Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Score	Zero	VT	Player
2701	2024-06-26 10:13	3f12ea9a-79fa-40c4-802f-9bbddf... 5f331887bec34f51cca7ea78815621f7 Gen1 Emotet Generic Malware Malicious Library UPX Antivirus PE File PE64 CAB VirusTotal Malware powershell AutoRuns PDB suspicious privilege MachineGuid Check memory Checks debugger Creates shortcut Creates executable files unpack itself Windows utilities suspicious process WriteConsoleW Windows ComputerName Remote Code Execution Cryptographic key				9.0	M	42	ZeroCERT

2702	2024-06-26 10:13	nelb.doc 6b9167056af49bf702c833ae4f581ef1 MS_RTF_Obfuscation_Objects RTF File doc FormBook Malware download VirusTotal Malware Malicious Traffic exploit crash unpack itself suspicious TLD Tofsee Exploit DNS crashed	4 Keyword trend analysis Info http://www.home-repair-contractors-kfm.xyz/btrd/?FrJX9P9=eVMlJIJ59eHiVvLGCrdtG7xbZNorDbW6x7q4JZ9YU9WFmkuuB+jImPCwzZVcR1MIE594ENWI&Vnt4_=-Z1l70lHPdrDeba http://www.xmentorgroup.com/btrd/?FrJX9P9=UYDnSobXWpXBVkfD89bcJt5KVoSCT9YF2HTPLZC4vkf0xFVelZyjEGpv0zxgTtsO2BXFiI/y&Vnt4_=-Z1l70lHPdrDeba http://www.liposuctionclinics2.today/btrd/?FrJX9P9=g2Awi9gzMhKdCQNLs5BlCrpPGRTrEfCXfESYZTVa1wMirmNXITW5sw9ZqEJh6Ao16UcXSiJC&Vnt4_=-Z1l70lHPdrDeba https://universalmovies.top/nelb.scr	9	4	4.4	M	33	ZeroCERT

2703	2024-06-26 10:11	umOKKIbUBdaJ.exe 608321f2d1044c6c22eeb66205e53650 Generic Malware Malicious Library Malicious Packer UPX PE File PE64 DllRegisterServer dll OS Processor Check VirusTotal Malware crashed				1.4	M	45	ZeroCERT

2704	2024-06-26 10:10	stl.exe 2d92c64d986c4640e4cb5bc41cb38821 RedLine stealer RedLine Stealer Malicious Library .NET framework(MSIL) ScreenShot PWS SMTP AntiDebug AntiVM PE File .NET EXE PE32 Browser Info Stealer RedLine Malware download FTP Client Info Stealer VirusTotal Malware Microsoft suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself Collect installed applications installed browsers check Stealer Windows Browser ComputerName DNS Cryptographic key Software crashed		1	5 Info ET INFO Microsoft net.tcp Connection Initialization Activity ET MALWARE Redline Stealer TCP CnC Activity ET MALWARE [ANY.RUN] RedLine Stealer/MetaStealer Family Related (MC-NMF Authorization) ET MALWARE Redline Stealer TCP CnC - Id1Response ET MALWARE Redline Stealer/MetaStealer Family Activity (Response)	9.4	M	54	ZeroCERT

2705	2024-06-26 07:55	spain.exe 1ca5ad32b7aa3fec3d64a98b0933cfd0 Gen1 Generic Malware Malicious Library ASPack UPX Malicious Packer Anti_VM PE File PE64 OS Processor Check DLL ZIP Format VirusTotal Malware Check memory Creates executable files				1.8		43	ZeroCERT

2706	2024-06-26 07:54	200.exe bd8816b95ee5ec22fc9782e15f45e11a Malicious Library PE File PE32 VirusTotal Malware				2.0		43	ZeroCERT

2707	2024-06-26 07:52	1.exe 97175eb8e852354cefb670f6863bb703 Malicious Library UPX PE File PE32 OS Processor Check VirusTotal Malware				1.2		28	ZeroCERT

