Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Score	Zero	VT	Player
1	2021-09-19 11:37	list.exe ff1b657f20e7afc8202a40d189cdae59 PWS .NET framework Generic Malware AntiDebug AntiVM PE File .NET EXE PE32 FormBook Malware download VirusTotal Malware suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted unpack itself	10 Keyword trend analysis Info http://www.casino-virtuali.net/uytf/?pPX=g7mpRtpTrt86/9NUu7qnQWaSOi1js2yCbBPgDeqMY9oCbbLU6QU9HZXO/9hDXANZpsRSIO+P&1b=jnKtRfUxV http://www.chowding.com/uytf/?pPX=KjPIUqWGSwcpMb1JQuy7+0U5rXawkPVPr7fK8WZb5vSYhxBFfvmkEsL/MgpgoLsWmZ9LBflA&1b=jnKtRfUxV http://www.wireconnectaz.tech/uytf/?pPX=ykk3RL+VOMXWil8HNCFXQ+wNFXvfY05AhbWwIaICGpFeRZ8bpfrHSSt//sxM/LDuP+XWHN5A&1b=jnKtRfUxV http://www.fasilitatortoefl.com/uytf/?pPX=foh9uT4TNOHfQtkSH9m7Z/6r7DOaIcQkTX62D8Vmt2IbcE3X7kyPrJ3BOSY+SpvNWJAlQMmw&1b=jnKtRfUxV http://www.atjehtimur.com/uytf/?pPX=xyanq6/aXBjQ+drETuPL3uW7YN/fSzGGYXigMrEAsu0BgOhtvREM0lJTblDkspg/rslptfje&1b=jnKtRfUxV http://www.freedomforfarmedrabbits.online/uytf/?pPX=aanr9KUA+Lme2HnVO/iXZ9M+VynYtt8YNC4RSrEQUm5wbsxRoKLFvnw/FduDX7MSivFtGy/+&1b=jnKtRfUxV http://www.richesosity.online/uytf/?pPX=8q6matzAslour1Wg7EDZOBiUYMK1ZLS1rYSRgs2yyJbPXAYaEJuUoecG03EIMLpxIkgbL9q4&1b=jnKtRfUxV http://www.phytolipshine.com/uytf/?pPX=Fx3MBA+wnyP4UwdJpcXcQefFTv+0WpMEuREL8NukrNNObpanHjIC8qUY8SnAq0baZOrOIpSd&1b=jnKtRfUxV http://www.estherestates.online/uytf/?pPX=oIuaCgs8fWe7UPMH63YJqAOmlhmah6T8z6DMbwlnTLzzYRJkfgqamdDtc0OyBRbzZ8ieFU+p&1b=jnKtRfUxV http://www.orangstyle.com/uytf/?pPX=ZeXqQEHVzWgCZpPTNhYOjWQ9Qqomd/Wcs+ePRWCYWi9KRItxKQ3GmqF2KQQ9LX2oE/v4ro1T&1b=jnKtRfUxV	20 Info www.richesosity.online(172.67.178.47) www.fasilitatortoefl.com(103.52.144.138) www.orangstyle.com(34.107.102.192) www.phytolipshine.com(165.160.15.20) www.chowding.com(198.50.252.64) www.casino-virtuali.net(172.67.206.242) www.estherestates.online(34.102.136.180) www.atjehtimur.com(103.253.212.244) www.wireconnectaz.tech(153.92.220.18) www.freedomforfarmedrabbits.online(203.170.80.250) 165.160.13.20 - mailcious 103.52.144.138 153.92.220.18 103.253.212.244 34.102.136.180 - mailcious 172.67.206.242 198.50.252.64 - phishing 104.21.35.179 34.107.102.192 203.170.80.250 - phishing	1	8.4	M	40	ZeroCERT

2	2021-09-19 11:15	kok.exe 2b0eb2dffd9788bfb9390e060f5e4bcc PWS .NET framework Generic Malware PE File .NET EXE PE32 VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself				7.2	M	24	ZeroCERT

3	2021-09-19 10:59	Tcx5xxXPl9GOucJ.exe 04ecb65ad3407b89abab206a1b921e5c PWS .NET framework Generic Malware SMTP KeyLogger AntiDebug AntiVM PE File .NET EXE PE32 VirusTotal Malware AutoRuns suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself Windows ComputerName DNS crashed		1		11.0	M	25	ZeroCERT

4	2021-09-19 10:56	vbc.exe 66ce1420280eceebeab924165f28b7bb PWS .NET framework Gen2 Emotet Gen1 Generic Malware NSIS Malicious Library UPX Malicious Packer Admin Tool (Sysinternals etc ...) ASPack Anti_VM KeyLogger ScreenShot AntiDebug AntiVM PE File .NET EXE PE32 OS Processor Check VirusTotal Malware AutoRuns suspicious privilege Code Injection Check memory Checks debugger buffers extracted Creates executable files unpack itself Windows utilities Checks Bios Detects VirtualBox suspicious process AppData folder WriteConsoleW VMware anti-virtualization installed browsers check Windows Browser ComputerName DNS Software		1		16.2	M	45	ZeroCERT

5	2021-09-18 20:02	troupzx.exe 1c4fd4c1adfb8b5cc412128415251379 PWS .NET framework Generic Malware SMTP KeyLogger AntiDebug AntiVM PE File .NET EXE PE32 VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself Windows ComputerName crashed				8.8	M	25	ZeroCERT

6	2021-09-18 19:51	asadzx.exe 4cf22ea879cba79ef086de06409cb254 PWS .NET framework Generic Malware SMTP KeyLogger AntiDebug AntiVM PE File .NET EXE PE32 VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself Windows ComputerName crashed				8.8	M	23	ZeroCERT