Submissions

No Date Request Urls Hosts IDS Rule Score Zero VT Player Etc
1 2024-12-18 16:19 av.exe  

c5ca67c0bbc8b248cea971121e96e93d


Gen1 Generic Malware PhysicalDrive Downloader Malicious Library WinRAR UPX Malicious Packer Antivirus Confuser .NET Create Service Socket DGA Http API ScreenShot Escalate priviledges Steal credential PWS Sniff Audio HTTP DNS Code injection Internet API pe VirusTotal Malware powershell PDB suspicious privilege MachineGuid Code Injection Check memory Checks debugger WMI Creates shortcut Creates executable files unpack itself Windows utilities Disables Windows Security powershell.exe wrote suspicious process AppData folder WriteConsoleW installed browsers check Windows Browser ComputerName Remote Code Execution Cryptographic key crashed
15.6 40 ZeroCERT

2 2024-10-30 09:31 m.dat  

f6814a59c53218b84eb943ef07fcb74c


Gen1 XMRig Miner Generic Malware Malicious Library UPX Malicious Packer Antivirus AntiDebug AntiVM PE File PE64 OS Processor Check VirusTotal Malware AutoRuns PDB MachineGuid Code Injection Creates executable files unpack itself Windows utilities Auto service suspicious TLD WriteConsoleW Firewall state off Windows Remote Code Execution DNS
2 1 10.2 53 ZeroCERT

3 2024-10-26 11:14 random.exe  

17f5a1ae03a0ff4eb038527de02e8860


Emotet Gen1 Generic Malware Malicious Library UPX Admin Tool (Sysinternals etc ...) Malicious Packer Antivirus Anti_VM PE File PE32 OS Processor Check DLL VirusTotal Malware PDB suspicious privilege Checks debugger WMI Creates executable files unpack itself ComputerName Remote Code Execution DNS
2 7.6 39 ZeroCERT

4 2024-10-14 10:53 rbx.exe  

abfe9c702641bda679c3947a9bbde15f


Generic Malware Malicious Library WinRAR UPX .NET framework(MSIL) PE File PE64 OS Processor Check .NET EXE PE32 VirusTotal Malware PDB Check memory Checks debugger Creates executable files unpack itself AppData folder WriteConsoleW Remote Code Execution
4.0 37 ZeroCERT

5 2024-09-30 17:14 FissionBabyV242.exe  

884f0f7907c7a94130294f499bfc1775


Generic Malware Malicious Library UPX PE File PE32 OS Processor Check VirusTotal Malware PDB Check memory RWX flags setting Remote Code Execution
3.2 41 ZeroCERT

6 2024-09-20 10:39 66ec34ea3a1b3_app3454636138226...  

826eb90d730bf03e39d78daa585364bc


RedLine stealer RedLine Infostealer Generic Malware UltraVNC Malicious Library UPX Antivirus ScreenShot PWS AntiDebug AntiVM PE File PE32 OS Processor Check .NET EXE Browser Info Stealer RedLine Malware download FTP Client Info Stealer VirusTotal Malware Microsoft PDB suspicious privilege Code Injection Check memory Checks debugger buffers extracted WMI Creates executable files unpack itself Collect installed applications installed browsers check Stealer Windows Browser ComputerName Remote Code Execution DNS Cryptographic key Software crashed
2 6 15.0 46 ZeroCERT

7 2024-09-19 09:48 66e9c0921c144_111.exe#111  

837bbda2bbdf75c019f3581afb0fc9d4


RedLine stealer RedLine Infostealer Generic Malware UltraVNC Malicious Library UPX Antivirus ScreenShot PWS AntiDebug AntiVM PE File PE32 OS Processor Check .NET EXE Browser Info Stealer RedLine Malware download FTP Client Info Stealer VirusTotal Malware Microsoft PDB suspicious privilege Code Injection Check memory Checks debugger buffers extracted WMI Creates executable files unpack itself Collect installed applications installed browsers check Stealer Windows Browser ComputerName Remote Code Execution DNS Cryptographic key Software crashed
2 6 15.0 54 ZeroCERT

