Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Score	Zero	VT	Player
2371	2024-07-09 17:08	trc.exe 74758f61067ea9fa0e2a4593920ed0f2 Generic Malware Malicious Library Malicious Packer UPX Anti_VM PE File PE64 DllRegisterServer dll OS Processor Check VirusTotal Malware crashed				1.4	M	28	ZeroCERT

2372	2024-07-09 17:06	runerdata.exe 99c919281e619f24edc578e427433f7b Malicious Library Malicious Packer .NET framework(MSIL) PE File .NET EXE PE32 VirusTotal Malware Check memory Checks debugger unpack itself ComputerName				2.4	M	38	ZeroCERT

2373	2024-07-09 17:06	build1111.exe dea351e95b2d5b0a6b3911d531315550 Generic Malware Malicious Library PE File PE64 VirusTotal Malware Check memory unpack itself				1.2		17	ZeroCERT

2374	2024-07-09 14:18	Update_old.js affe7c07da3776a191c69b73e50d491a VBScript wscript.exe payload download Tofsee crashed Dropper		2	2	10.0			guest

2375	2024-07-09 12:06	download.php 019defe59b733d4d86a895702873ff07 Malicious Library PE File PE32 VirusTotal Malware Remote Code Execution				2.0	M	27	ZeroCERT

2376	2024-07-09 11:20	Large_Innovation_Project_for_B... 51565dd3cedcdcf0040a62e31758a525 Generic Malware Antivirus AntiDebug AntiVM Lnk Format GIF Format VirusTotal Malware powershell AutoRuns suspicious privilege Code Injection Check memory Checks debugger Creates shortcut unpack itself Windows utilities powershell.exe wrote suspicious process WriteConsoleW Windows ComputerName Cryptographic key	3 Keyword trend analysis			7.0		14	ZeroCERT

2377	2024-07-09 10:12	AdaptorOvernight.exe e0d29de6e2fa7590f857f1ef825c943c Suspicious_Script_Bin Generic Malware Downloader Malicious Library UPX Create Service Socket DGA Http API ScreenShot Escalate priviledges Steal credential PWS Hijack Network Sniff Audio HTTP DNS Code injection Internet API persistence FTP KeyLogger P2P An VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger WMI Creates executable files unpack itself Windows utilities suspicious process AppData folder malicious URLs sandbox evasion WriteConsoleW Windows ComputerName DNS				8.0	M	18	ZeroCERT

2378	2024-07-09 10:12	Setup.exe 59a192a7b85f4bb5796c53cc450caf2c Malicious Library PE File PE32 VirusTotal Malware Checks debugger WMI Creates executable files RWX flags setting unpack itself Checks Bios anti-virtualization ComputerName				4.4		28	ZeroCERT

2379	2024-07-09 10:11	install.exe 7524d560b667b8ed62f16bc59772d81f Emotet Gen1 HermeticWiper Generic Malware PhysicalDrive Malicious Library Malicious Packer UPX Admin Tool (Sysinternals etc ...) Obsidium protector Antivirus PE File PE64 CAB OS Processor Check DLL DllRegisterServer dll PE32 MZP Format MSOffice File VirusTotal Malware PDB Checks debugger Creates executable files				3.6	M	44	ZeroCERT

2380	2024-07-09 10:10	file 4808c478a3cf9d6fae1e1dcb10f4be33 Javascript_Blob AntiDebug AntiVM ftp MSOffice File Code Injection Creates executable files ICMP traffic RWX flags setting exploit crash unpack itself Windows utilities Tofsee Windows Exploit DNS crashed	5 Keyword trend analysis Info https://www.googletagmanager.com/gtag/js?id=UA-829541-1 https://the.gatekeeperconsent.com/cmp.min.js https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015 https://www.googletagmanager.com/gtm.js?id=GTM-53LP4T https://btloader.com/tag?o=5678961798414336&upapi=true	19 Info www.googletagmanager.com(142.250.206.232) the.gatekeeperconsent.com(172.67.199.186) translate.google.com(142.250.206.206) static.mediafire.com(104.16.114.74) cdn.amplitude.com(54.230.61.103) static.cloudflareinsights.com(104.16.80.73) www.ezojs.com(104.21.63.106) btloader.com(104.22.75.216) 142.250.207.78 172.67.199.186 172.67.170.144 104.16.113.74 - mailcious 142.251.220.46 104.16.80.73 54.230.61.127 104.16.114.74 - mailcious 104.22.75.216 142.250.76.232 104.21.63.106	2	6.6	M		ZeroCERT

2381	2024-07-09 10:04	persona.exe a0f4dea92c2045c7da2664345e4e5edf Generic Malware Malicious Library UPX PE File PE64 OS Processor Check VirusTotal Malware PDB unpack itself DNS crashed	1 Keyword trend analysis	1		2.8	M	29	ZeroCERT

2382	2024-07-09 10:02	Xin.exe 520f92170a2cf78ed3152f83973b9b66 Malicious Library Admin Tool (Sysinternals etc ...) PWS AntiDebug AntiVM PE File .NET EXE PE32 VirusTotal Malware Buffer PE PDB suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself Windows DNS Cryptographic key		2		10.6		59	ZeroCERT

2383	2024-07-09 10:00	EXACT_ITEM.exe 9babf09115135e3726636ed32790bd36 Malicious Packer UPX PE File PE64 VirusTotal Malware Checks debugger				2.0	M	34	ZeroCERT

2384	2024-07-09 09:58	SCM_1.exe 00a69916c649b8f347552f045d9529ef PE File PE64 VirusTotal Cryptocurrency Miner Malware Cryptocurrency DNS		2	2	1.4	M	46	ZeroCERT

2385	2024-07-09 09:58	PsExec.exe 24a648a48741b1ac809e47b9543c6f12 Generic Malware Malicious Library Malicious Packer UPX PE File PE32 OS Processor Check VirusTotal Malware PDB Check memory Checks debugger unpack itself WriteConsoleW Remote Code Execution				1.8	M	2	ZeroCERT