Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Rule	Score	Zero	VT	Player
2011	2024-07-23 07:46	Set-up.exe 5e5cfcf7fc4abf0b0b887d2e6784f4d3 Generic Malware Admin Tool (Sysinternals etc ...) UPX PE File PE32 Browser Info Stealer Malware download Malware Malicious Traffic Check memory buffers extracted Collect installed applications suspicious TLD anti-virtualization installed browsers check CryptBot Browser ComputerName DNS	1 Keyword trend analysis	2	3		5.0			ZeroCERT

2012	2024-07-23 07:42	file200h.exe 5cc9482bfa632c0f5bdc71c9e3d9e123 Generic Malware Malicious Library Malicious Packer Antivirus UPX AntiDebug AntiVM PE File PE64 OS Processor Check PE32 Malware download Malware powershell AutoRuns suspicious privilege MachineGuid Code Injection Malicious Traffic Check memory Checks debugger buffers extracted Creates shortcut Creates executable files unpack itself powershell.exe wrote Check virtual network interfaces suspicious process AppData folder malicious URLs suspicious TLD Tofsee Windows ComputerName Remote Code Execution Trojan DNS Cryptographic key	4 Keyword trend analysis	8	7 Info ET DNS Query for .su TLD (Soviet Union) Often Malware Related SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) ET MALWARE Single char EXE direct download likely trojan (multiple families) ET INFO Executable Served From /tmp/ Directory - Malware Hosting Behaviour ET INFO Packed Executable Download ET POLICY PE EXE or DLL Windows file download HTTP ET INFO Executable Retrieved With Minimal HTTP Headers - Potential Second Stage Download	2	11.4	M		ZeroCERT

2013	2024-07-23 07:40	223.exe ef60acf75c0376b0b966fa79c0eb3b7b Generic Malware Downloader Malicious Library UPX Create Service Socket DGA Http API ScreenShot Escalate priviledges Steal credential PWS Hijack Network Sniff Audio HTTP DNS Code injection Internet API persistence FTP KeyLogger P2P AntiDebug AntiVM PE File suspicious privilege Code Injection Check memory Checks debugger WMI Creates executable files unpack itself Windows utilities suspicious process AppData folder malicious URLs WriteConsoleW Windows ComputerName					6.0			ZeroCERT

2014	2024-07-23 07:38	215.exe 5824dfdc189116156a9619a5af980de4 Emotet Generic Malware Malicious Library Malicious Packer UPX PE File ftp PE32 OS Processor Check PNG Format Malware PDB Malicious Traffic Check memory unpack itself Tofsee ComputerName Remote Code Execution DNS	1 Keyword trend analysis	3	1		4.4			ZeroCERT

2015	2024-07-22 17:54	File.exe e299e50bda0214f3f8c8bc4931300be4 Emotet Hide_EXE Malicious Library Anti_VM PE File PE64 VirusTotal Malware Check memory Checks debugger unpack itself WriteConsoleW					2.2	M	28	ZeroCERT

2016	2024-07-22 17:52	Botkiller.exe a668cb93c16026b6ee15b96dbd13d64f njRAT backdoor Malicious Library PE File .NET EXE PE32 VirusTotal Malware suspicious privilege Checks debugger WMI Creates shortcut Creates executable files unpack itself Windows utilities suspicious process AppData folder WriteConsoleW Windows ComputerName DNS		1			8.2	M	55	ZeroCERT

2017	2024-07-22 17:50	deepweb.exe 478d0787cddfa1a31e3480d1612c91b7 Generic Malware Malicious Library Malicious Packer UPX DllRegisterServer dll PE File PE64 OS Processor Check VirusTotal Malware					1.0		30	ZeroCERT

2018	2024-07-22 17:48	Client-built.exe e0bd71734fc197f5d445a0220c946718 Malicious Library .NET framework(MSIL) UPX PE File .NET EXE PE32 OS Processor Check VirusTotal Malware Check memory Checks debugger unpack itself					2.0		54	ZeroCERT

2019	2024-07-22 17:46	Server.exe 5133a39682e9f9c6b6245193d0e71c8a njRAT backdoor Generic Malware PE File .NET EXE PE32 VirusTotal Malware Check memory Checks debugger unpack itself WriteConsoleW					2.6		64	ZeroCERT

2020	2024-07-22 17:45	deepweb2.exe cdcf164d5d8fac1ce015d142cf83e105 Generic Malware Malicious Library UPX PE File PE32 OS Processor Check VirusTotal Malware PDB unpack itself crashed					2.4		49	ZeroCERT

2021	2024-07-22 14:26	inject.txt.exe 03bed904291f531fc5381307e361b70f PE File DLL PE64 VirusTotal Malware unpack itself DNS crashed		1	1		3.8	M	53	ZeroCERT

2022	2024-07-22 14:25	win.txt.exe ad49cc932660b3b8ce1460da383b814b UPX PE File DLL PE64 VirusTotal Malware Check memory Checks debugger unpack itself suspicious process crashed					1.8	M	2	ZeroCERT

2023	2024-07-22 13:35	clean.bat 28e0005fbeabc65cb66c81f9ed616b62 Downloader Create Service Socket DGA Http API ScreenShot Escalate priviledges Steal credential PWS Sniff Audio HTTP DNS Code injection Internet API FTP KeyLogger P2P AntiDebug AntiVM Malware download VirusTotal Malware Malicious Traffic Check memory Checks debugger Creates executable files Check virtual network interfaces WriteConsoleW ComputerName Trojan DNS	2 Keyword trend analysis	1	2	1	5.0		3	ZeroCERT

2024	2024-07-22 13:35	attack.jpeg.ps1 2787b74f86388778186aa50c042d2763 Generic Malware Antivirus PE File DLL PE32 .NET DLL VirusTotal Malware powershell Buffer PE AutoRuns suspicious privilege Check memory Checks debugger buffers extracted Creates shortcut Creates executable files unpack itself Windows utilities suspicious process AppData folder WriteConsoleW Windows ComputerName Cryptographic key					9.2	M	3	ZeroCERT

2025	2024-07-22 13:34	archcwbat.ps1 0f057026500cb35b3c3bcf5af8d6c9d8 Generic Malware Antivirus Check memory Creates executable files unpack itself WriteConsoleW Windows Cryptographic key					1.4			ZeroCERT