Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Score	Zero	VT	Player
1	2024-06-29 15:29	UpdateSetup.exe a492c3a7274138520cb977971fb13fb5 Malicious Library Admin Tool (Sysinternals etc ...) UPX PE File .NET EXE PE32 VirusTotal Malware PDB Check memory Checks debugger unpack itself				2.0	M	26	ZeroCERT

2	2022-12-02 09:56	PasswordStealer.dll ad42d271e4b7d5c14c179c6cbe559bef PE32 .NET DLL DLL PE File VirusTotal Malware				1.2		53	ZeroCERT

3	2022-11-25 11:10	overthinker.exe 0d43b051c7c73233c85697219bc9a4f4 RAT PWS .NET framework Admin Tool (Sysinternals etc ...) UPX PE32 OS Processor Check .NET EXE PE File VirusTotal Malware PDB MachineGuid Malicious Traffic Check memory Checks debugger unpack itself Check virtual network interfaces IP Check Windows ComputerName Cryptographic key crashed	1 Keyword trend analysis	2	1	4.8	M	52	ZeroCERT

4	2022-10-14 07:16	1.exe bece8b42f8473c0dc498ad404a487c62 Themida Packer UPX Anti_VM PE32 PE File .NET EXE VirusTotal Malware Malicious Traffic Check memory Checks debugger unpack itself Checks Bios Detects VMWare Check virtual network interfaces VMware anti-virtualization IP Check Windows ComputerName Firmware Cryptographic key crashed	1 Keyword trend analysis	2		7.2	M	48	ZeroCERT

5	2022-07-05 10:06	EkQDX.exe 9d3f96bb981b1297d55cc96abf5fb44f RAT PWS .NET framework UPX Admin Tool (Sysinternals etc ...) PE32 OS Processor Check .NET EXE PE File VirusTotal Malware PDB MachineGuid Malicious Traffic Check memory Checks debugger unpack itself Check virtual network interfaces IP Check Windows ComputerName Cryptographic key crashed	1 Keyword trend analysis	2	1	4.6	M	38	ZeroCERT

6	2022-01-08 22:58	ma.exe a0bc1018301f353dc99fdb2c973dbbeb PE File PE32 .NET EXE Browser Info Stealer VirusTotal Malware AutoRuns suspicious privilege Check memory Checks debugger Creates executable files unpack itself Checks Bios Detects VirtualBox Detects VMWare AppData folder VMware anti-virtualization Windows Browser Firmware Cryptographic key crashed				7.4	M	26	ZeroCERT

7	2021-12-15 14:55	xmr.exe 17afc420d8384803dcef35870c4824fb RAT PWS .NET framework Generic Malware Malicious Packer Admin Tool (Sysinternals etc ...) Malicious Library UPX PE File OS Processor Check PE32 .NET EXE PE64 VirusTotal Cryptocurrency Miner Malware Cryptocurrency AutoRuns PDB Check memory Checks debugger Creates executable files unpack itself Auto service Check virtual network interfaces WriteConsoleW Windows ComputerName Firmware		2		6.0	M	51	ZeroCERT

8	2021-08-18 11:34	oy.exe 0dad0861840cb73b4cefce3dcce28fa5 RAT PWS .NET framework Generic Malware Themida Packer Admin Tool (Sysinternals etc ...) PE File .NET EXE PE32 OS Processor Check Browser Info Stealer VirusTotal Malware AutoRuns suspicious privilege Malicious Traffic Check memory Checks debugger Creates executable files unpack itself Checks Bios Detects VMWare Check virtual network interfaces AppData folder VMware anti-virtualization Windows Browser ComputerName Firmware Cryptographic key crashed	1 Keyword trend analysis	2		9.8	M	42	ZeroCERT

9	2021-06-25 14:42	update.exe d2296420a619f59037f8ae20b43b71f2 PWS .NET framework Generic Malware Admin Tool (Sysinternals etc ...) .NET EXE PE32 PE File VirusTotal Malware PDB MachineGuid Check memory Checks debugger unpack itself				2.8		34	ZeroCERT

10	2021-03-17 22:45	Build.exe 780293b790c796c29b8d0cbf92053af2 Azorult .NET framework AsyncRAT backdoor Malware download VirusTotal Malware suspicious privilege MachineGuid Malicious Traffic Check memory Checks debugger unpack itself Check virtual network interfaces ComputerName	8 Keyword trend analysis Info http://dsulum.anonymous-sec.com/moab//connection.php http://dsulum.anonymous-sec.com/moab//check_panel.php http://dsulum.anonymous-sec.com/moab/login.php http://dsulum.anonymous-sec.com/moab//getCommand.php?id=bTBhYl83QzYwMjRBRA http://dsulum.anonymous-sec.com/moab//receive.php?command=T25saW5l&vicID=bTBhYl83QzYwMjRBRA http://dsulum.anonymous-sec.com/moab/ http://dsulum.anonymous-sec.com/moab//receive.php?command=UGluZ2Vk&vicID=bTBhYl83QzYwMjRBRA http://dsulum.anonymous-sec.com/moab//receive.php?command=TmV3TG9nfEJOfFN1Y2N8Qk58Q2xpZW50IGlzIENvbm5lY3RlZA&vicID=bTBhYl83QzYwMjRBRA	2	2	4.4	M	47	Zero