Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Score	Zero	VT	Player
1	2024-08-08 14:07	Dropper.exe 5341c5bb13ae2b2753b2fdadcf93aa51 Generic Malware Malicious Library Malicious Packer UPX PE File PE64 OS Processor Check VirusTotal Malware PDB crashed				1.6	M	32	ZeroCERT

2	2024-02-07 15:58	AnyDesk_setup.exe 75eecc3a8b215c465f541643e9c4f484 UPX PE32 PE File VirusTotal Malware PDB Check memory WMI unpack itself Check virtual network interfaces sandbox evasion anti-virtualization ComputerName Software AnyDesk		2	1	5.4		2	ZeroCERT

3	2024-02-06 13:24	bitch.exe a21768190f3b9feae33aaef660cb7a83 UPX PE32 PE File PDB Check memory WMI unpack itself Check virtual network interfaces sandbox evasion anti-virtualization ComputerName Software AnyDesk		3	1	5.0			ZeroCERT

4	2023-07-16 11:14	file.exe 0644a6d1a7994445f05f3d4e20e82140 Themida Packer Generic Malware Anti_VM .NET EXE PE File PE32 VirusTotal Malware Check memory Checks debugger unpack itself Checks Bios Detects VMWare VMware anti-virtualization Windows Firmware DNS Cryptographic key crashed		1		7.2		39	ZeroCERT

5	2023-03-15 16:35	AnyDesk.exe 33614c059849aaeacaa68422b11a9795 Gen2 Emotet Generic Malware UPX Malicious Library Malicious Packer ASPack Antivirus OS Processor Check CAB MSOffice File PE32 PE File VirusTotal Malware Check memory unpack itself WriteConsoleW Windows Remote Code Execution Cryptographic key				2.6		36	ZeroCERT

6	2022-12-12 11:18	AnyDesk.exe d332cf184ac8335d2c3581a48ee0ad87 Emotet NPKI RAT Gen2 PWS Loki[b] Loki.m Generic Malware ASPack UPX Antivirus Malicious Library Malicious Packer Socket AntiDebug AntiVM PE32 PE File JPEG Format .NET EXE OS Processor Check PE64 DLL Malware download Amadey FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware AutoRuns suspicious privilege MachineGuid Code Injection Malicious Traffic Check memory Checks debugger buffers extracted Creates shortcut Creates executable files unpack itself Windows utilities suspicious process AppData folder WriteConsoleW Windows Email ComputerName DNS Cryptographic key Software Botnet	7 Keyword trend analysis Info http://45.89.255.250:8080/explorer.exe http://SmgqNt3EIxXkSAsU.xyz/jg94cVd30f/Plugins/cred64.dll http://SmgqNt3EIxXkSAsU.xyz/jg94cVd30f/index.php http://SmgqNt3EIxXkSAsU.xyz/jg94cVd30f/index.php?scr=1 http://45.89.255.250:8080/TeamViewer_Desktop.exe http://45.89.255.250:8080/LanguageTool.exe http://45.89.255.250:8080/TeamViewerSetupx64.exe	9	8 Info ET MALWARE Amadey CnC Check-In ET INFO Executable Download from dotted-quad Host ET POLICY PE EXE or DLL Windows file download HTTP ET INFO Executable Retrieved With Minimal HTTP Headers - Potential Second Stage Download ET HUNTING SUSPICIOUS Dotted Quad Host MZ Response ET HUNTING Suspicious explorer.exe in URI ET MALWARE [PTsecurity] Botnet Nitol.B Checkin ET MALWARE Win32/Nitol.A Checkin	20.4		44	ZeroCERT

7	2022-12-09 15:11	vbc.exe f9cab82b8a981cd57613abc014237491 PWS[m] PWS Loki[b] Loki.m RAT Generic Malware Antivirus DNS AntiDebug AntiVM PE32 .NET EXE PE File Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware AutoRuns suspicious privilege MachineGuid Code Injection Malicious Traffic Check memory Checks debugger buffers extracted Creates shortcut unpack itself Check virtual network interfaces suspicious process malicious URLs AntiVM_Disk VM Disk Size Check installed browsers check Windows Browser Email ComputerName DNS Cryptographic key Software	2 Keyword trend analysis	4	1	17.2		29	ZeroCERT

