Submissions

No Date Request Urls Hosts IDS Rule Score Zero VT Player Etc
15106 2023-03-06 09:58 fudpgk.hta.html  

e04b070bac40abf5159244c3cdfcba11


AntiDebug AntiVM MSOffice File VirusTotal Malware Code Injection RWX flags setting exploit crash unpack itself Windows utilities Tofsee Windows Exploit DNS crashed
2 4.4 14 ZeroCERT

15107 2023-03-06 09:49 blue32_c.exe  

f74f38976fb53d18f9ac2d912620c52f


Hide_EXE Generic Malware Antivirus AntiDebug AntiVM .NET EXE PE32 PE File VirusTotal Malware powershell AutoRuns suspicious privilege Code Injection Check memory Checks debugger buffers extracted Creates shortcut unpack itself powershell.exe wrote suspicious process Windows ComputerName Cryptographic key crashed
10.6 M 52 ZeroCERT

15108 2023-03-06 09:49 cacert.exe  

47ca254d94b8ba124ba8a3fdb4a52653


UPX Malicious Library AntiDebug AntiVM OS Processor Check PE32 PE File PE64 Malware download Cobalt Strike Cobalt VirusTotal Malware PDB Code Injection Checks debugger Creates executable files RWX flags setting unpack itself ComputerName Remote Code Execution DNS
1 1 1 6.2 52 ZeroCERT

15109 2023-03-06 09:46 nik0300.exe  

646f9a44ad9c8719b45951a29f8d3c6d


Gen2 UPX Malicious Library Malicious Packer OS Processor Check PE32 PE File DLL VirusTotal Malware Check memory Checks debugger buffers extracted Creates executable files unpack itself AppData folder IP Check Tofsee
2 6 2 6.0 M 53 ZeroCERT

15110 2023-03-06 09:46 serko4.exe  

574653547a5e36e4be1866e522ac6c10


Gen1 Emotet UPX Malicious Library CAB PE32 PE File Browser Info Stealer FTP Client Info Stealer AutoRuns PDB suspicious privilege MachineGuid Check memory Checks debugger buffers extracted WMI Creates executable files unpack itself Disables Windows Security Collect installed applications AntiVM_Disk VM Disk Size Check installed browsers check Windows Update Browser ComputerName Remote Code Execution DNS Cryptographic key Software crashed
1 10.6 ZeroCERT

15111 2023-03-06 09:44 vbc.exe  

10719af09de2df1eab59c94c0123bc97


UPX Malicious Library OS Processor Check PE32 PE File VirusTotal Malware PDB unpack itself Remote Code Execution
2.0 44 ZeroCERT

15112 2023-03-06 09:43 106.exe  

c3b975941fbb27386657f9cdec4dd02b


Gen1 Gen2 Malicious Library UPX Malicious Packer PE32 PE File OS Processor Check DLL Browser Info Stealer Malware download VirusTotal Malware RecordBreaker MachineGuid Malicious Traffic Check memory Creates executable files unpack itself Collect installed applications AppData folder installed browsers check Stealer Windows Browser DNS crashed
9 1 5 7.4 17 ZeroCERT

15113 2023-03-06 09:35 esp.exe  

af46c0772ef6c5378f13502c1ee065cc


UPX Admin Tool (Sysinternals etc ...) OS Processor Check PE32 PE File VirusTotal Malware PDB
1.2 M 31 ZeroCERT

15114 2023-03-05 18:02 phone-to-name.kvcache  

0e08f83592fb86c04631c67ad4c26f66


AntiDebug AntiVM Email Client Info Stealer suspicious privilege Checks debugger Creates shortcut unpack itself installed browsers check Windows Browser Email ComputerName keylogger
4.0 BRY

15115 2023-03-05 16:59 C86954DA-A0EC-45C2-9654-1C03EC...  

dc32b4116b811ce50fbe7ac1803b2a98


AntiDebug AntiVM Email Client Info Stealer suspicious privilege Checks debugger Creates shortcut unpack itself installed browsers check Browser Email ComputerName
3.4 BRY

15116 2023-03-05 16:14 A4D2B1EA-33A4-398A-8455-86E681...  

57f67baa080f1153fd4179b5d277da11


AntiDebug AntiVM Email Client Info Stealer suspicious privilege Checks debugger Creates shortcut unpack itself installed browsers check Browser Email ComputerName
3.4 BRY

15117 2023-03-05 14:53 handdiy_6.exe  

18669b21194b03105d0a9145635a1ce6


AgentTesla PWS[m] Gen2 Trojan_PWS_Stealer browser info stealer Credential User Data Generic Malware Google Chrome Downloader Malicious Packer SQLite Cookie UPX Malicious Library Create Service DGA Socket ScreenShot DNS BitCoin Internet API Code Browser Info Stealer VirusTotal Malware suspicious privilege Code Injection Checks debugger WMI Creates executable files exploit crash unpack itself Windows utilities suspicious process malicious URLs WriteConsoleW installed browsers check Tofsee Windows Exploit Browser ComputerName Remote Code Execution DNS crashed
1 4 3 10.4 M 55 ZeroCERT

15118 2023-03-05 14:45 doz.exe  

aaadcfe6655e23c6c263132085d59dbd


UPX Malicious Library OS Processor Check PE32 PE File VirusTotal Malware unpack itself Remote Code Execution DNS
1 2.6 M 31 ZeroCERT

15119 2023-03-05 14:44 narko.exe  

60ac1de311d1482966f12cd720f56e5a


Gen1 Emotet UPX Malicious Library Admin Tool (Sysinternals etc ...) CAB PE32 PE File OS Processor Check DLL Browser Info Stealer Malware download Amadey FTP Client Info Stealer VirusTotal Malware AutoRuns PDB suspicious privilege Malicious Traffic Check memory Checks debugger buffers extracted WMI Creates executable files unpack itself Windows utilities Disables Windows Security Collect installed applications suspicious process AppData folder AntiVM_Disk WriteConsoleW VM Disk Size Check installed browsers check Windows Update Browser ComputerName Remote Code Execution DNS Cryptographic key Software crashed
5 4 6 16.6 M 43 ZeroCERT

15120 2023-03-05 14:43 2201.exe  

0f1f4ce03d9bacf600abf05b4c1d6817


Gen2 Gen1 Malicious Packer UPX Malicious Library PE File PE64 VirusTotal Malware PDB Remote Code Execution
1.0 M 18 ZeroCERT