Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Score	Zero	VT	Player
1	2023-09-22 07:55	u.exe 1cc5f4774e35db4143eaeadc67f230dd RedLine Infostealer RedLine stealer UPX .NET framework(MSIL) Confuser .NET PE File PE32 .NET EXE OS Processor Check Browser Info Stealer RedLine Malware download FTP Client Info Stealer VirusTotal Malware Microsoft suspicious privilege Check memory Checks debugger buffers extracted unpack itself Collect installed applications installed browsers check Stealer Windows Browser ComputerName DNS Cryptographic key Software crashed		1	5	6.2	M	49	ZeroCERT

2	2023-09-15 07:54	c.exe c2ce41232bcd0237adee4dc075136551 RedLine Infostealer RedLine stealer UPX .NET framework(MSIL) Confuser .NET PE File PE32 .NET EXE OS Processor Check Browser Info Stealer RedLine Malware download FTP Client Info Stealer Malware Microsoft suspicious privilege Check memory Checks debugger buffers extracted unpack itself Collect installed applications installed browsers check Stealer Windows Browser ComputerName DNS Cryptographic key Software crashed		1	5	5.0			ZeroCERT

3	2023-09-12 17:05	hell.exe b78af5ee929ecb939ecd3bbb7a09996e RedLine Infostealer RedLine stealer UPX .NET framework(MSIL) Confuser .NET PE File .NET EXE PE32 OS Processor Check Browser Info Stealer RedLine Malware download FTP Client Info Stealer VirusTotal Malware Microsoft suspicious privilege Check memory Checks debugger buffers extracted unpack itself Collect installed applications installed browsers check Stealer Windows Browser ComputerName DNS Cryptographic key Software crashed		1	5	6.2	M	41	ZeroCERT

4	2023-09-11 09:49	Saturn.exe f995aec459fa35d48bff3d5b7530d1b1 RedLine Infostealer RedLine stealer UPX .NET framework(MSIL) Confuser .NET PE File .NET EXE PE32 OS Processor Check VirusTotal Malware Check memory Checks debugger unpack itself Windows DNS Cryptographic key		1		3.8	M	52	ZeroCERT

5	2023-09-09 21:48	168.exe e334c5353a9700935d476c2460ab0e22 RedLine Infostealer RedLine stealer UPX .NET framework(MSIL) Confuser .NET PE File .NET EXE PE32 OS Processor Check VirusTotal Malware Check memory Checks debugger unpack itself Windows DNS Cryptographic key		1		4.4	M	53	ZeroCERT

6	2023-08-25 18:25	finally.exe 9dc8d8fddf5c5ef3d8adac9b0146558a RedLine Infostealer RedLine stealer .NET framework(MSIL) UPX Confuser .NET OS Processor Check PE File .NET EXE PE32 Browser Info Stealer RedLine Malware download FTP Client Info Stealer VirusTotal Malware Microsoft suspicious privilege Malicious Traffic Check memory Checks debugger buffers extracted unpack itself Collect installed applications Check virtual network interfaces installed browsers check Tofsee Stealer Windows Browser ComputerName DNS Cryptographic key Software crashed	1 Keyword trend analysis	3	5 Info ET INFO Microsoft net.tcp Connection Initialization Activity ET MALWARE Redline Stealer TCP CnC Activity ET MALWARE [ANY.RUN] RedLine Stealer Related (MC-NMF Authorization) ET MALWARE Redline Stealer TCP CnC - Id1Response SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	7.4	M	50	ZeroCERT

7	2023-08-15 19:12	build1234.exe 5fb59ec46fd6a15ac0856e37fe226573 RedLine Infostealer RedLine stealer UPX .NET framework(MSIL) Confuser .NET OS Processor Check .NET EXE PE File PE32 Browser Info Stealer FTP Client Info Stealer VirusTotal Malware suspicious privilege Check memory Checks debugger buffers extracted unpack itself Collect installed applications installed browsers check Windows Browser ComputerName DNS Cryptographic key Software crashed		1		6.2		52	ZeroCERT

