Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Rule	Score	Zero	VT	Player
196	2024-09-12 13:00	vgew.exe f33b34d0de9bb27980bc99ea468c1181 Stealc Client SW User Data Stealer LokiBot ftp Client info stealer Antivirus Malicious Library Http API PWS HTTP Code injection Internet API AntiDebug AntiVM PE File .NET EXE PE32 FTP Client Info Stealer VirusTotal Malware Telegram PDB MachineGuid Code Injection Malicious Traffic Check memory Checks debugger buffers extracted WMI unpack itself Windows utilities Collect installed applications suspicious process malicious URLs sandbox evasion WriteConsoleW anti-virtualization installed browsers check Tofsee Windows Browser ComputerName DNS Software	1 Keyword trend analysis	6	3	1	16.8	M	39	ZeroCERT

197	2024-09-12 13:00	vtrwh12.exe d264213f54193475ffd0301f7d92639f Stealc Client SW User Data Stealer LokiBot ftp Client info stealer Antivirus Malicious Library Http API PWS HTTP Code injection Internet API AntiDebug AntiVM PE File .NET EXE PE32 FTP Client Info Stealer VirusTotal Malware Telegram PDB MachineGuid Code Injection Malicious Traffic Check memory Checks debugger buffers extracted WMI unpack itself Windows utilities Collect installed applications suspicious process malicious URLs WriteConsoleW anti-virtualization installed browsers check Tofsee Windows Browser ComputerName DNS Software	1 Keyword trend analysis	6	3	1	17.0	M	43	ZeroCERT

198	2024-09-12 12:58	svc.exe ae6112b72845c6a495561783ac5eeffd Malicious Library Admin Tool (Sysinternals etc ...) UPX PE File PE32 OS Processor Check VirusTotal Malware unpack itself Windows Remote Code Execution					3.0	M	37	ZeroCERT

199	2024-09-12 12:58	avoufshire.exe 0ffee13ff36c1cd606d032450deb5ac1 Suspicious_Script_Bin Generic Malware Malicious Library UPX PE File PE32 OS Processor Check VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger WMI Creates executable files unpack itself Windows utilities suspicious process AppData folder WriteConsoleW Windows ComputerName					6.2	M	31	ZeroCERT

200	2024-09-12 12:57	bin.exe 95c51c6dc018281130ce62629f0ad475 Generic Malware Malicious Library UPX PE File PE32 DLL Browser Info Stealer VirusTotal Malware buffers extracted Creates executable files unpack itself AppData folder suspicious TLD Browser DNS	16 Keyword trend analysis Info http://www.zz82x.top/ym8o/ http://www.zz82x.top/ym8o/?2V=0oBut1yNYbWGPCBlgyv3pZVha+opv9VnbBTx5iLcdFvMwA802wT5+eN4s6JX6RPQYa1HVkeDIT7ul87fzWjyS3+9Bl5G+MuIzE/ROIZBkpIpmi83C/mWL5yyeDtdBV6PHeqsO2U=&5N=yBxsewvl1 http://www.lanxuanz.tech/em49/ http://www.coffee-and-blends.info/v35v/ http://www.mayawashfold.net/mtee/?2V=mIo06BHEAes+1ktXaBAtNGKqBpRmqRxWlUKS3fumHCh/F9Apz5MmL+0gaGFLr/u+11M8U18avNpkfr0bp21uUDjReIWSdbsSeAfUqf/zog6+kRphWsZifsnSv92p91nXivHnLMY=&5N=yBxsewvl1 http://www.wcm50.top/sok0/?2V=9nK66fHSoCGrYX5gaK/AO9t7tPQ5/QEti9hRjfn4Wr4e/FiQigglpcmZABT8bPLN/EEfVpiA5WrUcuyZtKi/BBJRI9fYI3SyqgQHC3eDkS3RCCCNVpOtSHUDKdaHP3QuqehRYy8=&5N=yBxsewvl1 http://www.mayawashfold.net/mtee/ http://www.lanxuanz.tech/em49/?2V=vV5RcTk6UjJnp8cFAK/SOuBjTCno8ikmF8l1hdm9JL6NOoivCUbMGww4nWsmekXmD/ydRpWe52eDtuCzDhpXjdrcsjftmH+l+fFtrvvEqEsdx0xgXMMdSTOC4EPGj+TD2I4a44E=&5N=yBxsewvl1 http://www.wcm50.top/sok0/ http://www.sqlite.org/2018/sqlite-dll-win32-x86-3240000.zip http://www.withad.xyz/r0nv/?2V=MbxsL1z6NlMfyEEdZx/ZxPf8EiE8jFH+EotLfQicwl73p/l3IQxOGOCDPbvxx6J9DUF2ANV1DH6MzynBnTYcCPycA1shdY1mvpanTFbxObMy1SnsPVKhvAf5oxTVz0DK2AgMbQQ=&5N=yBxsewvl1 http://www.filelabel.info/2w7y/?2V=Lawv0YecSOnZdZmqngGcZvprhomfb4X9YfPVtq1IvWwToR7xRnuqxAjnf14Kb1P7OK3qF8y3rVlNPzF5bdVhlCUeYm2+7ddpSexImSbNaMK380N1MHIbJRhlUDS9sCT5SZ96r/0=&5N=yBxsewvl1 http://www.sqlite.org/2022/sqlite-dll-win32-x86-3370000.zip http://www.coffee-and-blends.info/v35v/?2V=QLykxYh4zvA0eVm8sHd9vJ7cm8Ocwd+aLw1iNOUTi/NZcFg0+k6SuajB+VDZEgWr7u3QxNH7fyl6o0+K3GiYVb/CpQQZmkLRlg6A/sXIMKu948ijpPl34Lh5vJIQLmsCgl/X2MY=&5N=yBxsewvl1 http://www.withad.xyz/r0nv/ http://www.filelabel.info/2w7y/	15 Info www.lanxuanz.tech(136.143.186.12) www.coffee-and-blends.info(217.160.0.231) www.withad.xyz(162.0.238.43) www.wcm50.top(154.23.184.60) www.zz82x.top(38.47.232.196) www.filelabel.info(15.197.148.33) www.mayawashfold.net(15.197.148.33) 38.47.232.196 15.197.148.33 - mailcious 217.160.0.231 - mailcious 3.33.130.190 - phishing 136.143.186.12 - mailcious 45.33.6.223 162.0.238.43 - mailcious 154.23.184.60 - mailcious	2		5.4	M	58	ZeroCERT

