Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	Score	VT	Player
1	2021-07-10 09:09	ETL_051179320007.exe 6ff764fe33b3e6fca261b7e086898056 PWS .NET framework Generic Malware SMTP KeyLogger AntiDebug AntiVM .NET EXE PE32 PE File Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware AutoRuns suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted unpack itself Check virtual network interfaces malicious URLs VMware IP Check Windows Browser Email ComputerName DNS Cryptographic key DDNS Software crashed	2 Keyword trend analysis	5	16.4	24	ZeroCERT

2	2021-07-10 09:06	ETL_0611089510002.exe a57aac23f95604705617cecaff8ed202 PWS .NET framework Generic Malware SMTP KeyLogger AntiDebug AntiVM .NET EXE PE32 PE File Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware AutoRuns suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted unpack itself Check virtual network interfaces malicious URLs VMware IP Check Windows Browser Email ComputerName DNS Cryptographic key DDNS Software crashed keylogger	2 Keyword trend analysis	4	15.6	16	ZeroCERT

3	2021-07-09 18:41	ETL_013265_601_0278.exe d48f9d5b95cf67894226d72c3333bd98 PWS .NET framework Generic Malware SMTP KeyLogger AntiDebug AntiVM .NET EXE PE32 PE File Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware AutoRuns suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted unpack itself Check virtual network interfaces malicious URLs VMware IP Check Windows Browser Email ComputerName DNS Cryptographic key DDNS Software crashed keylogger	2 Keyword trend analysis	4	15.8	26	ZeroCERT

4	2021-07-09 18:39	TL_006251_07.exe 8e5e70c4ec5752d0f6a082e834e25f51 PWS Loki[b] Loki[m] .NET framework Generic Malware DNS AntiDebug AntiVM .NET EXE PE32 PE File Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware AutoRuns suspicious privilege MachineGuid Code Injection Check memory Checks debugger buffers extracted unpack itself malicious URLs AntiVM_Disk VM Disk Size Check installed browsers check Windows Browser Email ComputerName DNS Cryptographic key Software crashed		1	14.0	24	ZeroCERT

5	2021-07-09 18:33	ETL_01605_511_0752.exe 71ea7e46efc155382d6d0b20d8bde755 PWS .NET framework Generic Malware SMTP KeyLogger AntiDebug AntiVM .NET EXE PE32 PE File Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware AutoRuns suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted unpack itself Check virtual network interfaces malicious URLs VMware IP Check Windows Browser Email ComputerName DNS Cryptographic key DDNS Software crashed	2 Keyword trend analysis	5	14.8	25	ZeroCERT

6	2021-07-09 18:30	FL_00185203246.exe 96d403623e4027119487b7c528f560a7 RAT Generic Malware SMTP KeyLogger PDF AntiDebug AntiVM .NET EXE PE32 PE File Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware AutoRuns suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted unpack itself Check virtual network interfaces malicious URLs VMware IP Check Windows Browser Email ComputerName DNS Cryptographic key DDNS Software crashed	2 Keyword trend analysis	4	14.8	22	ZeroCERT

7	2021-07-09 18:28	PL_0260_63_108_117.exe d34220b859ea98b86761794b9e581d53 PWS Loki[b] Loki[m] .NET framework Generic Malware DNS AntiDebug AntiVM .NET EXE PE32 PE File Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware AutoRuns suspicious privilege MachineGuid Code Injection Check memory Checks debugger buffers extracted unpack itself malicious URLs AntiVM_Disk VM Disk Size Check installed browsers check Windows Browser Email ComputerName DNS Cryptographic key Software crashed		1	15.0	25	ZeroCERT

8	2021-07-09 18:26	ETL_013265_511_0758.exe 9efd7cdf4c6ee05497ccd8de4588301b PWS .NET framework Generic Malware SMTP KeyLogger AntiDebug AntiVM .NET EXE PE32 PE File Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware AutoRuns suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted unpack itself Check virtual network interfaces malicious URLs VMware IP Check Windows Browser Email ComputerName DNS Cryptographic key DDNS Software crashed keylogger	2 Keyword trend analysis	4	14.6	15	ZeroCERT

