Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Score	Zero	VT	Player
1	2024-07-06 18:27	setup.exe 6b189fc6ddde33cba5c63e1dfec82b2a Malicious Library PE File PE32 VirusTotal Malware Checks debugger WMI Creates executable files RWX flags setting unpack itself Checks Bios anti-virtualization ComputerName DNS		1		5.2	M	37	ZeroCERT

2	2024-07-03 13:24	setup.exe 6a29cf171c9718d55a0b617102451f6b Malicious Library PE File PE32 Checks debugger WMI Creates executable files RWX flags setting unpack itself Checks Bios anti-virtualization ComputerName				3.6			ZeroCERT

3	2024-07-03 13:24	setup.exe 5d286a1851e49c4a21ec0178bcf8b239 Malicious Library PE File PE32 VirusTotal Malware Checks debugger WMI Creates executable files RWX flags setting unpack itself Checks Bios anti-virtualization ComputerName				4.6	M	37	ZeroCERT

4	2024-07-03 11:20	setup.exe 6a29cf171c9718d55a0b617102451f6b Malicious Library PE File PE32 Checks debugger WMI Creates executable files RWX flags setting unpack itself Checks Bios anti-virtualization ComputerName				3.6			ZeroCERT

5	2024-07-03 07:56	setup.exe 376bda749ff4727c39cbc3868b2e6477 Malicious Library PE File PE32 VirusTotal Malware Checks debugger WMI Creates executable files RWX flags setting unpack itself Checks Bios anti-virtualization ComputerName				4.6	M	37	ZeroCERT

6	2024-07-02 15:58	Content_497179.exe 52070a9adf4787ece9b80af208603030 Gen1 Generic Malware NSIS Malicious Library UPX Admin Tool (Sysinternals etc ...) Malicious Packer Anti_VM PE File PE32 OS Processor Check DLL icon BMP Format DllRegisterServer dll Lnk Format GIF Format ftp Malware suspicious privilege Malicious Traffic Check memory Checks debugger Creates shortcut Creates executable files RWX flags setting unpack itself AppData folder AntiVM_Disk sandbox evasion anti-virtualization VM Disk Size Check installed browsers check Tofsee Browser ComputerName	1 Keyword trend analysis	2	1	9.2			ZeroCERT

7	2024-07-02 15:45	Content_497179.exe 52070a9adf4787ece9b80af208603030 Generic Malware NSIS Malicious Library UPX PE File PE32 OS Processor Check DLL BMP Format Malware suspicious privilege Malicious Traffic Check memory Checks debugger Creates executable files RWX flags setting unpack itself AppData folder sandbox evasion anti-virtualization Tofsee	1 Keyword trend analysis	2	1	6.6			ZeroCERT

8	2024-06-21 07:47	setup.exe 24f3dab39795bb7a131b8f685aad74bb Generic Malware Malicious Library Antivirus AntiDebug AntiVM PE File PE32 PowerShell VirusTotal Malware powershell suspicious privilege Code Injection Check memory Checks debugger WMI Creates shortcut Creates executable files RWX flags setting unpack itself Windows utilities Disables Windows Security Checks Bios powershell.exe wrote suspicious process WriteConsoleW anti-virtualization Windows ComputerName Cryptographic key				11.6		35	ZeroCERT

9	2024-06-17 14:33	setup.exe 05ff3df4891c23297d2f683cb399f027 Generic Malware Malicious Library Antivirus AntiDebug AntiVM PE File PE32 PowerShell VirusTotal Malware powershell suspicious privilege Code Injection Check memory Checks debugger WMI Creates shortcut Creates executable files RWX flags setting unpack itself Windows utilities Disables Windows Security Checks Bios suspicious process WriteConsoleW anti-virtualization Windows ComputerName Cryptographic key				11.6		49	ZeroCERT

10	2024-06-17 13:35	setup.exe 59f7c6aba00ac82304ed8e658ff4768f Generic Malware Malicious Library Antivirus AntiDebug AntiVM PE File PE32 PowerShell VirusTotal Malware powershell suspicious privilege Code Injection Check memory Checks debugger WMI Creates shortcut Creates executable files RWX flags setting unpack itself Windows utilities Disables Windows Security Checks Bios suspicious process WriteConsoleW anti-virtualization Windows ComputerName DNS Cryptographic key		1		12.2	M	53	ZeroCERT

11	2024-06-13 10:36	setup.exe 175fcc55a11bbd0bd69c5dab9cba90c3 Generic Malware Malicious Library Antivirus AntiDebug AntiVM PE32 PE File PowerShell VirusTotal Malware powershell suspicious privilege Code Injection Check memory Checks debugger WMI Creates shortcut Creates executable files RWX flags setting unpack itself Windows utilities Disables Windows Security Checks Bios powershell.exe wrote suspicious process WriteConsoleW anti-virtualization Windows ComputerName Cryptographic key				12.0	M	32	ZeroCERT

12	2024-06-01 08:31	setup.exe 89052e2c020f8f6f5287e10d134f0bd1 Generic Malware Malicious Library Antivirus AntiDebug AntiVM PE File PE32 PowerShell VirusTotal Malware powershell suspicious privilege Code Injection Check memory Checks debugger WMI Creates shortcut Creates executable files RWX flags setting unpack itself Windows utilities Disables Windows Security Checks Bios powershell.exe wrote suspicious process WriteConsoleW anti-virtualization Windows ComputerName Cryptographic key				12.0		36	ZeroCERT

13	2024-05-31 07:47	setup.exe 08063da816c5db77ce64807c4ec2f7e8 NPKI Generic Malware Malicious Library Antivirus AntiDebug AntiVM PE File PE32 PowerShell VirusTotal Malware powershell suspicious privilege Code Injection Check memory Checks debugger WMI Creates shortcut Creates executable files RWX flags setting unpack itself Windows utilities Disables Windows Security Checks Bios powershell.exe wrote suspicious process WriteConsoleW anti-virtualization Windows ComputerName Cryptographic key				12.0	M	37	ZeroCERT

14	2024-05-20 10:32	setup.exe 5cc472dcd66120aed74de36341bfd75a Generic Malware Malicious Library Antivirus AntiDebug AntiVM PE File PE32 PowerShell VirusTotal Malware powershell suspicious privilege Code Injection Check memory Checks debugger WMI Creates shortcut Creates executable files RWX flags setting unpack itself Windows utilities Disables Windows Security Checks Bios powershell.exe wrote suspicious process WriteConsoleW anti-virtualization Windows ComputerName Cryptographic key				12.2	M	56	ZeroCERT

15	2024-03-01 12:08	setup.exe 5230cc00eecf61973aa8baf3f2a8cce6 Malicious Library PE File PE32 WMI Creates executable files RWX flags setting unpack itself Checks Bios anti-virtualization ComputerName				3.4			ZeroCERT