201	2024-09-12 12:55	66e1db5a46161_cry.exe#kiscrypt... 032d49a1f22f5ec2d498fcf0f4076d91 Client SW User Data Stealer ftp Client info stealer Antivirus Http API PWS AntiDebug AntiVM PE File .NET EXE PE32 VirusTotal Malware PDB Code Injection Check memory Checks debugger buffers extracted unpack itself ComputerName					8.4	M	39	ZeroCERT

202	2024-09-12 12:13	imjp14k.dll 4fa897798a9028ea4f8dad8f8da5dc63 Malicious Library UPX PE File DLL PE32 OS Processor Check VirusTotal Malware					1.2	M	53	guest

203	2024-09-12 11:15	INF0_PAY_SCAN1ND_8403876378294... 825ccb1ffa07afa207ec10d5f9571d95 Lnk Format GIF Format VirusTotal Malware Creates shortcut unpack itself WriteConsoleW					1.6		10	ZeroCERT

204	2024-09-12 11:14	1B0S_YS63093BVSA_URDSGA_pdf.ln... 825ccb1ffa07afa207ec10d5f9571d95 Lnk Format GIF Format VirusTotal Malware Creates shortcut unpack itself WriteConsoleW					1.6		10	ZeroCERT

205	2024-09-11 17:47	jIML.txt.ps1 c96ca6878a5c726ddf6a75c35a1d84f4 Generic Malware Antivirus Anti_VM VirusTotal Malware Check memory unpack itself WriteConsoleW Windows Cryptographic key					1.6		16	ZeroCERT

206	2024-09-11 10:50	66e010f468498_otr.exe#kisotrme... faaf13f6a1dd574396fea7e084504150 RedLine Infostealer UltraVNC Generic Malware Malicious Library UPX PE File PE32 OS Processor Check Malware download VirusTotal Malware PDB Stealer DNS		1	1		2.4	M	53	ZeroCERT

207	2024-09-11 10:48	66df5745ca628_SETUP.exe 41acc938951854469f46ca6856927c22 Generic Malware Malicious Library Admin Tool (Sysinternals etc ...) Malicious Packer UPX PE File DllRegisterServer dll PE32 OS Processor Check VirusTotal Malware					2.2	M	42	ZeroCERT

208	2024-09-11 10:48	test1.hta 48c607b48c2f4dbacbed1c2d163ef7df Generic Malware Antivirus Lnk Format GIF Format VirusTotal Malware powershell AutoRuns suspicious privilege Check memory Checks debugger Creates shortcut Creates executable files unpack itself suspicious process WriteConsoleW Windows ComputerName Cryptographic key					5.6	M	3	ZeroCERT

209	2024-09-11 10:47	66dfd447dcd00_lyla.exe#lyla3 b36f21ca653ea179246c98cda2373879 Generic Malware Admin Tool (Sysinternals etc ...) UPX PE File PE32 DLL Malware download VirusTotal Malware Malicious Traffic AppData folder suspicious TLD CryptBot DNS	1 Keyword trend analysis	2	3		3.6	M	50	ZeroCERT

210	2024-09-11 10:46	66e014584fcee_w2.exe#ww2metaki... d11952cce9c0e9a38a52fbf887e96681 RedLine Infostealer UltraVNC Generic Malware Malicious Library UPX PE File PE32 OS Processor Check Malware download VirusTotal Malware PDB Stealer DNS		1	1		2.0	M	50	ZeroCERT