popup

Submissions

No Date Request Urls Hosts IDS Rule Score Zero VT Player Etc
22651 2022-12-30 20:23 https://garasitop.com  

862b950660cdb6c16c980e8eb2e08198


PWS[m] Downloader Create Service DGA Socket ScreenShot DNS Internet API Code injection Hijack Network Sniff Audio HTTP Steal credential KeyLogger P2P Escalate priviledges persistence FTP Http API AntiDebug AntiVM PNG Format MSOffice File JPEG Format Code Injection RWX flags setting exploit crash unpack itself Windows utilities malicious URLs Windows Exploit DNS crashed 		2 4.2 guest

22652 2022-12-30 20:00 https://garasitop.com  

17373b29c8834b486d8320deba931fcf


PWS[m] Downloader Create Service DGA Socket ScreenShot DNS Internet API Code injection Hijack Network Sniff Audio HTTP Steal credential KeyLogger P2P Escalate priviledges persistence FTP Http API AntiDebug AntiVM PNG Format MSOffice File JPEG Format Code Injection RWX flags setting exploit crash unpack itself Windows utilities malicious URLs Windows Exploit DNS crashed 		2 4.2 guest

22653 2022-12-30 18:26 mp3studios_97.exe  

d8f7df6881eb9eab54bd9faedf6701e3


Gen2 Trojan_PWS_Stealer Credential User Data Generic Malware Malicious Library SQLite Cookie Malicious Packer UPX Anti_VM PE32 OS Processor Check PE File PNG Format Browser Info Stealer VirusTotal Malware suspicious privilege MachineGuid Code Injection Checks debugger buffers extracted WMI Creates executable files exploit crash Windows utilities suspicious process WriteConsoleW installed browsers check Windows Exploit Browser ComputerName RCE crashed 		1 4 1 9.4 M 54 ZeroCERT

22654 2022-12-30 18:24 f6c2d824c8301e07ad1fa08fbc7ded...  

10e9f08a128e0a4f26427ecdd1293646


Malicious Library UPX PE32 OS Processor Check PE File DLL VirusTotal Malware Check memory buffers extracted WMI Creates executable files AppData folder Windows ComputerName crashed 		3 2 2 5.0 M 58 ZeroCERT

22655 2022-12-30 18:24 pb1111.exe  

682fdceb8132982fe1bc167d349a2e0d


Malicious Library VMProtect PE File PE64 VirusTotal Malware crashed 		2.4 M 41 ZeroCERT

22656 2022-12-30 18:22 Leman.exe  

5e445faf7b08cf2ffcac7b38c5d70d5d


PWS Loki[b] Loki.m Malicious Library Malicious Packer UPX PE32 OS Processor Check PE File DLL FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware AutoRuns PDB Malicious Traffic Check memory Checks debugger Creates executable files unpack itself Windows utilities suspicious process AppData folder WriteConsoleW Windows Email ComputerName DNS Software 		2 3 10.2 M 48 ZeroCERT

22657 2022-12-30 18:22 cred64.dll  

4a9e02f2913522b55571d2644800e15b


PWS Loki[b] Loki.m Malicious Library PE32 DLL PE File FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware Malicious Traffic Check memory Checks debugger unpack itself Email DNS Software crashed 		1 1 6.0 M 51 ZeroCERT

22658 2022-12-30 14:58 PokemonBetaGame.exe  

097051905db43d636c3f71f3b2037e02


Gen2 Gen1 Generic Malware Malicious Library UPX Anti_VM Admin Tool (Sysinternals etc ...) Malicious Packer Antivirus PE32 OS Processor Check PE File DLL GIF Format PE64 VirusTotal Malware AutoRuns suspicious privilege Malicious Traffic Checks debugger WMI Creates shortcut Creates executable files unpack itself Check virtual network interfaces AppData folder human activity check Windows ComputerName DNS DDNS 		2 4 7.8 M 3 ZeroCERT

22659 2022-12-30 14:58 PokenoGameCard.exe  

5e6b966167c7fd13433929e774f038ee


Gen2 Gen1 Generic Malware Malicious Library UPX Anti_VM Admin Tool (Sysinternals etc ...) Malicious Packer Antivirus PE32 OS Processor Check PE File DLL GIF Format PE64 Malware AutoRuns suspicious privilege Malicious Traffic Checks debugger WMI Creates shortcut Creates executable files unpack itself Check virtual network interfaces AppData folder human activity check Windows ComputerName DNS DDNS 		2 4 6.8 M ZeroCERT

22660 2022-12-30 12:18 Player_2022-12-29_01-41.exe  

eb603730c7b7e5025d215c4c76b82525


Malicious Library PE32 PE File VirusTotal Malware PDB unpack itself Windows RCE crashed 		3.2 M 26 ZeroCERT

22661 2022-12-30 12:15 newbos.exe  

7abf8a7927392093efb445c412e863a1


RAT PWS .NET framework UPX PE32 .NET EXE PE File VirusTotal Malware MachineGuid Check memory Checks debugger unpack itself ComputerName 		2.2 M 34 ZeroCERT

22662 2022-12-30 12:13 build3.exe  

c4a0e411b1cb01a0260338e53dcbbb75


RAT Downloader UPX ScreenShot AntiDebug AntiVM PE32 .NET EXE PE File Browser Info Stealer VirusTotal Malware Cryptocurrency wallets Cryptocurrency suspicious privilege MachineGuid Code Injection Malicious Traffic Check memory Checks debugger buffers extracted Creates executable files RWX flags setting unpack itself Check virtual network interfaces malicious URLs sandbox evasion anti-virtualization Windows Browser DNS Cryptographic key 		8 4 1 15.4 M 23 ZeroCERT

22663 2022-12-30 12:13 portu1.exe  

a52510e8ee3f4f7844e7c34ca8206058


Malicious Library PE32 PE File VirusTotal Malware PDB unpack itself 		1.8 M 27 ZeroCERT

22664 2022-12-30 12:11 build4.exe  

9971b303573731139b4e574619e3e1b9


RAT Malicious Packer PE File PE64 VirusTotal Malware Check memory Checks debugger unpack itself crashed 		2.0 M 30 ZeroCERT

22665 2022-12-30 12:09 QuasarAplicativo.exe  

bbd0db3230e57aeb7ca23e59aadf0134


RAT PWS .NET framework Malicious Library UPX PE32 OS Processor Check .NET EXE PE File VirusTotal Malware Check memory Checks debugger unpack itself 		2.0 M 60 ZeroCERT

keyword