Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Score	Zero	VT	Player
15076	2023-03-07 15:32	Cliente.url 6bbce3224d51716918724a26773d1568 AntiDebug AntiVM MSOffice File VirusTotal Malware Code Injection RWX flags setting exploit crash unpack itself Windows utilities Tofsee Windows Exploit DNS crashed	1 Keyword trend analysis	1	2	5.8		2	ZeroCERT

15077	2023-03-07 14:23	s1.bin f2828ba07465ddb78784df30bf90b76f Malicious Library Anti_VM OS Processor Check crashed				0.2			guest

15078	2023-03-07 14:01	Servizi.url f7f200f9159e911f84ae40e1a0c4e745 AntiDebug AntiVM MSOffice File VirusTotal Malware Code Injection RWX flags setting exploit crash unpack itself Windows utilities Tofsee Windows Exploit DNS crashed	1 Keyword trend analysis	1	2	5.8		2	ZeroCERT

15079	2023-03-07 10:52	Launcher.scr 4e32c1ae7807c0a82e3b68b6791345fc RedLine stealer[m] Malicious Library UPX AntiDebug AntiVM OS Processor Check PE File PE32 Buffer PE Code Injection Check memory Checks debugger buffers extracted unpack itself Windows DNS Cryptographic key		1		8.0			ZeroCERT

15080	2023-03-07 10:01	Attachment-GAKND(28).js 097dd5c5e9df7e83a46ef98a0e4c97cc Generic Malware Antivirus Escalate priviledges AntiDebug AntiVM PowerShell powershell suspicious privilege Code Injection Check memory Checks debugger Creates shortcut unpack itself Windows utilities suspicious process WriteConsoleW Windows ComputerName Cryptographic key crashed	1 Keyword trend analysis			7.0			ZeroCERT

15081	2023-03-07 10:00	Attachment-Cc(731).js 4d6f207abc312202cfe05848020bfc91 Generic Malware Antivirus Escalate priviledges AntiDebug AntiVM PowerShell powershell suspicious privilege Code Injection Check memory Checks debugger Creates shortcut unpack itself Windows utilities suspicious process WriteConsoleW Windows ComputerName Cryptographic key crashed	1 Keyword trend analysis			7.0			ZeroCERT

15082	2023-03-07 10:00	KJH.exe 9fe11f84460abd22cc955530ca89cf8c AgentTesla PWS[m] browser info stealer Google Chrome User Data Downloader Create Service Socket DNS Internet API Sniff Audio KeyLogger Escalate priviledges AntiDebug AntiVM .NET EXE PE File PE32 Remcos VirusTotal Malware AutoRuns suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted Creates executable files unpack itself suspicious process Windows DNS DDNS crashed keylogger	1 Keyword trend analysis	4	2	14.8	M	35	ZeroCERT

15083	2023-03-07 09:57	curriculum_vitae-copie.vbs 5e175b3bb3d8dc97174238b3f620992c VirusTotal Malware VBScript wscript.exe payload download Tofsee crashed Dropper	1 Keyword trend analysis	2	2	10.0		1	ZeroCERT

15084	2023-03-07 09:55	vbc.exe fa09ac9744cb561fc7e626102cd56932 PWS[m] PWS .NET framework RAT Generic Malware UPX Antivirus SMTP KeyLogger AntiDebug AntiVM OS Processor Check .NET EXE PE File PE32 Browser Info Stealer Malware download FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware PDB suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted Creates shortcut unpack itself Check virtual network interfaces suspicious process IP Check Windows Browser Email ComputerName DNS Cryptographic key DDNS Software crashed keylogger	2 Keyword trend analysis	3	5	15.4	M	23	ZeroCERT

15085	2023-03-07 09:53	vbc.exe fc7405792929990276c6c16585272006 PWS .NET framework RAT UPX .NET EXE PE File PE32 VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself Windows Cryptographic key				5.8	M	36	ZeroCERT

15086	2023-03-07 09:53	renamethis.txt.ps1 ecb48560211841c38e3c2275d42c6f3f Generic Malware Antivirus VirusTotal Malware powershell suspicious privilege Check memory Checks debugger Creates shortcut unpack itself powershell.exe wrote Check virtual network interfaces suspicious process WriteConsoleW Tofsee Windows ComputerName Cryptographic key	2 Keyword trend analysis	2	1	9.0		13	ZeroCERT

15087	2023-03-07 09:51	kdnfkjs.sfx.exe a8a6182341c07e476d3b2e4ae24fbb14 RAT Confuser .NET UPX AntiDebug AntiVM .NET EXE PE File PE32 VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger unpack itself				6.6	M	47	ZeroCERT

15088	2023-03-07 09:49	cronoupdater.exe f86b847a4d6112ee7e79510353e3a001 RAT UPX Admin Tool (Sysinternals etc ...) .NET EXE PE File PE32 VirusTotal Malware PDB Malicious Traffic Check memory Checks debugger buffers extracted Creates executable files ICMP traffic unpack itself Windows utilities Check virtual network interfaces suspicious process AppData folder Windows ComputerName	3 Keyword trend analysis	2	4	9.4	M	35	ZeroCERT

15089	2023-03-07 09:48	svc.exe 60b55a03146e3388672a9578fa5626a9 Malicious Library UPX OS Processor Check PE File PE32 VirusTotal Malware unpack itself				2.0	M	51	ZeroCERT

15090	2023-03-07 09:47	btc.exe 82f5467cabc16c8d60c5562457a98aa6 PWS[m] PWS .NET framework RAT Emotet Generic Malware UPX Antivirus SMTP KeyLogger AntiDebug AntiVM .NET EXE PE File PE32 Browser Info Stealer Malware download FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted Creates shortcut unpack itself Check virtual network interfaces suspicious process IP Check Windows Browser Email ComputerName DNS Cryptographic key DDNS Software crashed keylogger	2 Keyword trend analysis	3	5	15.8	M	7	ZeroCERT