Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Score	Zero	VT	Player
1	2024-09-17 14:35	setup2.exe 049ffcac0769d5d449839aae7853aaf2 Malicious Library UPX PE File PE32 OS Processor Check VirusTotal Malware unpack itself				2.0	M	35	ZeroCERT

2	2024-09-17 14:34	66e5f96b41510_GageEpa.exe#111u... 43044a8822f069feddd9c02fe36d8517 Generic Malware Downloader Malicious Library UPX Create Service Socket DGA Http API ScreenShot Escalate priviledges Steal credential PWS Hijack Network Sniff Audio HTTP DNS Code injection Internet API persistence FTP KeyLogger P2P AntiDebug AntiVM PE File VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger WMI Creates executable files unpack itself Windows utilities suspicious process AppData folder malicious URLs sandbox evasion WriteConsoleW Windows ComputerName				7.4	M	30	ZeroCERT

3	2024-09-17 14:34	ueu7.exe 3f96ae0cd28b2a63dee0fdcd2105d8a2 PE File .NET EXE PE32 VirusTotal Malware PDB Check memory Checks debugger unpack itself ComputerName				2.4	M	57	ZeroCERT

4	2024-09-17 14:31	Ghost_0x000263826B9A9B91.exe 11df28c910c9d9127a7e7054e9cadf1f UPX PE File PE64 OS Processor Check VirusTotal Malware crashed				1.4	M	43	ZeroCERT

5	2024-09-17 14:30	66c62b70f281e_tz4j.exe 9fb83bee6ff97065c498f48fc094f848 HermeticWiper PhysicalDrive Generic Malware Malicious Library Malicious Packer Antivirus UPX PE File ftp PE64 OS Processor Check VirusTotal Malware PDB Creates executable files unpack itself ComputerName crashed				4.2	M	49	ZeroCERT

6	2024-09-17 14:29	Client_protected.exe 19574d1c471ceaa99d0d05321e7beba4 Generic Malware UPX Anti_VM PE File .NET EXE PE32 VirusTotal Malware				1.8	M	58	ZeroCERT

7	2024-09-17 14:27	install_lodop32.exe cee0d7092ec83373078d0045a0c74c40 PE File PE32 MZP Format DLL DllRegisterServer dll Browser Info Stealer VirusTotal Malware Creates executable files unpack itself sandbox evasion Browser Remote Code Execution DNS crashed		1		6.0	M	21	ZeroCERT

8	2024-09-17 14:26	hq8.exe 0c4ae706774936caeee5ac840f184717 UPX PE File PE32 VirusTotal Malware				1.2	M	58	ZeroCERT

9	2024-09-17 14:26	66df1acad4359_res_out.exe bee899073ade70f17b353c7f1f9e2748 Emotet Generic Malware Malicious Library Malicious Packer Antivirus UPX PE File PE32 OS Processor Check VirusTotal Malware Buffer PE AutoRuns PDB Code Injection Malicious Traffic buffers extracted Creates executable files unpack itself Windows DNS	3 Keyword trend analysis	1	3	8.8	M	46	ZeroCERT

10	2024-09-17 14:24	yqy2.exe 243060d6f56395aa66e64418b9d299b1 ScreenShot AntiDebug AntiVM PE File .NET EXE PE32 VirusTotal Malware PDB Code Injection Malicious Traffic Check memory Checks debugger buffers extracted unpack itself Check virtual network interfaces Windows DNS		1	5 Info ET DROP Spamhaus DROP Listed Traffic Inbound group 23 ET INFO Executable Download from dotted-quad Host ET POLICY PE EXE or DLL Windows file download HTTP ET INFO Executable Retrieved With Minimal HTTP Headers - Potential Second Stage Download ET HUNTING SUSPICIOUS Dotted Quad Host MZ Response	10.0	M	55	ZeroCERT

11	2024-09-17 14:23	66e6ea133c92f_crypted.exe#xin ba0dc71d562da0d40e7f409502daa9e0 RedLine stealer Antivirus PWS AntiDebug AntiVM PE File .NET EXE PE32 VirusTotal Malware PDB Code Injection Check memory Checks debugger buffers extracted unpack itself WriteConsoleW DNS		1		8.8	M	52	ZeroCERT

12	2024-09-17 14:23	HVNC1.exe 2e1da3b03de67089bb9b8ffdf7e1c7a9 PE File PE64 VirusTotal Malware suspicious privilege MachineGuid Check memory Checks debugger buffers extracted unpack itself Windows Cryptographic key				3.6	M	52	ZeroCERT

13	2024-09-17 14:21	66c45b187f9fb_RobertsonGlory.e... 126fe36209cb4c46477e6d7aa4f3fe56 Generic Malware Suspicious_Script_Bin Downloader Malicious Library UPX Create Service Socket DGA Http API ScreenShot Escalate priviledges Steal credential PWS Hijack Network Sniff Audio HTTP DNS Code injection Internet API persistence FTP KeyLogger P2P An VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger WMI Creates executable files unpack itself Windows utilities suspicious process AppData folder malicious URLs WriteConsoleW Windows ComputerName				7.2	M	50	ZeroCERT

14	2024-09-17 14:21	66ddda1c094df_crypted.exe e9deb7173dd4403cec8829bb1eb1705a RedLine stealer Antivirus ScreenShot PWS AntiDebug AntiVM PE File .NET EXE PE32 VirusTotal Malware PDB Code Injection Check memory Checks debugger buffers extracted unpack itself Windows DNS Cryptographic key		1		11.2	M	56	ZeroCERT

15	2024-09-17 14:18	66e3f637943fb_xin1.exe dc0d22b7133699183da35835f6dc4d1b RedLine stealer Antivirus PWS AntiDebug AntiVM PE File .NET EXE PE32 VirusTotal Malware PDB Code Injection Check memory Checks debugger buffers extracted unpack itself DNS		1		8.6	M	58	ZeroCERT