Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Score	Zero	VT	Player
18001	2023-05-06 12:05	RegSvcs.exe b90ce0d39f5d8da6f160920f5e873c36 PWS .NET framework RAT UPX Confuser .NET OS Processor Check .NET EXE PE32 PE File Browser Info Stealer FTP Client Info Stealer suspicious privilege Check memory Checks debugger buffers extracted unpack itself Collect installed applications installed browsers check Windows Browser ComputerName DNS Cryptographic key Software crashed		1		5.0			ZeroCERT

18002	2023-05-06 12:03	ostaj2.1.exe c544c36f9031c1c13c9444edc245f55f NSIS UPX Malicious Library PE32 PE File DLL Malware download AveMaria NetWireRC VirusTotal Malware AutoRuns MachineGuid Check memory Creates executable files unpack itself AppData folder Windows RAT ComputerName DNS DDNS keylogger		2	4	5.4	M	41	ZeroCERT

18003	2023-05-06 12:02	Had.exe d1be65b8aec1db2ee0d98b686b8749fa Malicious Library PE64 PE File VirusTotal Malware MachineGuid Check memory Checks debugger unpack itself DNS		1		2.8		29	ZeroCERT

18004	2023-05-06 12:01	malwr.exe c2db1e38863cc1bd9fefc90a7d9ae083 Generic Malware UPX Malicious Packer Malicious Library PE64 PE File VirusTotal Malware WriteConsoleW Ransomware				2.6	M	14	ZeroCERT

18005	2023-05-06 12:00	WSearch136Estcott.exe 7fd2d4cf90f09e3c742766b2788e8a1f RAT NSIS Generic Malware UPX Malicious Library AntiDebug AntiVM PE32 PE File PNG Format OS Processor Check DLL .NET DLL .NET EXE MSOffice File JPEG Format VirusTotal Malware AutoRuns MachineGuid Code Injection Check memory Checks debugger buffers extracted Creates executable files RWX flags setting exploit crash unpack itself Windows utilities Disables Windows Security Check virtual network interfaces AppData folder Tofsee Interception Windows Exploit Browser DNS Cryptographic key crashed		4	2	11.2	M	33	ZeroCERT

18006	2023-05-06 11:59	miner.exe c6808ca5fac7b8bc9fd63a1c381e7872 PE64 PE File VirusTotal Malware Check memory Checks debugger unpack itself				2.4	M	50	ZeroCERT

18007	2023-05-06 11:57	Mglf.js 45eac67359c6b58b731a4680108ed5cc Generic Malware Antivirus AntiDebug AntiVM PowerShell suspicious privilege Code Injection Check memory Checks debugger Creates shortcut unpack itself suspicious process Windows ComputerName Cryptographic key	3 Keyword trend analysis			5.6			ZeroCERT

18008	2023-05-06 11:57	Oype.js af495d9a71b634dc1ca0996153c448e1 Generic Malware Antivirus AntiDebug AntiVM PowerShell powershell suspicious privilege Code Injection Check memory Checks debugger Creates shortcut unpack itself suspicious process Windows ComputerName Cryptographic key	3 Keyword trend analysis			5.6			ZeroCERT

18009	2023-05-06 11:56	Goncymkg.js 65db457d6e164827bc8a1eb7d369c358 Generic Malware Antivirus AntiDebug AntiVM PowerShell powershell suspicious privilege Code Injection Check memory Checks debugger Creates shortcut unpack itself suspicious process Windows ComputerName Cryptographic key	3 Keyword trend analysis			5.6			ZeroCERT

18010	2023-05-06 11:55	vbc.exe 3f7fb7ea38ef370de09b4b709d07e0e8 Formbook PWS .NET framework PWS[m] AntiDebug AntiVM .NET EXE PE32 PE File FormBook Malware download VirusTotal Malware PDB suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted unpack itself	2 Keyword trend analysis	4	1	8.6		42	ZeroCERT

18011	2023-05-05 08:16	Qt.js 9e4de536baa6f12b1787e712c2f33180 Generic Malware Antivirus AntiDebug AntiVM PowerShell powershell suspicious privilege Code Injection Check memory Checks debugger Creates shortcut unpack itself suspicious process Windows ComputerName Cryptographic key				5.6			ZeroCERT

18012	2023-05-05 07:40	LAPTOP-VLS847B3-20230501-1200.... 7c511160abd28b9bf293c1e07079fe75 ScreenShot AntiDebug AntiVM Check memory unpack itself				1.0			guest

18013	2023-05-05 07:29	LAPTOP-VLS847B3-20230501-0400.... 987cccf64ea368264185e45ec82d77a2 ScreenShot AntiDebug AntiVM Check memory unpack itself				1.0			guest

18014	2023-05-05 07:18	TS_32C8.tmp 655250984b2e7b8e3be053a631710019 AntiDebug AntiVM icon Email Client Info Stealer suspicious privilege Code Injection Checks debugger Creates shortcut unpack itself installed browsers check Browser Email ComputerName				4.0			guest

18015	2023-05-05 07:17	{54235D70-18D0-41D4-B34B-D968F... d41d8cd98f00b204e9800998ecf8427e AntiDebug AntiVM Email Client Info Stealer suspicious privilege Checks debugger Creates shortcut unpack itself installed browsers check Browser Email ComputerName				3.4			guest