popup

Submissions

No Date Request Urls Hosts IDS Rule Score Zero VT Player Etc
1 2022-08-22 18:18 vvv.exe  

af477d25b88a0059ec73f7f595437162


PWS[m] RedLine stealer[m] RAT UPX AntiDebug AntiVM PE32 PE File .NET EXE PE64 Browser Info Stealer FTP Client Info Stealer VirusTotal Malware suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted Creates executable files unpack itself Collect installed applications Check virtual network interfaces installed browsers check Tofsee Windows Browser ComputerName Remote Code Execution DNS Cryptographic key Software crashed 		2 4 6 15.2 47 ZeroCERT

2 2022-04-08 09:16 1_KpCGvNj.exe  

2f84afead84a3699cb870693b05c308c


PWS[m] Emotet RAT PWS .NET framework UPX Malicious Library Create Service DGA Socket ScreenShot DNS Internet API Code injection Sniff Audio HTTP Steal credential KeyLogger P2P Downloader Escalate priviledges FTP Http API AntiDebug AntiVM PE32 OS Processor VirusTotal Malware MachineGuid Code Injection Malicious Traffic Check memory Checks debugger Creates executable files unpack itself Windows utilities Check virtual network interfaces WriteConsoleW IP Check Windows ComputerName DNS Cryptographic key 		3 7 1 9.4 M 46 ZeroCERT

3 2021-09-29 08:23 m.exe  

d2c73b170d0f9669214cd74ae6128068


Emotet RAT Generic Malware Malicious Library Antivirus Malicious Packer PE File PE32 DLL PE64 VirusTotal Malware powershell AutoRuns suspicious privilege MachineGuid Check memory Checks debugger WMI Creates shortcut Creates executable files unpack itself Windows utilities powershell.exe wrote suspicious process AppData folder WriteConsoleW Windows ComputerName Cryptographic key 		9.0 M 38 ZeroCERT

  • First
  • 1
  • Last
  • Total : 3cnts
keyword