popup

Submissions

No Date Request Urls Hosts IDS Rule Score Zero VT Player Etc
22441 2022-12-09 10:57 1.exe  

fa6a302b0750f3eacef9f53dad70e1ac


Malicious Library UPX OS Processor Check PE File PE64 VirusTotal Malware RWX flags setting unpack itself crashed 		1 1.8 14 ZeroCERT

22442 2022-12-09 10:55 summit_1208.js  

5b411c2264642af22f27b1ab93fe55a8

heapspray 		0.8 ZeroCERT

22443 2022-12-09 10:55 config_20.ps1  

280c0a69ac613b345d8ab95664d3b6cf


Generic Malware Antivirus VirusTotal Malware powershell Malicious Traffic Check memory unpack itself Check virtual network interfaces WriteConsoleW Windows ComputerName DNS Cryptographic key crashed 		1 1 1 5.0 M 3 ZeroCERT

22444 2022-12-09 10:48 derrffdde.bat  

834e89e3b40dc70d0066308c5aa8086b


PWS[m] Generic Malware Downloader Antivirus Create Service DGA Socket ScreenShot DNS Internet API Code injection Sniff Audio HTTP Steal credential KeyLogger P2P Escalate priviledges FTP Http API AntiDebug AntiVM powershell suspicious privilege Check memory Checks debugger Creates shortcut unpack itself suspicious process WriteConsoleW Windows ComputerName Cryptographic key 		4.2 ZeroCERT

22445 2022-12-09 10:47 save.bat  

c61a072f3a23cb30b7de5f2fde721aa5


PWS[m] Generic Malware Downloader Antivirus Create Service DGA Socket ScreenShot DNS Internet API Code injection Sniff Audio HTTP Steal credential KeyLogger P2P Escalate priviledges FTP Http API AntiDebug AntiVM powershell suspicious privilege Check memory Checks debugger Creates shortcut unpack itself Windows utilities powershell.exe wrote suspicious process WriteConsoleW Windows ComputerName Cryptographic key 		4.6 ZeroCERT

22446 2022-12-09 10:41 vbc.exe  

5113abb28878ff293661fc23685a48bf


Generic Malware PE File PE64 VirusTotal Malware PDB MachineGuid Check memory Checks debugger unpack itself 		2.4 M 17 r0d

22447 2022-12-09 10:32 Adsme.exe  

b616aa864b2d9271ef4bfe493d011b2e


Malicious Library PE File PE64 VirusTotal Malware MachineGuid Check memory Checks debugger unpack itself 		2.2 M 24 r0d

22448 2022-12-09 10:26 aloy64.exe  

1cb5a9c2bc4adfe101f6069d525ba9b2


UPX OS Processor Check PE File PE64 VirusTotal Malware MachineGuid unpack itself Check virtual network interfaces Tofsee ComputerName 		4 4 1 3.0 20 ZeroCERT

22449 2022-12-09 10:11 Update.exe  

bf5c5bddf5a67b5ddb92fdbd9f0a9d66


RAT PWS .NET framework UPX PE32 OS Processor Check .NET EXE PE File VirusTotal Malware Check memory Checks debugger unpack itself Windows DNS Cryptographic key 		1 4.4 M 41 ZeroCERT

22450 2022-12-09 10:08 vbc.exe  

550b124de2a79d470649fdda60e1e7d9


PWS[m] RAT PWS .NET framework Generic Malware Antivirus SMTP KeyLogger AntiDebug AntiVM PE32 .NET EXE PE File Browser Info Stealer Malware download FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware powershell PDB suspicious privilege Code Injection Check memory Checks debugger buffers extracted Creates shortcut unpack itself Windows utilities powershell.exe wrote Check virtual network interfaces suspicious process WriteConsoleW IP Check Windows Browser Email ComputerName DNS Cryptographic key DDNS Software crashed keylogger 		1 2 3 15.2 M 41 ZeroCERT

22451 2022-12-09 10:06 file.exe  

e0144e36f7030d6667b4eb14309749c6


Generic Malware Malicious Library Malicious Packer UPX Antivirus PE32 OS Processor Check PE File PowerShell VirusTotal Malware powershell suspicious privilege MachineGuid Check memory Checks debugger Creates shortcut unpack itself Windows utilities powershell.exe wrote Check virtual network interfaces suspicious process AppData folder WriteConsoleW Tofsee Windows ComputerName RCE Cryptographic key 		2 2 3 10.0 M 49 ZeroCERT

22452 2022-12-09 10:03 Adsme.exe  

b616aa864b2d9271ef4bfe493d011b2e


PE File PE64 VirusTotal Malware MachineGuid Check memory Checks debugger unpack itself 		2.2 M 24 ZeroCERT

22453 2022-12-09 10:01 Overskirt.exe  

a5c8a40f7c15619dd13a2532c4ba3caf


RedLine stealer[m] Confuser .NET AntiDebug AntiVM PE32 .NET EXE PE File Browser Info Stealer FTP Client Info Stealer VirusTotal Malware Buffer PE suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself Collect installed applications installed browsers check Windows Browser ComputerName DNS Cryptographic key Software crashed 		1 11.6 M 40 ZeroCERT

22454 2022-12-09 09:59 vbc.exe  

5113abb28878ff293661fc23685a48bf


PE File PE64 VirusTotal Malware PDB MachineGuid Check memory Checks debugger unpack itself 		2.4 M 17 ZeroCERT

22455 2022-12-09 09:58 Coloury.exe  

3134ca80b1a7e683db781aefab1abc1d


RedLine stealer[m] Confuser .NET AntiDebug AntiVM PE32 .NET EXE PE File Browser Info Stealer FTP Client Info Stealer VirusTotal Malware Buffer PE suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself Collect installed applications installed browsers check Windows Browser ComputerName DNS Cryptographic key Software crashed 		1 11.6 M 40 ZeroCERT

keyword