8 2024-09-17 13:20 66e57196bb898_111.exe#111  

b2a7b79dd7a9fe2786679a0ee2cddfa1


RedLine stealer RedLine Infostealer Generic Malware UltraVNC Malicious Library UPX Antivirus ScreenShot PWS AntiDebug AntiVM PE File PE32 OS Processor Check .NET EXE Browser Info Stealer RedLine Malware download FTP Client Info Stealer VirusTotal Malware Microsoft PDB suspicious privilege Code Injection Check memory Checks debugger buffers extracted WMI Creates executable files unpack itself Collect installed applications WriteConsoleW installed browsers check Stealer Windows Browser ComputerName Remote Code Execution DNS Cryptographic key Software crashed
2 6 15.6 54 ZeroCERT

9 2024-09-12 18:32 66e27cc59b93f_111.exe  

24fbb160ccad6b035b0ed7e1070f820f


RedLine stealer RedLine Infostealer Generic Malware UltraVNC Malicious Library UPX Antivirus ScreenShot PWS AntiDebug AntiVM PE File PE32 OS Processor Check .NET EXE Browser Info Stealer RedLine Malware download FTP Client Info Stealer VirusTotal Malware Microsoft PDB suspicious privilege Code Injection Check memory Checks debugger buffers extracted WMI Creates executable files unpack itself Collect installed applications installed browsers check Stealer Windows Browser ComputerName Remote Code Execution DNS Cryptographic key Software crashed
2 5 14.4 M 44 ZeroCERT

10 2024-09-12 18:23 66e27cc59b93f_111.exe  

24fbb160ccad6b035b0ed7e1070f820f


RedLine stealer RedLine Infostealer Generic Malware UltraVNC Malicious Library UPX Antivirus ScreenShot PWS AntiDebug AntiVM PE File PE32 OS Processor Check .NET EXE Browser Info Stealer FTP Client Info Stealer VirusTotal Malware PDB suspicious privilege Code Injection Check memory Checks debugger buffers extracted WMI Creates executable files unpack itself Collect installed applications installed browsers check Windows Browser ComputerName Remote Code Execution DNS Cryptographic key Software crashed
2 14.4 M 44 ZeroCERT

11 2024-09-11 10:25 66e08f13c7a4f_111.exe  

979d8a371c97ed8f2438e6809064dcd9


Generic Malware Suspicious_Script_Bin Malicious Library UPX Admin Tool (Sysinternals etc ...) PE File PE32 OS Processor Check VirusTotal Malware PDB suspicious privilege Code Injection Check memory Checks debugger WMI Creates executable files unpack itself Windows utilities suspicious process AppData folder WriteConsoleW Windows ComputerName Remote Code Execution
7.6 M 35 ZeroCERT

12 2024-09-11 09:58 66e095f996804_111.exe  

84696a854747864cc51653cb5d843a2a


RedLine Infostealer Generic Malware UltraVNC Suspicious_Script_Bin Downloader Malicious Library UPX Create Service Socket DGA Http API ScreenShot Escalate priviledges Steal credential PWS Hijack Network Sniff Audio HTTP DNS Code injection Internet API per Browser Info Stealer RedLine Malware download FTP Client Info Stealer VirusTotal Malware Microsoft PDB suspicious privilege Code Injection Check memory Checks debugger buffers extracted WMI Creates executable files unpack itself Windows utilities Collect installed applications suspicious process AppData folder malicious URLs WriteConsoleW installed browsers check Stealer Windows Browser ComputerName Remote Code Execution DNS Cryptographic key Software crashed
1 5 13.0 35 ZeroCERT

13 2024-09-03 08:55 x11.exe  

ba856e48421c75592a0b45953c21dd2c


Generic Malware Malicious Library WinRAR UPX Malicious Packer PE File PE32 OS Processor Check PE64 PDB Creates executable files Remote Code Execution
1.4 ZeroCERT

14 2024-08-19 14:42 rocket.exe  

2b5a2c2d70c3c5ac3a5804ca1345a694


Generic Malware Malicious Library Antivirus UPX PE File PE32 OS Processor Check VirusTotal Malware PDB unpack itself Remote Code Execution
2.4 M 16 ZeroCERT

15 2024-08-12 09:04 NamzScript.exe  

a8a06427783374441a977e9beb6560ee


Generic Malware Malicious Library WinRAR UPX .NET framework(MSIL) AntiDebug AntiVM PE File PE64 OS Processor Check .NET EXE PE32 VirusTotal Malware PDB MachineGuid Code Injection Check memory Checks debugger Creates executable files unpack itself AppData folder Remote Code Execution
6.6 M 21 ZeroCERT