Submissions

No Date Request Urls Hosts IDS Rule Score Zero VT Player Etc
1 2024-11-26 14:14 TikTok18.exe  

602876c49237a426d0e27ea8e6b1e0d6


Emotet Gen1 Malicious Library UPX PE64 CAB PE File VirusTotal Malware AutoRuns PDB Check memory Checks debugger Creates executable files unpack itself Windows Remote Code Execution crashed
3.4 14 ZeroCERT

2 2024-11-08 17:14 hell9o.exe  

2e933118fecbaf64bbd76514c47a2164


Emotet Gen1 Malicious Library UPX PE File PE64 CAB VirusTotal Malware AutoRuns PDB Creates executable files Windows utilities WriteConsoleW Windows Remote Code Execution
3.6 44 ZeroCERT

3 2024-11-08 17:06 Setup%20Ms%20P-1A.EXE  

a49ec3d87bfccda0f6bbd0370fcb6278


Emotet Gen1 Malicious Library UPX PE File PE64 CAB VirusTotal Malware PDB Checks debugger Remote Code Execution
2.2 43 ZeroCERT

4 2024-11-08 17:03 loader.exe  

dd4f9e2e3a884356b781bc7085c81fe7


Emotet Gen1 Malicious Library UPX PE File PE64 CAB VirusTotal Malware AutoRuns PDB Checks debugger Creates executable files unpack itself Windows utilities suspicious process Windows ComputerName Remote Code Execution crashed
4.8 50 ZeroCERT

5 2024-10-31 18:11 focustaskprobr.exe  

5bc2209e6ba6e6534b35494182d8cc66


Emotet Gen1 Malicious Library UPX PE File PE64 CAB .NET EXE PE32 VirusTotal Malware AutoRuns PDB Check memory Checks debugger Creates executable files unpack itself Check virtual network interfaces AppData folder Windows Remote Code Execution DNS
1 7.2 34 ZeroCERT

6 2024-10-31 18:09 sameconcentratepro.exe  

b4902df58bcac6bfe6a72a91ea30e051


Emotet Gen1 Malicious Library UPX PE File PE64 CAB VirusTotal Malware AutoRuns PDB MachineGuid Check memory Checks debugger Creates executable files unpack itself Check virtual network interfaces Windows Remote Code Execution DNS
1 5.4 17 ZeroCERT

7 2024-10-31 18:09 seniorcommunicatepro.exe  

485927fe0c19012f31f1ef565254b374


Emotet Gen1 Malicious Library UPX PE File PE64 CAB .NET EXE PE32 VirusTotal Malware AutoRuns PDB Check memory Checks debugger Creates executable files unpack itself Check virtual network interfaces AppData folder Windows Remote Code Execution DNS
1 7.4 48 ZeroCERT

8 2024-10-24 11:14 seniorcommunicatepro.exe  

ea95f1f57bf140891fe0401b8d34990d


Emotet Gen1 Malicious Library UPX PE File PE64 CAB OS Processor Check VirusTotal Malware Buffer PE AutoRuns PDB Check memory Checks debugger buffers extracted Creates executable files unpack itself Windows Remote Code Execution
5.4 47 ZeroCERT

9 2024-10-24 11:13 losscommunicationpro.exe  

42bcf60a8c6cf654ceb015d9047218ef


Emotet Gen1 Malicious Library UPX .NET framework(MSIL) PE File PE64 CAB .NET EXE PE32 OS Processor Check VirusTotal Malware Buffer PE AutoRuns PDB Check memory Checks debugger buffers extracted Creates executable files unpack itself AppData folder Windows ComputerName Remote Code Execution
5.4 40 ZeroCERT

10 2024-10-24 11:11 pump.exe  

2d3353b602f987a974e014f891499e6f


Emotet Gen1 Generic Malware Malicious Library UPX Antivirus PE File PE64 CAB VirusTotal Malware powershell AutoRuns PDB suspicious privilege MachineGuid Check memory Checks debugger Creates shortcut Creates executable files unpack itself suspicious process Windows ComputerName Remote Code Execution Cryptographic key
6.0 16 ZeroCERT

11 2024-10-24 11:03 focustaskpro.exe  

eb98253c7af23770d78d9e3e765d183d


Emotet Gen1 Malicious Library UPX .NET framework(MSIL) PE File PE64 CAB .NET EXE PE32 OS Processor Check VirusTotal Malware Buffer PE AutoRuns PDB Check memory Checks debugger buffers extracted Creates executable files unpack itself AppData folder Windows ComputerName Remote Code Execution
5.4 41 ZeroCERT

12 2024-10-21 17:09 1.exe  

2d019540d9821037f1c96050cf7f551b


Emotet Gen1 Generic Malware Malicious Library UPX Antivirus PE File PE64 CAB VirusTotal Malware powershell AutoRuns PDB suspicious privilege MachineGuid Check memory Checks debugger Creates shortcut Creates executable files unpack itself Windows utilities suspicious process Windows ComputerName Remote Code Execution Cryptographic key
6.0 M 17 ZeroCERT

13 2024-10-16 11:23 qualityrespondpro.exe  

7d69353f011527611a119b38593b7b34


Emotet Gen1 Malicious Library UPX PE File PE64 CAB .NET EXE PE32 VirusTotal Malware Buffer PE AutoRuns PDB suspicious privilege Malicious Traffic Check memory Checks debugger buffers extracted Creates executable files unpack itself Check virtual network interfaces AppData folder Windows ComputerName Remote Code Execution DNS Cryptographic key crashed
1 1 1 8.6 M 51 ZeroCERT

14 2024-10-16 11:12 speechcarrierpro.exe  

c022c9594435faedd2d06aa40d19c360


Emotet Gen1 Malicious Library UPX .NET framework(MSIL) AntiDebug AntiVM PE File PE64 CAB .NET EXE PE32 OS Processor Check VirusTotal Malware Buffer PE AutoRuns PDB suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted Creates executable files RWX flags setting unpack itself Check virtual network interfaces suspicious process AppData folder WriteConsoleW Windows Remote Code Execution DNS Cryptographic key crashed
1 2 16.2 49 ZeroCERT

15 2024-10-16 11:05 parttransferpro.exe  

a38e702946c3b3770260051e865cba87


Emotet Gen1 Malicious Library UPX Admin Tool (Sysinternals etc ...) PE File PE64 CAB .NET EXE PE32 VirusTotal Malware AutoRuns PDB Check memory Checks debugger Creates executable files unpack itself AppData folder Windows Remote Code Execution
4.8 50 ZeroCERT