Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Score	Zero	VT	Player
1	2022-07-27 09:09	vbc.exe 111a90a2e621eca70ea6eaf203a442ef PWS .NET framework PE32 .NET EXE PE File VirusTotal Malware Check memory Checks debugger unpack itself				2.2	M	32	ZeroCERT

2	2021-06-04 18:21	yes.exe 33e5d41c8c70b1b9cf9ed44b5a4db9df AsyncRAT backdoor PWS .NET framework Admin Tool (Sysinternals Devolutions inc) Anti_VM Malicious Library SMTP AntiDebug AntiVM PE File .NET EXE PE32 VirusTotal Malware PDB suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself Windows utilities AppData folder Windows DNS Cryptographic key				9.6	M	19	ZeroCERT

3	2021-06-02 09:32	cc200-08.exe 958b46473acadafb02ea38355ec436c2 AsyncRAT backdoor PWS .NET framework Malicious Library AntiDebug AntiVM PE File .NET EXE PE32 VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself				7.2	M	27	ZeroCERT

4	2021-05-25 09:52	Gpd6QILUkcxzAsA.exe af5f4617e678d890744af7fa9347097c AsyncRAT backdoor PWS .NET framework Malicious Library .NET EXE PE File PE32 VirusTotal Malware PDB Check memory Checks debugger unpack itself Windows Cryptographic key				2.2		13	ZeroCERT

5	2021-05-24 18:19	banh.exe 8dc45cee87ca5370db8341c7755c8b9e PWS .NET framework Malicious Library SMTP KeyLogger AntiDebug AntiVM .NET EXE PE File PE32 VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself malicious URLs Windows ComputerName Cryptographic key crashed				9.4		20	ZeroCERT

6	2021-04-27 08:03	Wzze3eSA4thdJZc.exe daec9c824832ffc25734efb3fb4512e0 PWS .NET framework Malicious Library AsyncRAT backdoor VirusTotal Malware suspicious privilege Check memory Checks debugger unpack itself Windows Cryptographic key				3.2	M	30	ZeroCERT

7	2021-04-27 08:00	AGcjf4hZF7GWTYa.exe b3e1928a79fc2870037070e4910be463 PWS .NET framework Malicious Library AsyncRAT backdoor VirusTotal Malware suspicious privilege Check memory Checks debugger unpack itself Windows Cryptographic key				3.0		29	ZeroCERT

8	2021-04-27 08:00	ZyL7yM4Z6je3A8K.exe 9463178c1032fb981519b41b9de5b476 PWS .NET framework Malicious Library AsyncRAT backdoor VirusTotal Malware suspicious privilege Check memory Checks debugger unpack itself Windows DNS Cryptographic key				3.6		20	ZeroCERT

9	2021-04-20 09:40	winlog.exe e0510b1d4dae20508467f238ba1e338e AsyncRAT backdoor Browser Info Stealer LokiBot Malware download FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware c&c suspicious privilege MachineGuid Code Injection Malicious Traffic Check memory Checks debugger buffers extracted unpack itself malicious URLs installed browsers check Windows Browser Email ComputerName DNS Cryptographic key Software	1 Keyword trend analysis	3	9 Info ET MALWARE LokiBot User-Agent (Charon/Inferno) ET MALWARE LokiBot Checkin ET POLICY HTTP Request to a *.tk domain ET MALWARE LokiBot Application/Credential Data Exfiltration Detected M1 ET MALWARE LokiBot Application/Credential Data Exfiltration Detected M2 ET DNS Query to a .tk domain - Likely Hostile ET MALWARE LokiBot Request for C2 Commands Detected M1 ET MALWARE LokiBot Request for C2 Commands Detected M2 ET MALWARE LokiBot Fake 404 Response	14.4	M	23	ZeroCERT