Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Rule	Score	Zero	VT	Player
10111	2021-05-12 09:19	da.exe 9fdf605ce0358540d48502367e637b0a PWS .NET framework Malicious Library .NET EXE PE File PE32 VirusTotal Malware Check memory Checks debugger unpack itself Windows DNS Cryptographic key					2.8		26	ZeroCERT

10112	2021-05-12 09:19	RNtjhYOuSq68AdF.exe 97b253f75db04460e18db48d1fbe0185 AsyncRAT backdoor PWS .NET framework Malicious Library .NET EXE PE File PE32 VirusTotal Malware PDB Check memory Checks debugger unpack itself Check virtual network interfaces Windows Cryptographic key					3.2		22	ZeroCERT

10113	2021-05-11 10:59	ok.exe 36b4b412a9eec8b3081ede463ec80d05 AsyncRAT backdoor .NET EXE PE File PE32 VirusTotal Malware Check memory Checks debugger unpack itself					1.8	M	36	ZeroCERT

10114	2021-05-07 12:25	akon.exe 0690de55a2a4081dd2ebc1f658bba4da PWS .NET framework Malicious Library AntiDebug AntiVM .NET EXE PE File PE32 VirusTotal Malware PDB suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted unpack itself malicious URLs Tofsee Windows DNS Cryptographic key	2 Keyword trend analysis	2	4		10.0	M	32	ZeroCERT

10115	2021-05-07 12:23	ktrl.exe 6c77a3dc9459bf6356d08dc9d29498a6 Antivirus SMTP KeyLogger AntiDebug AntiVM .NET EXE PE File PE32 Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware powershell AutoRuns suspicious privilege Code Injection Check memory Checks debugger buffers extracted Creates shortcut unpack itself Disables Windows Security powershell.exe wrote suspicious process AppData folder WriteConsoleW Windows Browser Email ComputerName DNS Cryptographic key Software crashed keylogger					16.2	M	20	ZeroCERT

10116	2021-05-07 12:20	obi.exe 2a2ea12a3be49a9237c9fcd2094f5ea9 Malicious Packer .NET EXE PE File PE32 VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger unpack itself DNS					5.6	M	27	ZeroCERT

10117	2021-05-07 11:45	ster.exe 5cef87c65c9a2545eb8c9151a5fa1e1d PE64 OS Processor Check PE File VirusTotal Malware ComputerName					1.6	M	13	ZeroCERT

10118	2021-05-07 11:43	o2.exe 5f1de1b48258ba6f813ceda56967aa7c Antivirus SMTP KeyLogger AntiDebug AntiVM .NET EXE PE File PE32 Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware powershell AutoRuns suspicious privilege Code Injection Check memory Checks debugger buffers extracted Creates shortcut unpack itself Disables Windows Security powershell.exe wrote suspicious process WriteConsoleW Windows Browser Email ComputerName Cryptographic key Software crashed keylogger					15.8	M	20	ZeroCERT

10119	2021-05-07 11:39	shakix.exe 52289e533348a695d881c6df2d895f5e AsyncRAT backdoor PWS .NET framework Malicious Packer AntiDebug AntiVM .NET EXE PE File PE32 FormBook Malware download VirusTotal Malware suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted unpack itself DNS	3 Keyword trend analysis Info http://www.songlautramtuoii.online/ot8m/?jL04lx=hlO6KFEr2r7qnFraUvvFUKAyhetrIIx2KuYJyx3bWB4eldvIKfxiKjTklgJdTBMxBekRJB0Q&J2JDYB=9rq8dVhp1hk http://www.tutormenu.com/ot8m/?jL04lx=g8cv0xR7y4pLfuFFpYeFZV+iqXO0L9iKvg1J1UlmtFW0Ap3F99BbST2Gi4J9oY96SsViaqCU&J2JDYB=9rq8dVhp1hk http://www.conciergedoctx.com/ot8m/?jL04lx=Rmy3N+wlsRdc90DKYlbpEySH7ThpQk5pvEca9UocKjs4Ay+6v+slbSS77FUJSyocKPIUdUnf&J2JDYB=9rq8dVhp1hk	6	1		9.6		21	ZeroCERT

10120	2021-05-07 11:38	gjfUcq8ScvVw2L9.exe 2f3b713208e4529613738cb2a4aee54f PWS .NET framework Malicious Library .NET EXE PE File PE32 VirusTotal Malware PDB suspicious privilege Code Injection Check memory Checks debugger unpack itself Windows utilities suspicious process WriteConsoleW Windows ComputerName Cryptographic key					7.2		26	ZeroCERT

10121	2021-05-07 11:36	terd.exe 4cca9a1ec4b92df89a8bc992a6ba961f PE64 PE File VirusTotal Malware unpack itself ComputerName DNS					3.0		16	ZeroCERT

10122	2021-05-07 11:34	pCt29lTpXMToITU.exe 75a979bb75fc8fc7d37925ae786ea658 PWS .NET framework Malicious Library SMTP KeyLogger AntiDebug AntiVM .NET EXE PE File PE32 VirusTotal Malware PDB suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself Windows utilities suspicious process WriteConsoleW Windows ComputerName DNS Cryptographic key crashed					11.8		29	ZeroCERT

10123	2021-05-06 18:08	kizito.exe 0282fb6d3422cdebf88ba2d9ce0831af PWS .NET framework Malicious Library AntiDebug AntiVM .NET EXE PE File PE32 VirusTotal Malware PDB suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself malicious URLs Windows DNS Cryptographic key					8.8		39	ZeroCERT

10124	2021-05-06 14:16	so.exe 5551346aa9f251895021b95a2a7cc390 AsyncRAT backdoor PWS .NET framework Malicious Library .NET EXE PE File PE32 VirusTotal Malware Check memory Checks debugger unpack itself Windows Cryptographic key					3.6	M	42	ZeroCERT

10125	2021-05-06 11:34	waads.exe 72e4f355907b6c91e6f8508d102bd896 Malicious Library PE File PE32 VirusTotal Malware RWX flags setting unpack itself ComputerName DNS	2 Keyword trend analysis	1		2	3.8	M	53	r0d