9	2021-07-09 18:21	rremit.exe 2f2570c8950c559876c0f5e68b47a03a RAT Generic Malware PDF AntiDebug AntiVM .NET EXE PE32 PE File VirusTotal Malware AutoRuns suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted unpack itself malicious URLs Windows Cryptographic key crashed	12 Keyword trend analysis Info http://www.apmtrk.com/dkao/ http://www.punchandjudy.world/dkao/ http://www.fennel.life/dkao/?GXITO=1R+MGTrzrh9wg0iyyxd8N850lG7CTjyoypoygWbQkoKUPbc7VU8VDmRXO2tCzWEN7ulrJ3DS&Jt7=XPv4nRqP http://www.gamblingtechintelligence.com/dkao/?GXITO=MXE2VtJ7Fo4hosq40s7o5Gb6Ku7gG0c1S7EHg0XRH6GvyO+aa1OLhg1lpqww8m7BivuDipB6&Jt7=XPv4nRqP http://www.mitsubishi3s-saigon.com/dkao/ http://www.engineeringyourfi.com/dkao/?GXITO=jah6DQdcmki18eoKMUf+yVQkg8vwGKWocc1DYzlV4ahqccoj7fVYZlTgMYj3hjJa2cQsuYsy&Jt7=XPv4nRqP http://www.gamblingtechintelligence.com/dkao/ http://www.engineeringyourfi.com/dkao/ http://www.mitsubishi3s-saigon.com/dkao/?GXITO=Z8LkfEnue97lQSidOFiccUZjcdY8S7xS7vIAY1UrYKbP5DA34VPhltV+QohXTHFmE2+V//AK&Jt7=XPv4nRqP http://www.apmtrk.com/dkao/?GXITO=BP1fS3MMSahq3d+qNOazUt+FTqb3aZxzOPrNXxXBdZI3b0J/H7GVqgCf/GWzB31PSvyM67YL&Jt7=XPv4nRqP http://www.punchandjudy.world/dkao/?GXITO=dTaSRiPfc0G6Gk0PZutJtF/VfjeAEQEHTYSysyM56DCXqRoND2+HpoQSaQWvcFJcsdOAvv9Q&Jt7=XPv4nRqP http://www.fennel.life/dkao/	12 Info www.engineeringyourfi.com(31.170.166.182) www.apmtrk.com(156.240.20.69) www.fennel.life(34.102.136.180) www.valentinefrazer.com() www.punchandjudy.world(34.102.136.180) www.mitsubishi3s-saigon.com(42.112.16.123) www.gamblingtechintelligence.com(194.9.94.85) 156.240.20.69 42.112.16.123 - malware 34.102.136.180 - mailcious 194.9.94.86 - mailcious 31.170.166.182	9.8	20	ZeroCERT

10	2021-07-09 18:18	ETL_013265_601_0278.exe d48f9d5b95cf67894226d72c3333bd98 PWS .NET framework Generic Malware SMTP KeyLogger AntiDebug AntiVM .NET EXE PE32 PE File Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware AutoRuns suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted unpack itself Check virtual network interfaces malicious URLs VMware IP Check Windows Browser Email ComputerName DNS Cryptographic key DDNS Software crashed keylogger	2 Keyword trend analysis	4	14.8	26	ZeroCERT

11	2021-07-09 18:17	PL_010_770_263_217.exe ae19017fd05fc34bdf3f3be6e9ab0565 RAT Generic Malware PDF .NET EXE PE32 PE File VirusTotal Malware AutoRuns suspicious privilege Code Injection Check memory Checks debugger unpack itself Windows Cryptographic key crashed			6.0	24	ZeroCERT

12	2021-07-09 18:15	FL_6110_32_75_21.exe e5db377ee4548b89587bedc9fa5cd61a RAT Generic Malware SMTP KeyLogger PDF AntiDebug AntiVM .NET EXE PE32 PE File Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware AutoRuns suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted unpack itself Check virtual network interfaces malicious URLs VMware IP Check Windows Browser Email ComputerName DNS Cryptographic key DDNS Software crashed keylogger	2 Keyword trend analysis	4	15.0	30	ZeroCERT