8	2022-12-09 15:11	vbc.exe 9a71a69f66b67df8a4d5a849b3832986 RAT Generic Malware Antivirus AntiDebug AntiVM PE32 .NET EXE PE File VirusTotal Malware powershell AutoRuns suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted Creates shortcut unpack itself powershell.exe wrote Check virtual network interfaces suspicious process Windows ComputerName Cryptographic key	1 Keyword trend analysis	2		11.8		40	ZeroCERT

9	2022-12-02 10:36	vbc.exe 97ff652d7a6d48be8416e8dd12a916ae AgentTesla PWS[m] RAT browser info stealer Generic Malware Google Chrome User Data Downloader UPX Antivirus Create Service Socket DNS Internet API Sniff Audio KeyLogger Escalate priviledges AntiDebug AntiVM PE32 .NET EXE PE File Remcos VirusTotal Malware powershell AutoRuns suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted Creates shortcut unpack itself powershell.exe wrote suspicious process malicious URLs Windows ComputerName DNS Cryptographic key keylogger	1 Keyword trend analysis	3	1	14.8	M	43	ZeroCERT

10	2022-12-02 10:02	vbc.exe d8a85458d95c57635b4f1fb0f6675061 AgentTesla PWS[m] RAT browser info stealer Generic Malware Google Chrome User Data Downloader UPX Antivirus Create Service Socket DNS Internet API Sniff Audio KeyLogger Escalate priviledges AntiDebug AntiVM PE32 .NET EXE PE File Remcos VirusTotal Malware powershell suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted Creates shortcut unpack itself powershell.exe wrote suspicious process malicious URLs Windows ComputerName DNS Cryptographic key DDNS keylogger	1 Keyword trend analysis	4	2	13.0	M	45	ZeroCERT

11	2022-08-27 19:00	vbc.exe 454c73310b8ffa6f3256bc960f74aa27 AgentTesla PWS[m] RAT browser info stealer Generic Malware Google Chrome User Data Downloader Antivirus Create Service Socket DNS Internet API Sniff Audio KeyLogger Escalate priviledges AntiDebug AntiVM PE32 PE File .NET EXE Remcos VirusTotal Malware Buffer PE PDB suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted Creates shortcut unpack itself suspicious process Windows ComputerName Cryptographic key	1 Keyword trend analysis	4	1	10.4	M	22	ZeroCERT

12	2022-06-29 09:58	vbc.exe 73b5289fc49f96d2e9a4af6c1fb28809 RAT PE32 .NET EXE PE File VirusTotal Malware Check memory Checks debugger unpack itself Check virtual network interfaces Tofsee		2	1	1.8	M	16	ZeroCERT

13	2022-06-24 16:08	Uzcunfom.exe 200d3d609f7e8c1aa9ae0bc4a36d1434 PWS[m] RAT PWS .NET framework SMTP KeyLogger AntiDebug AntiVM PE32 .NET EXE PE File Browser Info Stealer VirusTotal Email Client Info Stealer Malware suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted unpack itself Check virtual network interfaces Windows Browser Email ComputerName DNS Cryptographic key crashed	1 Keyword trend analysis	1		11.8		44	ZeroCERT

14	2022-06-20 10:16	Eiybe.exe 3c5c55c6916b2ae96180c29468acefce RAT Generic Malware Antivirus PE32 .NET EXE PE File VirusTotal Malware powershell suspicious privilege Check memory Checks debugger Creates shortcut unpack itself powershell.exe wrote Check virtual network interfaces suspicious process Windows ComputerName Cryptographic key		2		6.2	M	36	ZeroCERT

15	2022-05-16 17:56	Odczmla.exe d9e209df65703fe2e2cf87595101519e RAT PE32 .NET EXE PE File VirusTotal Malware Check memory Checks debugger unpack itself ComputerName				2.2	M	41	ZeroCERT