Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Score	Zero	VT	Player
106	2022-09-03 12:57	making-it-in-the-mar_9x1mHp3G.... f5329603a841619f5d79094b24c76bd1 Emotet Gen1 UPX Confuser .NET Malicious Library ASPack PE32 PE File PE64 OS Processor Check DLL VirusTotal Malware Check memory Checks debugger Creates executable files unpack itself Windows utilities suspicious process AppData folder WriteConsoleW Windows ComputerName crashed				4.6		4	guest

107	2022-08-29 18:17	174.exe dd63cc34192462ccbcdf6182c54756fc Emotet UPX Malicious Library PE32 PE File VirusTotal Malware Malicious Traffic Tofsee ComputerName DNS	1 Keyword trend analysis	3	1	2.8	M	23	ZeroCERT

108	2022-05-23 07:43	yyy.exe 9f031a71a8f4dedaff85f360942cd0b7 RAT Formbook UPX Malicious Library ASPack AntiDebug AntiVM PE32 .NET EXE PE File OS Processor Check FormBook Malware download VirusTotal Malware suspicious privilege Malicious Traffic unpack itself Windows utilities WriteConsoleW Windows DNS	2 Keyword trend analysis	6	4	5.2	M	36	ZeroCERT

109	2022-03-10 15:24	1058_1646243983_1339.exe 0fc132aa72e2b85b0cecc8037c224f81 task schedule Admin Tool (Sysinternals etc ...) UPX Create Service DGA Socket Http API DNS Internet API Code injection Sniff Audio HTTP KeyLogger FTP Escalate priviledges P2P Steal credential Downloader ScreenShot AntiDebug AntiVM PE File .NET EXE PE32 VirusTotal Malware AutoRuns suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself Windows utilities suspicious process AppData folder WriteConsoleW Windows ComputerName Cryptographic key				12.8	M	46	ZeroCERT

110	2022-03-10 10:04	8881_1645494665_4277.exe 602205aba3faa10df5a2fffca43cfc7f RAT PE File .NET EXE PE32 VirusTotal Malware MachineGuid Malicious Traffic Check memory Checks debugger buffers extracted unpack itself Check virtual network interfaces Tofsee	1 Keyword trend analysis	2	1	3.8	M	42	ZeroCERT

111	2022-01-19 11:35	DriversFix_Setup.exe e345d89e01136e84982a83abc00fb362 Emotet Gen1 Generic Malware Malicious Library UPX PE File PE32 .NET DLL DLL .NET EXE OS Processor Check PE64 GIF Format VirusTotal Malware AutoRuns suspicious privilege MachineGuid Check memory Checks debugger Creates shortcut Creates executable files unpack itself AppData folder AntiVM_Disk VM Disk Size Check human activity check Windows ComputerName				6.4	M	36	ZeroCERT

112	2021-12-22 11:11	cyz1qjhkwya.exe 24d7b3e065cb0570a44a101641acd8b4 RedLine stealer[m] Emotet VMProtect Malicious Library AntiDebug AntiVM PE File PE32 Browser Info Stealer FTP Client Info Stealer VirusTotal Malware Buffer PE suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself Collect installed applications installed browsers check Windows Browser ComputerName DNS Cryptographic key Software crashed		1		11.2	M	24	ZeroCERT

