Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	Rule	Score	Zero	VT	Player
1	2021-07-15 10:46	ee.exe 7fa7ddc6957d2b24810e70ea30f7ca12 PWS .NET framework Generic Malware Admin Tool (Sysinternals etc ...) AntiDebug AntiVM PE32 PE File .NET EXE VirusTotal Malware suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted unpack itself Windows DNS Cryptographic key	3 Keyword trend analysis Info http://www.pvj2019.com/bsdd/?ofrLp=qs3RZSX3rvVNtiBHpfYUl9EI97y+R4QIxAS6B4CUD5yxH0qyUw/bf6FdrR7yHxdc6ARoeO06&1bw=L6AdjD8HtbAPoXK0 http://www.spinozone.com/bsdd/?ofrLp=wKFuFBUmkFlq3cmGTOvg7BHSlGNnAbWulbUidAyrto4M17w7HJ24MBv0JTojToLONTTkfCJP&1bw=L6AdjD8HtbAPoXK0 http://www.avxrja.online/bsdd/?ofrLp=yfEHqAcgt7rxCVuuJXACbU7UrRlbrP06mrm4Odqj8j+Usq43ag+ep0r75c/W67nhYEF3s8ao&1bw=L6AdjD8HtbAPoXK0	7		8.8		26	ZeroCERT

2	2021-07-15 10:44	sam.exe 54da6f0e11090728404d0f9807ef3674 PWS .NET framework Generic Malware Admin Tool (Sysinternals etc ...) AntiDebug AntiVM PE32 PE File .NET EXE VirusTotal Malware suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted ICMP traffic unpack itself Windows Cryptographic key	10 Keyword trend analysis Info http://www.innercritictypes.com/uoe8/?Ezu=O21M2FYy2dlMOkCvFyQcwzLn3QEPeqHgQrfKHRI9jw0Ah0TH1lBJi6Gr9K83sGcpR3T5fZkw&q48=Gbt4axj8p http://www.keydefi.com/uoe8/ http://www.bsbgraphic.com/uoe8/ http://www.keydefi.com/uoe8/?Ezu=fjN3+DCycbloadR1JYSjLl4NMX1BWoGvuTOGO0r7qvHasgjoKS6DLTuYNEAj5O9YQwFgCvIr&q48=Gbt4axj8p http://www.swashbug.com/uoe8/?Ezu=jbWl/12LOy/8QMol1vq5On9CelmHmR3hJriw/uowHAcnrTs+PcPuE1M21NVN5bXc/q7xGzNj&q48=Gbt4axj8p - rule_id: 846 http://www.hispekdiamond.com/uoe8/ http://www.innercritictypes.com/uoe8/ http://www.swashbug.com/uoe8/ - rule_id: 846 http://www.bsbgraphic.com/uoe8/?Ezu=IJxsArLTGRxQO+Zr9zHYqepX+MoX/vO+JUx3UoPYs759hqCLjrrubWv7+QNEl9ZR5rIOa5eQ&q48=Gbt4axj8p http://www.hispekdiamond.com/uoe8/?Ezu=UhlVi8jJ/XJooZrGm3lJbnFIbsRb97T5i2H1SjZUz4bfHF7iwjurNO0mfht8QkZ52GR+ypPo&q48=Gbt4axj8p	12 Info www.swashbug.com(169.1.24.244) www.rangamaty.com(54.39.133.15) www.innercritictypes.com(34.102.136.180) www.keydefi.com(88.214.207.96) www.bsbgraphic.com(185.10.75.4) www.hispekdiamond.com(213.171.195.105) 185.10.75.4 - mailcious 34.102.136.180 - mailcious 54.39.133.15 - mailcious 88.214.207.96 - mailcious 213.171.195.105 169.1.24.244 - mailcious	2	9.4	M	22	ZeroCERT

3	2021-07-15 10:30	kn.exe bf27c89acbd897d3a37e415cf7b69ee2 PWS .NET framework Generic Malware Admin Tool (Sysinternals etc ...) AntiDebug AntiVM PE32 PE File .NET EXE VirusTotal Malware suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted ICMP traffic unpack itself Windows Cryptographic key	2 Keyword trend analysis	4		9.0		22	ZeroCERT

4	2021-07-15 10:26	cas.exe 4d80ba34b2d38dd92c36bb9b2057f890 PWS .NET framework Generic Malware Admin Tool (Sysinternals etc ...) AntiDebug AntiVM PE32 PE File .NET EXE VirusTotal Malware suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted unpack itself Windows Cryptographic key	2 Keyword trend analysis	4		8.2		23	ZeroCERT

5	2021-07-14 09:32	e.exe 0fb4bef5bfdb5947554383953592c43a PWS .NET framework Generic Malware UPX Admin Tool (Sysinternals etc ...) PE32 PE File .NET EXE VirusTotal Malware Check memory Checks debugger unpack itself crashed				2.2		29	ZeroCERT

6	2021-07-14 09:32	s.exe 4423e21c9805c1ff805abf4a2bf3c12e PWS .NET framework RAT Generic Malware Admin Tool (Sysinternals etc ...) PE32 PE File .NET EXE VirusTotal Malware Check memory Checks debugger unpack itself Windows ComputerName Cryptographic key				2.4		23	ZeroCERT

7	2021-07-14 09:30	v.exe f4f4c4e3afea48dcd636e5d8b1c08703 PWS .NET framework Generic Malware Admin Tool (Sysinternals etc ...) PE32 PE File .NET EXE VirusTotal Malware Check memory Checks debugger unpack itself Windows ComputerName Cryptographic key				2.4		23	ZeroCERT

8	2021-07-14 08:59	f.exe a67a535b7b1bee678d18f80da48bfcb7 PWS .NET framework RAT Generic Malware Admin Tool (Sysinternals etc ...) PE32 PE File .NET EXE VirusTotal Malware Check memory Checks debugger unpack itself				1.8		17	ZeroCERT

9	2021-07-07 07:54	wir.exe c71f136a10c7c2f067f0a551a48f8ff6 PWS .NET framework RAT Generic Malware Admin Tool (Sysinternals etc ...) AntiDebug AntiVM PE File .NET EXE PE32 VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself Windows DNS Cryptographic key				8.2	M	33	ZeroCERT

10	2021-07-07 07:50	ty.exe 3ecdafd3c19efbfc4f06d5d2aefd02b8 PWS .NET framework RAT Generic Malware Admin Tool (Sysinternals etc ...) PE File .NET EXE PE32 VirusTotal Malware Check memory Checks debugger unpack itself				2.2		31	ZeroCERT

11	2021-07-07 07:47	vnn.exe 1b415a56616a9f7c2e37fc2ce570664f PWS .NET framework RAT Generic Malware Admin Tool (Sysinternals etc ...) AntiDebug AntiVM PE File .NET EXE PE32 VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself Windows DNS Cryptographic key				8.0		28	ZeroCERT

12	2021-07-07 07:45	azz.exe 00001effb01cec7a867b5ccae0325fe1 PWS .NET framework RAT Generic Malware Admin Tool (Sysinternals etc ...) PE File .NET EXE PE32 VirusTotal Malware Check memory Checks debugger unpack itself				1.8		17	ZeroCERT