Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Score	Zero	VT	Player
1	2021-07-25 12:13	vbc.exe 3a23d766503a54317f86c1a175aa4b28 PWS .NET framework RAT Generic Malware Admin Tool (Sysinternals etc ...) AntiDebug AntiVM PE32 .NET EXE PE File FormBook Malware download VirusTotal Malware suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted unpack itself Windows Cryptographic key	10 Keyword trend analysis Info http://www.roq.media/p1nr/ http://www.aaliyahchhabra.com/p1nr/?AjR=Od7bmnq1WRFk76F1ogkU4Mi+HONosEbzYL+WP8P50nM5a3VF2POZT1SyF5qsPepAKH1aqMJk&njn8dT=9rt0FPEHohgT http://www.unlimitedfp.com/p1nr/ http://www.aaliyahchhabra.com/p1nr/ http://www.roq.media/p1nr/?AjR=U3lPnqGjwXsrwhyp5sFY7nRVaxZeJb2XQUDL3p9c1JxeBujj/xnCy1hFpAyiVGcEQaCdUYMf&njn8dT=9rt0FPEHohgT http://www.viruswaarheid.club/p1nr/ http://www.cydip.com/p1nr/ http://www.viruswaarheid.club/p1nr/?AjR=5bJlupc6xb34bDBlIcNCs6/s3CZhfCPrV+jvRTcCmGNXsfZOWTkNxEbjIRjoEINWuvjAhau8&njn8dT=9rt0FPEHohgT http://www.unlimitedfp.com/p1nr/?AjR=ck6tzDHMirLRaCF0a9F3iHlzRV0lrjZg5pC5jzBkRAU3dlywyeIgUh5ApEd5/gzrFW3zzC5E&njn8dT=9rt0FPEHohgT http://www.cydip.com/p1nr/?AjR=ZGaWET/m5aRCM9pakCj6ctG5V4spLUeE07bass/N5tQ/1dOLPCE7TRyiJFuh9iNzw4wcgE0D&njn8dT=9rt0FPEHohgT	10	1	9.2	M	44	ZeroCERT

2	2021-07-15 18:05	1Ptfo0FZUMT7hlK.exe bc302d910397e2d1092e47029d8f35df Generic Malware Admin Tool (Sysinternals etc ...) AntiDebug AntiVM PE File PE32 .NET EXE VirusTotal Malware suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted unpack itself Windows Cryptographic key	4 Keyword trend analysis Info http://www.roof801.com/qn6g/?D8k8=J94YFqHTfHcK+WuwNfObUs5GsnBXQAcnBkbfGXvwxaAoYKTXCpifnX3RACh0KP713tngWcxe&uTxXA=Apm8lx http://www.3lidj.net/qn6g/?D8k8=D/0dd0p8aUQ6v5qA5b48hc2XDeo7fEp7Ddb+g3CJAIjGDxTVufni1Lx4/H+ZeHFP/cvzWkZA&uTxXA=Apm8lx http://www.olezarsen.com/qn6g/?D8k8=6KMzo6eeE1wQHJAKEG8vHn1PaC15MTR+1UD1aUzs9rMVM5MUGFbiwpZgU3YCR9aL5WWeMKdz&uTxXA=Apm8lx http://www.mindyourbehind.com/qn6g/?D8k8=CcYCtamU8N39fY2elPEZpEWUXKJfhC7Bnsn+85gNyathZNfC9aI0N+YY5aFzw+ojq6YuecqV&uTxXA=Apm8lx	12 Info www.olezarsen.com(88.214.207.96) www.simplebox.world(88.214.207.96) www.lifeat6k.com() www.roof801.com(34.102.136.180) www.3lidj.net(132.232.80.168) www.mindyourbehind.com(35.208.214.73) www.farmersystemofanalysis.com() www.sonthuduc.com() 35.208.214.73 132.232.80.168 34.102.136.180 - mailcious 88.214.207.96 - mailcious		8.6		44	ZeroCERT

