Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Score	Zero	VT	Player
10186	2021-05-20 09:42	cniuz61gAcm2VtT.exe f67d76897ad903441551d14d51df22df PWS .NET framework Malicious Library .NET EXE PE File PE32 VirusTotal Malware Check memory Checks debugger unpack itself Windows Cryptographic key				2.2		22	ZeroCERT

10187	2021-05-20 09:40	rets.exe c344e0908b85d5fda0f5c51e815d977e PE64 PE File OS Processor Check VirusTotal Malware unpack itself ComputerName				1.8		6	ZeroCERT

10188	2021-05-20 09:38	8R9GcHQ9fBwo0Wz.exe db698aae915f80b58a86503167e59976 AgentTesla PWS .NET framework browser info stealer Malicious Library Google Chrome User Data DGA DNS Socket Create Service Sniff Audio HTTP Escalate priviledges KeyLogger FTP Code injection Http API Internet API Steal credential ScreenShot Downloader P2P VirusTotal Malware Buffer PE AutoRuns Code Injection Check memory Checks debugger buffers extracted Creates executable files unpack itself Windows utilities WriteConsoleW Windows DNS Cryptographic key				10.2	M	31	ZeroCERT

10189	2021-05-20 09:38	5.exe 9e0637d40ac3dfd9fed6e63763394d96 Gen1 Gen2 PE File OS Processor Check PE32 DLL JPEG Format VirusTotal Email Client Info Stealer Malware MachineGuid Malicious Traffic Check memory buffers extracted Creates executable files unpack itself Windows utilities Collect installed applications suspicious process AppData folder AntiVM_Disk VM Disk Size Check installed browsers check Tofsee Ransomware Windows Browser Email ComputerName DNS	4 Keyword trend analysis	3	4	9.2		46	ZeroCERT

10190	2021-05-20 09:38	orgload.exe 5215dde464e1fbadbe4e7a59927a73b4 Malicious Library AntiDebug AntiVM .NET EXE PE File PE32 VirusTotal Malware PDB suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself Windows utilities AppData folder Windows				10.4		14	ZeroCERT

10191	2021-05-20 09:36	kn.exe 6c92e49ac1316c25830ae5d1ece9789c DNS AntiDebug AntiVM .NET EXE PE File PE32 Buffer PE suspicious privilege MachineGuid Code Injection Check memory Checks debugger buffers extracted unpack itself Windows utilities suspicious process WriteConsoleW human activity check Windows ComputerName DNS DDNS		2		13.0	M		ZeroCERT

10192	2021-05-20 09:33	FD1.exe 36f95f7e28e486ef9f48990e23a71ab0 Gen2 PE64 PE File OS Processor Check VirusTotal Malware PDB RWX flags setting unpack itself DNS crashed				2.8		5	ZeroCERT

10193	2021-05-20 09:28	n8wwj8ZL6Q34VkW.exe c2eed737336b1194cd3297da7dee1128 PWS .NET framework Malicious Library .NET EXE PE File PE32 VirusTotal Malware Check memory Checks debugger unpack itself Windows DNS Cryptographic key				3.0	M	32	ZeroCERT

10194	2021-05-19 13:54	GP_F.exe 024e33b8a7f7c5a5791d00422ed4a21a PE File PE32 VirusTotal Malware unpack itself Checks Bios Detects VirtualBox Detects VMWare VMware anti-virtualization Windows Firmware DNS crashed		1		6.8	M	32	ZeroCERT

10195	2021-05-19 13:45	1.exe 296546fc0093734f42dfa96729643b86 Anti_VM .NET EXE PE File PE32 Browser Info Stealer FTP Client Info Stealer VirusTotal Malware suspicious privilege Malicious Traffic Check memory Checks debugger buffers extracted unpack itself Checks Bios Collect installed applications Detects VMWare Check virtual network interfaces VMware anti-virtualization installed browsers check Tofsee Windows Browser ComputerName Firmware DNS Cryptographic key Software crashed	2 Keyword trend analysis	3	2	10.0	M	28	ZeroCERT

10196	2021-05-19 13:31	paypal.exe c436b9b71dd9f9bd7872f288fd632fb8 AsyncRAT backdoor .NET EXE PE File PE32 VirusTotal Malware suspicious privilege Check memory Checks debugger unpack itself ComputerName crashed				3.2	M	37	ZeroCERT

10197	2021-05-19 13:30	FT_F.exe b423749c0dbdc698c0af44114a76a36d Gen1 Gen2 Anti_VM PE File PE32 DLL OS Processor Check Browser Info Stealer Malware download FTP Client Info Stealer Azorult VirusTotal Email Client Info Stealer Malware Cryptocurrency wallets Cryptocurrency MachineGuid Malicious Traffic Check memory Creates executable files unpack itself Checks Bios Collect installed applications Detects VirtualBox Detects VMWare AppData folder sandbox evasion VMware anti-virtualization installed browsers check Ransomware Windows Browser Email ComputerName Firmware DNS DDNS Software crashed	1 Keyword trend analysis	2	2	14.4	M	30	ZeroCERT

10198	2021-05-19 13:26	wpp.exe 055c79de6e3f255beade0b35a0a2cd17 PE64 PE File OS Processor Check VirusTotal Malware PDB RWX flags setting unpack itself crashed				2.0		9	ZeroCERT

10199	2021-05-18 17:37	Optimize.facebook.ads.exe a5292f2ae50ae5ca63dd1ae659548c28 Generic Malware PE File OS Processor Check PE32 VirusTotal Malware unpack itself crashed				2.2	M	35	r0d

10200	2021-05-18 16:20	27364cdfec04f571117b8425e85134... a1acc4e7065d4eb28cdf9e85973cba16 Generic Malware PE File OS Processor Check PE32 PE64 DLL GIF Format VirusTotal Malware MachineGuid Malicious Traffic Check memory Checks debugger buffers extracted Creates shortcut Creates executable files ICMP traffic unpack itself AppData folder AntiVM_Disk sandbox evasion IP Check VM Disk Size Check	3 Keyword trend analysis	8	1	8.4	M	37	r0d