Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Rule	Score	Zero	VT	Player
22816	2022-12-21 17:48	dyiewphfyyog.exe 5e8d12b5c5ef7762bcec38e696ebdc02 Generic Malware Malicious Library Malicious Packer UPX PE File PE64 VirusTotal Malware crashed					1.2		33	ZeroCERT

22817	2022-12-21 13:43	https://www.twcp.net/images/in... bf87c3db8c028151f9e9eb19f422fa0e PWS[m] Downloader task schedule Socket Create Service DGA ScreenShot DNS Internet API Code injection Hijack Network Sniff Audio HTTP Steal credential KeyLogger P2P Escalate priviledges persistence FTP Http API AntiDebug AntiVM PNG Format MSOffice File JPE VirusTotal Malware Code Injection Check memory RWX flags setting exploit crash unpack itself Windows utilities malicious URLs Tofsee Windows Exploit Java DNS crashed	7 Keyword trend analysis	5	2		6.4	M		ZeroCERT

22818	2022-12-21 11:15	loaded_store_response 2.json d3aa8a016e291df294f354e4146952dc AntiDebug AntiVM Email Client Info Stealer suspicious privilege Checks debugger Creates shortcut unpack itself installed browsers check Browser Email ComputerName					3.8			guest

22819	2022-12-21 10:24	mp3studios_95.exe 07c8a80ab810c13ab828d94e8e43e3cf AgentTesla PWS[m] browser info stealer Google Chrome User Data Downloader Malicious Packer Create Service DGA Socket ScreenShot DNS BitCoin Internet API Code injection Sniff Audio HTTP Steal credential KeyLogger P2P Escalate priviledges persistence FTP H Browser Info Stealer VirusTotal Malware suspicious privilege Code Injection Checks debugger WMI Creates executable files exploit crash unpack itself Windows utilities suspicious process malicious URLs WriteConsoleW installed browsers check Tofsee Windows Exploit Browser ComputerName RCE DNS crashed	1 Keyword trend analysis	5	4	1	10.8	M	52	ZeroCERT

22820	2022-12-21 10:20	stealer.EXE 67bd89ea499879545a4784b1ba387b91 RAT PWS .NET framework Generic Malware Suspicious_Script UPX Malicious Library PE32 OS Processor Check .NET EXE PE File Browser Info Stealer FTP Client Info Stealer VirusTotal Malware suspicious privilege Malicious Traffic Check memory Checks debugger buffers extracted unpack itself Collect installed applications Check virtual network interfaces AppData folder installed browsers check Tofsee Windows Browser ComputerName DNS Cryptographic key Software crashed	2 Keyword trend analysis	3	2		8.4	M	64	ZeroCERT

22821	2022-12-21 10:20	https://www.twcp.net/images/in... bf87c3db8c028151f9e9eb19f422fa0e AntiDebug AntiVM MSOffice File Code Injection RWX flags setting exploit crash unpack itself Windows utilities Tofsee Windows Exploit DNS crashed	3 Keyword trend analysis	3	2		4.2			ZeroCERT

22822	2022-12-21 10:20	Pr0xyWifeStealer.exe 2bc00eb6e395ec97be60dcd9b69ebd1f RAT PWS .NET framework Generic Malware UPX PE32 OS Processor Check .NET EXE PE File FTP Client Info Stealer Malware suspicious privilege Malicious Traffic Check memory Checks debugger buffers extracted unpack itself Collect installed applications Check virtual network interfaces installed browsers check Tofsee Windows Browser ComputerName DNS Cryptographic key Software crashed	2 Keyword trend analysis	3	1		6.4	M		ZeroCERT

22823	2022-12-21 10:20	music.exe 3c10a82315dff77af1026ebc85817d56 Malicious Library UPX PE32 PE File Malware download VirusTotal Malware Checks debugger unpack itself Ransomware	2 Keyword trend analysis	2	1		2.0	M	21	ZeroCERT

22824	2022-12-21 10:18	Lgpspzhdm.dll a5e85f5cf16539ae101c80c9f9d803d0						M		ZeroCERT

22825	2022-12-21 10:18	HBN.exe c32bb2d4bbff0a1584d8fe1ff09a2d4e RAT PWS .NET framework PE32 .NET EXE PE File VirusTotal Malware Code Injection Check memory Checks debugger buffers extracted unpack itself					6.6	M	34	ZeroCERT

22826	2022-12-21 10:17	Schykoxq.dat 706fa87c0f1209e1ec3db4d5166fc13b VirusTotal Malware					0.8	M	22	ZeroCERT

22827	2022-12-21 10:05	server5.EXE a383534669ff5ef9786e6aa9dc78ca66 Gen1 Emotet NPKI Gen2 SUSP_Certificate_file Hide_EXE Generic Malware Malicious Library UPX Malicious Packer CAB PE File PE64 VirusTotal Malware AutoRuns PDB Checks debugger Creates executable files Windows RCE crashed					3.4	M	45	ZeroCERT

22828	2022-12-21 10:02	PROMZwFp385vXrN.exe 65faccec1c27ea47bf295191e93bff41 PWS[m] UPX SMTP Code injection KeyLogger AntiDebug AntiVM PE32 .NET EXE PE File Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware Telegram AutoRuns PDB suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself Check virtual network interfaces malicious URLs IP Check Tofsee Windows Browser Email ComputerName DNS Cryptographic key Software crashed keylogger	1 Keyword trend analysis	4	4		15.2	M	42	ZeroCERT

22829	2022-12-21 10:02	trud.exe 25726fc60b6bdeabe3c652517285f7eb Malicious Library UPX PE32 PE File PDB unpack itself Windows RCE crashed					2.4			ZeroCERT

22830	2022-12-21 09:48	mine.exe 1b1bae0b503d1aa9d659db31ed2cd208 RAT PWS .NET framework Generic Malware UPX Antivirus AntiDebug AntiVM PE32 OS Processor Check PE File .NET EXE VirusTotal Malware Buffer PE AutoRuns suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted Creates shortcut unpack itself Windows utilities suspicious process WriteConsoleW Tofsee Windows Google ComputerName Cryptographic key crashed	2 Keyword trend analysis	6	2		11.0		18	ZeroCERT