Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Rule	Score	Zero	VT	Player
1	2023-05-25 18:19	poweroff.exe 4ab4f24b913575f5dbaf2f17a6b5a2b1 PWS .NET framework njRAT RAT UPX .NET EXE PE File PE32 VirusTotal Malware PDB MachineGuid Check memory Checks debugger unpack itself					2.8		33	ZeroCERT

2	2023-04-13 18:15	poweroff.exe 4de7538747bf36f826099aceed872175 PWS .NET framework RAT UPX .NET EXE PE32 PE File VirusTotal Malware MachineGuid Check memory Checks debugger unpack itself					2.6	M	52	ZeroCERT

3	2023-02-10 14:47	poweroff.exe f6c312d7bc53140df83864221e8ebee1 RAT PWS .NET framework UPX PE32 .NET EXE PE File VirusTotal Malware MachineGuid Check memory Checks debugger unpack itself					2.2		29	ZeroCERT

4	2023-02-06 13:06	poweroff.exe ed0be56461eb04e1eccc0c4c69995381 RAT PWS .NET framework UPX PE32 .NET EXE PE File VirusTotal Malware MachineGuid Check memory Checks debugger unpack itself					2.6	M	56	ZeroCERT

5	2023-02-02 11:39	git1.exe 49f8d26f22bbaaca363ae4e351b2e8e7 RAT PWS .NET framework Gen1 UPX Malicious Library AntiDebug AntiVM PE32 .NET EXE PE File PNG Format MSOffice File OS Processor Check DLL JPEG Format GIF Format PE64 Malware AutoRuns MachineGuid Code Injection Malicious Traffic Check memory Checks debugger buffers extracted Creates shortcut Creates executable files ICMP traffic RWX flags setting unpack itself Windows utilities Check virtual network interfaces AppData folder AntiVM_Disk VM Disk Size Check Tofsee Windows Google ComputerName	15 Keyword trend analysis Info http://apps.identrust.com/roots/dstrootcax3.p7c http://360devtracking.com/ezzcbmueaa4iwhvb/fmovies - rule_id: 23046 http://www.google.com/ https://n8w5.c12.e2-1.dev/doma/Villains-Wiki/pub-LJWuMU9jpVNtx.exe https://connectini.net/Series/publisher/1/KR.json - rule_id: 23559 https://connectini.net/Series/SuperNitouDisc.php - rule_id: 7619 https://n8w5.c12.e2-1.dev/doma/Villains-Wiki/up-do-dat-LJWuMU9jpVNtx.exe https://connectini.net/Series/kenpachi/2/goodchannel/KR.json - rule_id: 1972 https://wewewe.s3.eu-central-1.amazonaws.com/WeUninstalled.exe - rule_id: 23052 https://connectini.net/Series/Conumer4Publisher.php - rule_id: 1976 https://connectini.net/S2S/Disc/Disc.php?ezok=power2off2&tesla=8 - rule_id: 7620 https://connectini.net/Series/configPoduct/2/goodchannel.json - rule_id: 1973 https://n8w5.c12.e2-1.dev/doma/widgets/powerOff.exe https://n8w5.c12.e2-1.dev/doma/Villains-Wiki/hand-LJWuMU9jpVNtx.exe https://connectini.net/Series/Conumer2kenpachi.php - rule_id: 1974	16 Info n8w5.c12.e2-1.dev(216.155.20.140) - malware wewewe.s3.eu-central-1.amazonaws.com(52.219.47.172) - mailcious www.google.com(142.250.206.228) google.com(142.250.206.238) 360devtracking.com(37.230.138.66) - mailcious connectini.net(37.230.138.123) - mailcious www.profitabletrustednetwork.com(173.233.137.36) - mailcious apps.identrust.com(61.111.58.35) 52.219.75.132 192.243.59.20 - mailcious 216.155.20.140 - malware 142.251.42.174 121.254.136.57 37.230.138.123 - mailcious 142.250.207.36 37.230.138.66 - mailcious	2	9 Info http://360devtracking.com/ezzcbmueaa4iwhvb/fmovies https://connectini.net/Series/publisher/1/KR.json https://connectini.net/Series/SuperNitouDisc.php https://connectini.net/Series/kenpachi/2/goodchannel/ https://wewewe.s3.eu-central-1.amazonaws.com/WeUninstalled.exe https://connectini.net/Series/Conumer4Publisher.php https://connectini.net/S2S/Disc/Disc.php https://connectini.net/Series/configPoduct/2/goodchannel.json https://connectini.net/Series/Conumer2kenpachi.php	10.2	M	29	ZeroCERT

6	2023-01-25 04:46	poweroff.exe 6e622962e3b594986c6fb741209dae50 RAT PWS .NET framework UPX PE32 .NET EXE PE File VirusTotal Malware MachineGuid Check memory Checks debugger unpack itself					2.4	M	37	ZeroCERT

7	2022-11-25 22:40	powerOff.exe c0538198613d60407c75c54c55e69d91 RAT Gen1 Malicious Library UPX PE32 PE File OS Processor Check DLL PE64 VirusTotal Malware Check memory Checks debugger Creates executable files unpack itself AppData folder AntiVM_Disk VM Disk Size Check					3.2		16	ZeroCERT

8	2022-11-21 14:40	poweroff.exe cfa7c46797e6d113d41adbd97fe38755 RAT PWS .NET framework UPX PE32 .NET EXE PE File VirusTotal Malware MachineGuid Check memory Checks debugger unpack itself					2.4		33	ZeroCERT

9	2022-11-16 10:20	poweroff-1mo67u5vspq3.exe 95c22189a5542b6c49204118750be5d9 RAT PWS .NET framework UPX PE32 .NET EXE PE File VirusTotal Malware MachineGuid Check memory Checks debugger unpack itself					2.6		55	ZeroCERT

10	2022-11-03 10:23	power-5033-off.exe 1cd03d64a1906b7d3ad94ed8a0663a70 RAT PWS .NET framework UPX PE32 .NET EXE PE File VirusTotal Malware MachineGuid Check memory Checks debugger unpack itself					2.6		51	ZeroCERT

11	2022-08-07 12:43	poweroff.exe 6c0577d77a62c8bdf98ba2b140785755 njRAT UPX PE32 PE File .NET EXE VirusTotal Malware PDB MachineGuid Check memory Checks debugger unpack itself					2.8	M	34	ZeroCERT