113	2021-11-04 15:18	setup.exe bab66a1efbd3c6e65c5a6e01deea8367 Emotet Gen2 Formbook RAT PWS .NET framework Gen1 Eredel Stealer Extended njRAT backdoor Loki[b] Loki.m Generic Malware Malicious Library UPX Malicious Packer ASPack Admin Tool (Sysinternals etc ...) PE File PE32 DLL OS Processor Check MSOffice File PE Malware download VirusTotal Malware Buffer PE suspicious privilege Check memory Checks debugger buffers extracted Creates executable files unpack itself Check virtual network interfaces AppData folder AntiVM_Disk sandbox evasion VM Disk Size Check Tofsee Windows ComputerName DNS Cryptographic key crashed	18 Keyword trend analysis Info http://crl.microsoft.com/pki/crl/products/MicTimStaPCA_2010-07-01.crl http://crl.microsoft.com/pki/crl/products/MicCodSigPCA_08-31-2010.crl http://go.microsoft.com/fwlink/?prd=11324&pver=netfx&sbp=Net472Rel1&plcid=0x409&clcid=0x409&ar=03062.00&sar=amd64&o1=netfx_Full_x64.msi http://go.microsoft.com/fwlink/?prd=11324&pver=netfx&sbp=Net472Rel1&plcid=0x409&clcid=0x409&ar=03062.00&sar=amd64&o1=netfx_Full.mzz http://go.microsoft.com/fwlink/?LinkId=862008 http://crl.microsoft.com/pki/crl/products/microsoftrootcert.crl http://crl.microsoft.com/pki/crl/products/MicrosoftTimeStampPCA.crl http://www.microsoft.com/pkiops/crl/MicCodSigPCA2011_2011-07-08.crl http://go.microsoft.com/fwlink/?LinkId=249120&clcid=0x409 http://crl.microsoft.com/pki/crl/products/MicRooCerAut2011_2011_03_22.crl http://indug.com/68.exe http://crl.microsoft.com/pki/crl/products/MicRooCerAut_2010-06-23.crl http://go.microsoft.com/fwlink/?prd=11324&pver=netfx&sbp=Net472Rel1&plcid=0x409&clcid=0x409&ar=03081.00&sar=amd64&o1=netfx_Patch_x64.msp https://download.visualstudio.microsoft.com/download/pr/375f6a02-34bc-4b7d-ad8b-957789cf81e8/e4abafc291524af6e2b478f5d4857f0a/netfx_full_x64.msi https://download.visualstudio.microsoft.com/download/pr/887938c3-2a46-4069-a0b1-207035f1dd82/61ef25faf2ae00460f6a77e29327699a/netfx_patch_x64.msp https://download.visualstudio.microsoft.com/download/pr/887938c3-2a46-4069-a0b1-207035f1dd82/f0771dabc43ba46cfe9e3481840a7944/windows6.1-kb4019990-x64.cab https://download.visualstudio.microsoft.com/download/pr/7db06743-abf0-4a85-a9d3-5af54b6cabcc/cc8282475d16202c4dca707e83cf0ae0/netfx_full_x64.msi https://download.microsoft.com/download/b/9/5/b95136c0-58a0-48df-821a-d05319a86852/enu_NETFX/amd64_netfx_full_mzz/netfx_full_cab.exe	11	5	10.2		6	ZeroCERT

114	2021-11-04 14:55	setup.exe 3329dc6e93761fd9597063f368ea952c Emotet RAT Gen1 Malicious Library UPX PE File PE32 PE64 DLL OS Processor Check Malware download VirusTotal Malware Check memory Checks debugger Creates executable files unpack itself AppData folder Windows ComputerName DNS crashed	1 Keyword trend analysis	3	4	6.2		17	ZeroCERT

115	2021-10-12 10:16	%E5%88%9D%E5%A6%86%E5%8A%A9%E6... 5019b4c4d5e6b67a826897bff52a0d23 Emotet Generic Malware Malicious Library Malicious Packer UPX PE File PE32 OS Processor Check PE64 VirusTotal Malware Checks debugger unpack itself AppData folder DNS		1		2.8	M	14	ZeroCERT

116	2021-10-07 18:14	CalcCryptoInstalww.exe 86a1c8f0737fc82085f4a859733c9514 Emotet RAT Gen1 Generic Malware Themida Packer Malicious Library UPX Antivirus PE File PE32 OS Processor Check .NET EXE GIF Format PE64 Browser Info Stealer FTP Client Info Stealer VirusTotal Malware powershell suspicious privilege Malicious Traffic Check memory Checks debugger buffers extracted Creates shortcut Creates executable files ICMP traffic unpack itself Windows utilities Checks Bios Collect installed applications Detects VMWare powershell.exe wrote Check virtual network interfaces suspicious process AppData folder AntiVM_Disk WriteConsoleW VMware anti-virtualization VM Disk Size Check installed browsers check Windows Browser ComputerName Firmware DNS Cryptographic key Software crashed	3 Keyword trend analysis	6	1	13.6	M	8	ZeroCERT

117	2021-10-07 11:05	mtz_ami_vyber.exe b9b0a03d3102e82d508253665b5c1ccd Emotet RAT Gen1 Malicious Library UPX PE File PE32 OS Processor Check PE64 VirusTotal Malware Check memory Checks debugger unpack itself AppData folder AntiVM_Disk VM Disk Size Check human activity check ComputerName				3.4		11	ZeroCERT

118	2021-09-20 09:45	76.exe cbf7ac18207051de82560b4621f7905f Emotet RAT Gen1 UPX Malicious Library PE File PE32 PE64 DLL OS Processor Check Malware download VirusTotal Malware Check memory Checks debugger Creates executable files unpack itself AppData folder crashed	1 Keyword trend analysis	2	1	3.8	M	5	ZeroCERT

119	2021-08-27 15:31	68.exe c67c410c4be756c6bf3b0995f4fbb283 Emotet RAT Gen1 Malicious Library UPX PE File PE32 PE64 DLL OS Processor Check Malware download VirusTotal Malware Check memory Checks debugger Creates executable files unpack itself AppData folder AntiVM_Disk VM Disk Size Check ComputerName crashed	1 Keyword trend analysis	2	1	4.4		7	ZeroCERT

120	2021-08-19 14:49	Setup.exe 2f32cfb886b28c28958054d20060e56c Emotet Gen1 Generic Malware UPX Malicious Library PE File PE32 OS Processor Check PE64 DLL Check memory Checks debugger Creates executable files unpack itself AppData folder				2.2			Kim.GS