2708	2024-06-26 07:49	fXYe6uFLSHC8.exe edc1804284921cdf6149815c944cf35e Generic Malware Malicious Library Malicious Packer UPX PE File PE64 DllRegisterServer dll OS Processor Check VirusTotal Malware				1.2		28	ZeroCERT

2709	2024-06-26 07:48	PO580.exe 0815923728c22dbce41267fcc92aa214 Malicious Library PE File PE64 VirusTotal Malware MachineGuid Check memory Checks debugger unpack itself Windows Cryptographic key crashed				2.6		40	ZeroCERT

2710	2024-06-26 07:34	vidar2406.exe c64af626c4ed0784e010f5f2210e97f4 Generic Malware Malicious Library UPX PE File PE32 OS Processor Check VirusTotal Malware unpack itself WriteConsoleW crashed				2.6	M	59	ZeroCERT

2711	2024-06-26 07:32	meta2406.exe b60d8d01724703616e7cbbd320a9bd75 Generic Malware Malicious Library UPX PE File PE32 OS Processor Check VirusTotal Malware unpack itself WriteConsoleW crashed				2.6		57	ZeroCERT

2712	2024-06-26 07:32	rise2406.exe c6c9f27d335d4e47b5ea12653e806be6 Generic Malware Malicious Library UPX PE File PE32 OS Processor Check VirusTotal Malware unpack itself WriteConsoleW crashed				2.6		56	ZeroCERT

2713	2024-06-25 09:12	notorious.doc 2d1b096a33d1b673fd06db9f3e861761 MS_RTF_Obfuscation_Objects RTF File doc RedLine Malware download VirusTotal Malware RWX flags setting exploit crash suspicious TLD IP Check Tofsee Stealer Exploit Browser DNS crashed	3 Keyword trend analysis	10	9 Info ET INFO External IP Lookup Domain (ipify .org) in DNS Lookup SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) ET DNS Query to a *.top domain - Likely Hostile ET INFO External IP Address Lookup Domain (ipify .org) in TLS SNI ET MALWARE RedLine Stealer - CheckConnect Response ET MALWARE Win32/LeftHook Stealer Browser Extension Config Inbound ET MALWARE Redline Stealer/MetaStealer Family Activity (Response) ET POLICY Possible External IP Lookup Domain Observed in SNI (ipinfo. io) SURICATA HTTP unable to match response to request	4.8	M	27	ZeroCERT

2714	2024-06-25 07:59	TgFr.exe be49a59064751d54c9936b9b03854ad8 RedLine stealer RedlineStealer Malicious Library .NET framework(MSIL) UPX PE File .NET EXE PE32 OS Processor Check Browser Info Stealer RedLine Malware download FTP Client Info Stealer VirusTotal Malware Microsoft suspicious privilege Check memory Checks debugger buffers extracted unpack itself Collect installed applications installed browsers check Stealer Windows Browser ComputerName DNS Cryptographic key Software crashed		1	5 Info ET INFO Microsoft net.tcp Connection Initialization Activity ET MALWARE Redline Stealer TCP CnC Activity ET MALWARE [ANY.RUN] RedLine Stealer/MetaStealer Family Related (MC-NMF Authorization) ET MALWARE Redline Stealer TCP CnC - Id1Response ET MALWARE Redline Stealer/MetaStealer Family Activity (Response)	6.2		58	ZeroCERT

2715	2024-06-25 07:57	googleads.exe 7226b083a46c85f292f6dbfae79b431e RedLine stealer ILProtector Packer Malicious Library .NET framework(MSIL) UPX PE File .NET EXE PE32 OS Processor Check VirusTotal Malware suspicious privilege MachineGuid Check memory Checks debugger unpack itself Windows DNS Cryptographic key		1		4.4		54	ZeroCERT