Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Score	Zero	VT	Player
1	2021-09-16 18:35	enquiry_00207301020785png.exe 61095557481992f46fb393bbdbec000a RAT Generic Malware AntiDebug AntiVM PE File OS Processor Check .NET EXE PE32 VirusTotal Malware Buffer PE AutoRuns suspicious privilege Code Injection Check memory Checks debugger buffers extracted WMI RWX flags setting unpack itself Windows utilities suspicious process WriteConsoleW Windows ComputerName crashed				11.0	M	19	ZeroCERT

2	2021-09-16 18:29	Enquiry_101352001209png.exe 334a47ca828db802167c63cd913c4ce7 RAT Generic Malware Malicious Library AntiDebug AntiVM PE File OS Processor Check .NET EXE PE32 VirusTotal Malware Buffer PE suspicious privilege Code Injection Check memory Checks debugger buffers extracted WMI RWX flags setting unpack itself Check virtual network interfaces ComputerName crashed				9.8	M	34	ZeroCERT

3	2021-09-16 18:27	remcoss.exe 0764105d28b8e3faae82e41a48f29577 AgentTesla RAT browser info stealer Generic Malware Google Chrome User Data Socket Create Service Sniff Audio Escalate priviledges KeyLogger Code injection Downloader AntiDebug AntiVM PE File .NET EXE PE32 VirusTotal Malware AutoRuns suspicious privilege Code Injection Check memory Checks debugger buffers extracted Creates executable files unpack itself Windows utilities suspicious process WriteConsoleW Windows ComputerName DNS		1		15.2		26	ZeroCERT

4	2021-09-16 09:10	bin-cryp.exe 9284392fd96b31b3de8d8f664de3f0e4 RAT Generic Malware AntiDebug AntiVM PE File .NET EXE PE32 FormBook Malware download VirusTotal Malware AutoRuns suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted unpack itself Windows utilities Check virtual network interfaces suspicious process WriteConsoleW Windows ComputerName crashed	3 Keyword trend analysis Info http://www.onlinerebatemall.com/o4ms/?u6A4=gFQ+ciLkE5Z1S7D9OhG/KANV+JSdTQrsf9AAR45hxpePRgM4urIE8jUlJhoPIjq1GNDHwPLL&9rQl7P=xPJtLXbP http://www.volumoffer.com/o4ms/?u6A4=h0qubclW2kzKBq61RQIUyfrMkUsqN2VMbcGCSm/T8IcZhsXNFa3gOU612ICt26A+KJvdm553&9rQl7P=xPJtLXbP http://www.koastedco.com/o4ms/?u6A4=kpfZVFpFCoA1Iph0OeOo01hbJYenSCEdsAy0dmrvmyLfsJYleCVwDmASjPeXLBEKHgvpoIKI&9rQl7P=xPJtLXbP	8	1	11.4	M	25	ZeroCERT

5	2021-09-16 09:07	Enquiry_633772886png.exe 3e59fa59bd61e4fd87d179b719b21862 RAT Generic Malware AntiDebug AntiVM PE File .NET EXE PE32 VirusTotal Malware Buffer PE suspicious privilege Code Injection Check memory Checks debugger buffers extracted WMI RWX flags setting unpack itself Check virtual network interfaces ComputerName crashed				9.4	M	15	ZeroCERT

6	2021-09-16 08:58	enquiry_6307300022png.exe e552183d16e0d6629c88a4a163d266fc RAT Generic Malware AntiDebug AntiVM PE File .NET EXE PE32 VirusTotal Malware Buffer PE AutoRuns suspicious privilege Code Injection Check memory Checks debugger buffers extracted WMI RWX flags setting unpack itself Windows utilities Check virtual network interfaces suspicious process WriteConsoleW Windows ComputerName crashed				11.2		23	ZeroCERT