Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Score	Zero	VT	Player
1	2024-07-04 07:40	38.exe 40ecc726bee273961d09301c0316af6e Malicious Library UPX PE File PE32 VirusTotal Malware Check memory Checks debugger unpack itself crashed				2.4	M	54	ZeroCERT

2	2024-06-11 07:39	conhost.exe 8378455f7c8a30d74b355adaf576a10b XMRig Miner Emotet Cryptocurrency Miner Suspicious_Script_Bin Generic Malware CoinHive Cryptocurrency task schedule Downloader Malicious Library UPX Malicious Packer Antivirus .NET framework(MSIL) Create Service Socket DGA Http API ScreenShot Escalate pri VirusTotal Malware AutoRuns suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted Creates shortcut Creates executable files unpack itself Windows utilities Check virtual network interfaces suspicious process AppData folder AntiVM_Disk WriteConsoleW VM Disk Size Check Tofsee Windows ComputerName DNS Cryptographic key	4 Keyword trend analysis	3	6 Info ET DROP Spamhaus DROP Listed Traffic Inbound group 23 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) ET INFO Executable Download from dotted-quad Host ET POLICY PE EXE or DLL Windows file download HTTP ET INFO Executable Retrieved With Minimal HTTP Headers - Potential Second Stage Download ET HUNTING SUSPICIOUS Dotted Quad Host MZ Response	13.2	M	35	ZeroCERT

3	2024-05-20 07:35	conhost.exe be320b59ef29060678bcb78d6c8fa059 Malicious Library UPX PE File PE32 VirusTotal Malware Check memory Checks debugger unpack itself crashed				2.0		20	ZeroCERT

4	2024-05-18 20:31	222.exe 0603ce41d19c5ed6f06d28d7c1a0d8fe Malicious Library UPX PE File PE32 VirusTotal Malware Check memory Checks debugger unpack itself crashed				2.4		46	ZeroCERT

5	2024-05-16 07:27	888.exe 0e71dd615925094d6b40a76280bb2ea1 Malicious Library UPX PE File PE32 VirusTotal Malware Check memory Checks debugger unpack itself crashed				2.2		37	ZeroCERT

6	2022-01-16 22:29	1.exe ad95832fa72da070fe465948cdf54f40 RedLine stealer[m] NPKI Emotet RAT PWS .NET framework Generic Malware TEST Malicious Library UPX Malicious Packer Create Service DGA Socket DNS Internet API Code injection Sniff Audio HTTP KeyLogger FTP Escalate priviledges Downloader ScreenShot P2P persi Browser Info Stealer FTP Client Info Stealer suspicious privilege Code Injection Check memory Checks debugger buffers extracted Creates executable files unpack itself Windows utilities Collect installed applications suspicious process AntiVM_Disk WriteConsoleW VM Disk Size Check installed browsers check Windows Browser ComputerName DNS Cryptographic key Software crashed		1		8.8	M		ZeroCERT