Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Score	Zero	VT	Player
22036	2023-01-19 12:51	cred64.dll 6554ed243a87f709ed65ef09bab598b2 Ave Maria WARZONE RAT Malicious Library UPX OS Processor Check DLL PE File PE64 VirusTotal Malware PDB Checks debugger unpack itself installed browsers check Browser ComputerName crashed				2.8	M	45	ZeroCERT

22037	2023-01-19 12:49	dKRRwATC1r1pz 2a4865151e02af3be15b37f8ac07dec5 NPKI Generic Malware Malicious Library UPX OS Processor Check DLL PE File PE64 VirusTotal Malware Report Checks debugger ICMP traffic unpack itself suspicious process sandbox evasion ComputerName DNS crashed		8	3	7.2	M	51	ZeroCERT

22038	2023-01-19 12:47	Qgsfplueu.exe 88cc9f6390fb8a2afc227eb6c54d8b47 PWS[m] RAT PWS .NET framework SMTP KeyLogger AntiDebug AntiVM PE32 .NET EXE PE File Browser Info Stealer Malware download FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself Check virtual network interfaces IP Check Windows Browser Email ComputerName DNS Cryptographic key DDNS Software crashed keylogger	1 Keyword trend analysis	2	5	12.6	M	44	ZeroCERT

22039	2023-01-19 12:47	Setup.exe 61c7b205553a01e71cef1da9f800eead Gen2 Malicious Library UPX PE32 OS Processor Check PE File VirusTotal Malware Check memory RCE				1.4	M	19	ZeroCERT

22040	2023-01-19 12:45	Loader.exe 36fb9b7eaead26b46f0aa9223162d1f7 Malicious Library UPX PE32 OS Processor Check PE File VirusTotal Malware PDB unpack itself Windows RCE crashed				3.2	M	50	ZeroCERT

22041	2023-01-19 12:45	tcg05w40u9.exe 3e53ae172be6a897d35f92c6572b06d5 RedLine stealer[m] RAT Malicious Library UPX AntiDebug AntiVM PE32 OS Processor Check PE File VirusTotal Malware Buffer PE Code Injection Check memory Checks debugger buffers extracted unpack itself Windows DNS Cryptographic key crashed		1		8.8	M	45	ZeroCERT

22042	2023-01-19 12:43	V6ieHw0lKtnWpzU.exe 5c591b39b3e1f9df0577df6673115172 RedLine stealer[m] NPKI AntiDebug AntiVM PE32 .NET EXE PE File Browser Info Stealer FTP Client Info Stealer VirusTotal Malware PDB suspicious privilege Code Injection Check memory Checks debugger buffers extracted Creates executable files unpack itself Windows utilities Collect installed applications suspicious process AppData folder WriteConsoleW installed browsers check Windows Browser ComputerName DNS Cryptographic key Software crashed		1		14.0	M	45	ZeroCERT

22043	2023-01-19 12:43	3eaxk3ch1hxkih.exe f14521ae608114a93970fc0fa56f2b37 RedLine stealer[m] RAT Malicious Library UPX AntiDebug AntiVM PE32 OS Processor Check PE File Browser Info Stealer FTP Client Info Stealer VirusTotal Malware Buffer PE suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself Collect installed applications installed browsers check Windows Browser ComputerName DNS Cryptographic key Software crashed		2		10.6	M	45	ZeroCERT

22044	2023-01-19 12:42	Install.exe a491aa50ebc879f8fbfebbf366bc3311 Generic Malware Themida Packer PE File PE64 VirusTotal Malware unpack itself Windows crashed				3.0		12	guest

22045	2023-01-19 12:41	buildppb.exe 03f0c3802261406b2967dbcfb79908a3 NPKI Malicious Packer Malicious Library UPX PE32 OS Processor Check PE File Browser Info Stealer VirusTotal Malware MachineGuid Check memory Checks debugger buffers extracted WMI Creates shortcut unpack itself Windows utilities suspicious process Ransomware Windows Browser ComputerName DNS crashed		1		9.0	M	46	ZeroCERT

22046	2023-01-19 12:40	myBUILDREDLINE.exe 11e7246d972f996ea11fd316aed2d428 RAT PWS .NET framework UPX PE32 OS Processor Check .NET EXE PE File Browser Info Stealer FTP Client Info Stealer VirusTotal Malware suspicious privilege Check memory Checks debugger buffers extracted unpack itself Collect installed applications installed browsers check Windows Browser ComputerName DNS Cryptographic key Software crashed		1		6.2	M	53	ZeroCERT

22047	2023-01-19 12:38	svcrun.exe ca75120570056492d53d682e9b90f94c UPX .NET EXE PE File PE64 VirusTotal Malware unpack itself RCE crashed				1.8	M	16	ZeroCERT

22048	2023-01-19 12:38	serverhta.hta 6d18204c8ace187e2f02dfc8954efaf2 Generic Malware Antivirus PowerShell GIF Format powershell AutoRuns suspicious privilege Check memory Checks debugger Creates shortcut Creates executable files RWX flags setting unpack itself powershell.exe wrote Check virtual network interfaces suspicious process WriteConsoleW Tofsee Windows ComputerName Cryptographic key		2	1	6.8	M		ZeroCERT

22049	2023-01-19 11:10	mandavoar.hta 2e789d4574338de29bed3cefae1faac1 VirusTotal Malware unpack itself crashed				1.0		8	ZeroCERT

22050	2023-01-19 08:14	111.exe e0e3ca76d27943d890cad7e341d3a477 Malicious Library UPX OS Processor Check PE File PE64 VirusTotal Malware MachineGuid Checks debugger buffers extracted unpack itself Check virtual network interfaces Tofsee ComputerName RCE	2 Keyword trend analysis	4	1	4.2		8	ZeroCERT