotal Malware AutoRuns MachineGuid unpack itself Windows utilities suspicious process WriteConsoleW IP Check Tofsee Windows RisePro ComputerName DNS crashed	1 Keyword trend analysis	5	7 Info ET DROP Spamhaus DROP Listed Traffic Inbound group 23 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) ET POLICY Possible External IP Lookup Domain Observed in SNI (ipinfo. io) ET MALWARE RisePro TCP Heartbeat Packet ET MALWARE [ANY.RUN] RisePro TCP (Token) ET MALWARE [ANY.RUN] RisePro TCP (Activity) ET MALWARE [ANY.RUN] RisePro TCP (External IP)	7.8		45	ZeroCERT

86	2024-06-19 14:20	lucas.exe 6ac7718e6b8ac2b54f6ad121b1589d99 Malicious Packer Malicious Library UPX PE File .NET EXE PE32 VirusTotal Malware Check memory Checks debugger unpack itself				1.8		36	ZeroCERT

87	2024-06-19 13:37	AntiVirus.exe 6945668834c3c7223d4d98e0e89428ec Generic Malware Downloader Malicious Packer Malicious Library .NET framework(MSIL) UPX Antivirus Create Service Socket DGA Http API ScreenShot Escalate priviledges Steal credential PWS Sniff Audio HTTP DNS Code injection Internet API FTP KeyLogger P2P Ant Browser Info Stealer VirusTotal Malware Cryptocurrency wallets Cryptocurrency powershell AutoRuns suspicious privilege MachineGuid Code Injection Check memory Checks debugger Creates shortcut ICMP traffic unpack itself Windows utilities powershell.exe wrote suspicious process Ransomware Windows Browser ComputerName Cryptographic key				9.8	M	46	ZeroCERT

88	2024-06-19 10:03	csrss.exe 08475c0ab2386f3353d1c2f254a839c3 Client SW User Data Stealer Backdoor RemcosRAT browser info stealer Google Chrome User Data Downloader Malicious Packer Malicious Library Antivirus UPX Create Service Socket ScreenShot Escalate priviledges PWS Sniff Audio DNS Internet API KeyLogger AntiDe Remcos VirusTotal Malware Code Injection Malicious Traffic Check memory buffers extracted Remote Code Execution	1 Keyword trend analysis	4	1	6.0	M	40	ZeroCERT

89	2024-06-19 10:02	Rihypax_LetThereBeNightingale_... 02e07416de23472dfcc5a97ea6c94fab Generic Malware Downloader Malicious Packer Malicious Library .NET framework(MSIL) UPX Antivirus Create Service Socket DGA Http API ScreenShot Escalate priviledges Steal credential PWS Sniff Audio HTTP DNS Code injection Internet API FTP KeyLogger P2P Ant Browser Info Stealer VirusTotal Malware powershell AutoRuns suspicious privilege MachineGuid Code Injection Check memory Checks debugger Creates shortcut ICMP traffic unpack itself Windows utilities powershell.exe wrote Check virtual network interfaces suspicious process Windows Browser ComputerName DNS Cryptographic key		1		9.6	M	49	ZeroCERT

90	2024-06-19 10:01	AntiVirus4.exe 0073055ad7552b19ea9a239023318374 Malicious Packer Malicious Library Antivirus .NET framework(MSIL) UPX PE File .NET EXE PE32 OS Processor Check VirusTotal Malware Check memory Checks debugger unpack itself DNS		1		2.6	M	54	ZeroCERT