8	2023-07-28 17:30	22222.exe d42a28aa817408fdfeb8f26528521253 RedLine Infostealer RedLine stealer UPX .NET framework(MSIL) Confuser .NET OS Processor Check .NET EXE PE File PE32 Browser Info Stealer RedLine Malware download FTP Client Info Stealer VirusTotal Malware Microsoft suspicious privilege Check memory Checks debugger buffers extracted unpack itself Collect installed applications installed browsers check Stealer Windows Browser ComputerName DNS Cryptographic key Software crashed		1	5	6.2	M	48	ZeroCERT

9	2023-07-26 17:25	UpdateProfile.exe a3336fcf021e1fb4a7465b4294e4baa7 RedLine Infostealer RedLine stealer UPX .NET framework(MSIL) Confuser .NET OS Processor Check .NET EXE PE File PE32 VirusTotal Malware Check memory Checks debugger unpack itself Windows DNS Cryptographic key		1		3.8		47	ZeroCERT

10	2023-07-26 07:45	kkkk.exe 9139f048f1e79aa4b85629c03ecd1c77 RedLine Infostealer RedLine stealer UPX .NET framework(MSIL) Confuser .NET OS Processor Check .NET EXE PE File PE32 Browser Info Stealer RedLine Malware download FTP Client Info Stealer VirusTotal Malware suspicious privilege Check memory Checks debugger buffers extracted unpack itself Collect installed applications installed browsers check Stealer Windows Browser ComputerName DNS Cryptographic key Software crashed		1	3	6.2	M	47	ZeroCERT

11	2023-07-19 07:19	rockol.exe df7a39c6a0b49b73bb6acd435f073166 RedLine Infostealer RedLine stealer UPX .NET framework(MSIL) Confuser .NET OS Processor Check .NET EXE PE File PE32 Check memory Checks debugger unpack itself ComputerName				1.0	M		ZeroCERT

12	2023-06-30 07:47	ProfileUpdate.exe c92d329c982a22f81e4b045e5de2f1c1 RedLine stealer UPX .NET framework(MSIL) Confuser .NET OS Processor Check .NET EXE PE File PE32 Browser Info Stealer RedLine Malware download FTP Client Info Stealer Malware suspicious privilege Check memory Checks debugger buffers extracted unpack itself Collect installed applications installed browsers check Stealer Windows Browser ComputerName DNS Cryptographic key Software crashed		1	3	5.4			ZeroCERT

13	2023-06-29 10:21	1Top.exe 51b7849db58928fb6c1f1e2a343cd2f0 RedLine stealer UPX .NET framework(MSIL) Confuser .NET OS Processor Check .NET EXE PE File PE32 Browser Info Stealer RedLine Malware download FTP Client Info Stealer VirusTotal Malware suspicious privilege Check memory Checks debugger buffers extracted unpack itself Collect installed applications installed browsers check Stealer Windows Browser ComputerName DNS Cryptographic key Software crashed		1	3	6.2	M	47	r0d

14	2023-06-29 07:40	1Top.exe 51b7849db58928fb6c1f1e2a343cd2f0 UPX .NET framework(MSIL) Confuser .NET OS Processor Check .NET EXE PE32 PE File RedLine Malware download FTP Client Info Stealer VirusTotal Malware suspicious privilege Check memory Checks debugger buffers extracted unpack itself Collect installed applications installed browsers check Stealer Windows Browser ComputerName DNS Cryptographic key Software crashed		1	3	5.8		47	ZeroCERT

15	2023-06-22 17:36	bira.exe 812117b53cdcb42545bf29d4de9c250e UPX .NET framework(MSIL) Confuser .NET OS Processor Check .NET EXE PE File PE32 Browser Info Stealer RedLine Malware download FTP Client Info Stealer VirusTotal Malware suspicious privilege Check memory Checks debugger buffers extracted unpack itself Collect installed applications installed browsers check Stealer Windows Browser ComputerName DNS Cryptographic key Software crashed		1	3	6.2	M	50	ZeroCERT