3	2021-06-06 09:58	loud-07.exe 48ae7e551369b4589d012ee8a92f70ed AsyncRAT backdoor PWS .NET framework Admin Tool (Sysinternals Devolutions inc) Anti_VM Malicious Library PE File .NET EXE PE32 VirusTotal Malware PDB suspicious privilege Code Injection Check memory Checks debugger unpack itself Windows Cryptographic key				5.6	M	37	ZeroCERT

4	2021-06-05 11:00	afo.exe f6dccd16da5a8415c2f64ad72aa76068 AsyncRAT backdoor PWS .NET framework Admin Tool (Sysinternals Devolutions inc) Anti_VM Malicious Library DNS SMTP AntiDebug AntiVM PE File .NET EXE PE32 VirusTotal Malware Buffer PE AutoRuns PDB suspicious privilege MachineGuid Code Injection Check memory Checks debugger buffers extracted unpack itself Windows utilities suspicious process WriteConsoleW human activity check Windows ComputerName DNS Cryptographic key		2		15.8	M	33	ZeroCERT

5	2021-06-05 10:56	afo.exe f6dccd16da5a8415c2f64ad72aa76068 AsyncRAT backdoor PWS .NET framework Admin Tool (Sysinternals Devolutions inc) Anti_VM Malicious Library DNS SMTP AntiDebug AntiVM PE File .NET EXE PE32 VirusTotal Malware Buffer PE AutoRuns PDB suspicious privilege MachineGuid Code Injection Check memory Checks debugger buffers extracted unpack itself Windows utilities suspicious process WriteConsoleW human activity check Windows ComputerName Cryptographic key		2		15.2	M	33	ZeroCERT

6	2021-06-05 10:46	yes-666.exe fc714107242125591cddee4f92c2b0f1 Admin Tool (Sysinternals Devolutions inc) Anti_VM Malicious Library AntiDebug AntiVM PE File .NET EXE PE32 VirusTotal Malware PDB suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself				7.4	M	23	ZeroCERT

7	2021-06-02 09:43	free.exe 346db6be65f107fc0929e16671f064aa AsyncRAT backdoor PWS .NET framework Malicious Library AntiDebug AntiVM PE File .NET EXE PE32 VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself Windows DNS Cryptographic key				8.4		40	ZeroCERT

8	2021-05-26 01:39	ACC.exe 1b566412e52165a3ef457cc7dd0ecfba AsyncRAT backdoor PWS .NET framework Malicious Library Antivirus .NET EXE PE File PE32 VirusTotal Malware powershell PDB suspicious privilege Check memory Checks debugger Creates shortcut unpack itself powershell.exe wrote Check virtual network interfaces suspicious process WriteConsoleW Windows ComputerName DNS Cryptographic key		1		7.0	M	26	guest

9	2021-05-25 09:55	W4Nxx0DldkRdql7.exe df914c109e5c1985bae95ae645049ae3 AsyncRAT backdoor PWS .NET framework Malicious Library .NET EXE PE File PE32 VirusTotal Malware PDB Check memory Checks debugger unpack itself Windows DNS Cryptographic key				2.8	M	19	ZeroCERT

10	2021-05-25 09:31	ACC.exe 1b566412e52165a3ef457cc7dd0ecfba AsyncRAT backdoor PWS .NET framework Malicious Library Escalate priviledges AntiDebug AntiVM .NET EXE PE File PE32 Browser Info Stealer VirusTotal Malware powershell AutoRuns PDB suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted Creates shortcut Creates executable files unpack itself Windows utilities Disables Windows Security powershell.exe wrote Check virtual network interfaces suspicious process WriteConsoleW shadowcopy delete Ransomware Windows Browser ComputerName DNS Cryptographic key	1 Keyword trend analysis	1		19.4	M	26	ZeroCERT

11	2021-05-15 18:38	origin-07.exe 6d56768ebd66a316d4319b603afbae85 AsyncRAT backdoor Malicious Library AntiDebug AntiVM .NET EXE PE File PE32 VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself Windows Cryptographic key				7.4	M	25	guest

12	2021-05-15 18:35	xele-07.exe 6d56768ebd66a316d4319b603afbae85 AsyncRAT backdoor Malicious Library AntiDebug AntiVM .NET EXE PE File PE32 VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself Windows Cryptographic key				7.4	M	25	ZeroCERT