Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Score	Zero	VT	Player
1	2024-05-31 07:49	ADServices.exe 0c2564813f2b9fc088cfb6938214d3cb Malicious Library PE File .NET EXE PE32 VirusTotal Malware Check memory Checks debugger unpack itself crashed				2.2	M	60	ZeroCERT

2	2023-10-19 09:56	oneone.js.exe 7099a939fa30d939ccceb2f0597b19ed PE File PE32 .NET EXE VirusTotal Malware PDB Check memory Checks debugger unpack itself ComputerName				2.6	M	56	ZeroCERT

3	2023-04-22 10:40	Server.exe e90e802ff8697b809263ff71ad5e137a .NET EXE PE32 PE File Check memory Checks debugger unpack itself crashed				1.0			guest

4	2023-04-22 10:39	Server.exe e0f1b2b1bbce9d999e19602d85a52cb7 .NET EXE PE32 PE File Check memory Checks debugger unpack itself crashed				1.0			guest

5	2022-12-09 15:15	vbc.exe 7e26a65502e428460a76d8268a420ade RAT PE32 .NET EXE PE File VirusTotal Malware Malicious Traffic Check memory Checks debugger buffers extracted unpack itself Check virtual network interfaces ComputerName	1 Keyword trend analysis	2		3.6	M	30	ZeroCERT

6	2022-12-09 15:13	vbc.exe 1e063b3d9cc7a483c1b7cce5585f29f6 RAT PE32 .NET EXE PE File VirusTotal Malware Malicious Traffic Check memory Checks debugger buffers extracted unpack itself Check virtual network interfaces ComputerName	1 Keyword trend analysis	2		3.6	M	36	ZeroCERT

7	2022-12-08 09:56	vbc.exe b1171241b48005c847a23c77234243a5 RAT PE32 .NET EXE PE File VirusTotal Malware Malicious Traffic Check memory Checks debugger buffers extracted unpack itself Check virtual network interfaces ComputerName	1 Keyword trend analysis	2	1	3.8	M	42	ZeroCERT

8	2022-08-23 11:46	rPGGByeYLLNwbJK.exe 701664573b29574a7d73deb94d2166bb Generic Malware UPX Admin Tool (Sysinternals etc ...) PE32 PE File .NET EXE					M		ZeroCERT

9	2022-08-23 10:25	ZfYnTDGwGgXECBk.exe 241e7ae75a360cd4a76e48d4d5f7a2c2 Generic Malware UPX Admin Tool (Sysinternals etc ...) PE32 PE File .NET EXE					M		ZeroCERT

10	2022-07-16 09:40	vbc.exe 5d97dfbfcb848f45966eef46268409fb RAT Generic Malware Antivirus PE32 .NET EXE PE File VirusTotal Malware powershell suspicious privilege Malicious Traffic Check memory Checks debugger buffers extracted WMI Creates shortcut unpack itself powershell.exe wrote Check virtual network interfaces suspicious process AppData folder Windows ComputerName Cryptographic key	1 Keyword trend analysis	2		7.2	M	35	ZeroCERT

11	2022-03-09 12:16	vbc.exe a0d1e6b7a565c9ab7acaa45bf5c9bb63 RAT PWS .NET framework AntiDebug AntiVM PE File .NET EXE PE32 VirusTotal Malware AutoRuns suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted unpack itself Check virtual network interfaces Windows ComputerName Cryptographic key crashed	1 Keyword trend analysis	2		9.6	M	17	ZeroCERT

12	2022-01-04 09:52	vbc.exe af4b309cb62dde6525aacc49e7e0d62d PWS Loki[b] Loki.m RAT .NET framework Generic Malware Antivirus DNS AntiDebug AntiVM PE File PE32 .NET EXE Browser Info Stealer LokiBot Malware download FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware c&c powershell suspicious privilege MachineGuid Code Injection Malicious Traffic Check memory Checks debugger buffers extracted Creates shortcut unpack itself Windows utilities powershell.exe wrote Check virtual network interfaces suspicious process malicious URLs WriteConsoleW installed browsers check Tofsee Windows Browser Email ComputerName DNS Cryptographic key Software crashed	2 Keyword trend analysis	3	8 Info SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) ET MALWARE LokiBot User-Agent (Charon/Inferno) ET MALWARE LokiBot Checkin ET MALWARE LokiBot Application/Credential Data Exfiltration Detected M1 ET MALWARE LokiBot Application/Credential Data Exfiltration Detected M2 ET MALWARE LokiBot Request for C2 Commands Detected M1 ET MALWARE LokiBot Request for C2 Commands Detected M2 ET MALWARE LokiBot Fake 404 Response	17.2	M	22	ZeroCERT