popup

Submissions

No Date Request Urls Hosts IDS Rule Score Zero VT Player Etc
15436 2021-11-16 11:07 Loader_90563_1.dll  

bc3532085a0b4febd9eed51aac2180d0


Emotet Malicious Packer Malicious Library UPX PE File OS Processor Check PE32 DLL Dridex TrickBot VirusTotal Malware Report Check memory Checks debugger unpack itself sandbox evasion Kovter ComputerName Remote Code Execution DNS 		20 5 5.4 22 ZeroCERT

15437 2021-11-16 13:34 asdfg.exe  

6966182dd20351152ea815d31e735067


PWS Loki[b] Loki.m RAT Gen1 Generic Malware UPX Malicious Library Malicious Packer Socket DNS Internet API HTTP KeyLogger ScreenShot Http API Steal credential AntiDebug AntiVM PE File PE32 .NET EXE OS Processor Check DLL JPEG Format Browser Info Stealer Malware download Vidar VirusTotal Email Client Info Stealer Malware Cryptocurrency wallets Cryptocurrency suspicious privilege MachineGuid Code Injection Malicious Traffic Check memory Checks debugger buffers extracted WMI Creates executable files ICMP traffic unpack itself Windows utilities Collect installed applications suspicious process AppData folder malicious URLs WriteConsoleW anti-virtualization installed browsers check Tofsee OskiStealer Stealer Windows Chrome Browser Email ComputerName DNS Cryptographic key crashed Password 		12 10 8 2 22.8 42 guest

15438 2021-11-16 13:41 bird.png  

0229f8f8d584db985b35dd57661f94bd


Gen2 UPX PE File OS Processor Check PE32 Remote Code Execution 		0.6 guest

15439 2021-11-16 13:46 f2_f.exe  

2855945a6869f6118a4a0bf2c88fd40b


Lazarus Family Themida Packer Malicious Library UPX PE File PE32 .NET EXE Browser Info Stealer FTP Client Info Stealer VirusTotal Malware suspicious privilege Malicious Traffic Check memory Checks debugger buffers extracted unpack itself Checks Bios Collect installed applications Detects VMWare Check virtual network interfaces VMware anti-virtualization installed browsers check Tofsee Windows Browser ComputerName Firmware DNS Cryptographic key Software crashed 		2 3 1 1 10.6 30 guest

15440 2021-11-16 15:45 asu.pcapng  

26a97d9cac81cdcbdb0c6114a39ebc29


AntiDebug AntiVM Email Client Info Stealer suspicious privilege Checks debugger Creates shortcut unpack itself installed browsers check Browser Email ComputerName 		3.4 guest

15441 2021-11-16 15:45 asu.pcapng  

26a97d9cac81cdcbdb0c6114a39ebc29


AntiDebug AntiVM Email Client Info Stealer suspicious privilege Checks debugger Creates shortcut unpack itself AntiVM_Disk VM Disk Size Check installed browsers check Browser Email ComputerName 		3.8 guest

15442 2021-11-16 15:45 asu.pcapng  

26a97d9cac81cdcbdb0c6114a39ebc29


AntiDebug AntiVM Email Client Info Stealer suspicious privilege Checks debugger Creates shortcut unpack itself installed browsers check Browser Email ComputerName 		3.4 guest

15443 2021-11-16 15:46 asu.pcapng  

26a97d9cac81cdcbdb0c6114a39ebc29


AntiDebug AntiVM Email Client Info Stealer suspicious privilege Checks debugger Creates shortcut unpack itself installed browsers check Browser Email ComputerName 		3.4 guest

15444 2021-11-16 15:47 asu.pcapng  

26a97d9cac81cdcbdb0c6114a39ebc29


AntiDebug AntiVM Email Client Info Stealer suspicious privilege Checks debugger Creates shortcut unpack itself installed browsers check Browser Email ComputerName 		3.4 guest

15445 2021-11-16 17:30 f2_f.exe  

2855945a6869f6118a4a0bf2c88fd40b


Lazarus Family Themida Packer Malicious Library UPX PE File PE32 .NET EXE Browser Info Stealer FTP Client Info Stealer VirusTotal Malware suspicious privilege Malicious Traffic Check memory Checks debugger buffers extracted unpack itself Checks Bios Collect installed applications Detects VMWare Check virtual network interfaces VMware anti-virtualization installed browsers check Tofsee Windows Browser ComputerName Firmware DNS Cryptographic key Software crashed 		2 3 1 1 10.6 30 guest

15446 2021-11-16 17:44 2267_1636828447_4225.exe  

0f9d1f2e3aaad601bb95a039b0aedcfb


Malicious Library UPX PE File OS Processor Check PE32 VirusTotal Malware PDB unpack itself 		2.2 52 guest

15447 2021-11-16 17:47 uk.exe  

e0d0f69523666930260d57f7a5484038


PWS .NET framework Generic Malware SMTP KeyLogger AntiDebug AntiVM PE File PE32 .NET EXE VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself Windows ComputerName crashed 		9.2 44 guest

15448 2021-11-16 21:50 Google_Play_Services_for_AR_1....  

08bff897795dfb4a6d5145849620f3ec

 guest

15449 2021-11-16 21:50 Google_Play_Services_for_AR_1....  

08bff897795dfb4a6d5145849620f3ec

 guest

15450 2021-11-16 21:50 Google_Play_Services_for_AR_1....  

08bff897795dfb4a6d5145849620f3ec

 guest

keyword