Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Score	Zero	VT	Player
2746	2024-06-24 07:50	1.exe b96f0135250aab5a530906d079b178e1 Malicious Library UPX PE File PE32 OS Processor Check VirusTotal Malware unpack itself Remote Code Execution				2.2		28	ZeroCERT

2747	2024-06-24 07:48	epitheliogeneticTFr.exe 7ca21eefff568606fed91321aaa31ba2 Generic Malware Malicious Library ASPack UPX PE File PE32 OS Processor Check VirusTotal Malware Cryptocurrency wallets Cryptocurrency Check memory unpack itself ComputerName DNS		1		3.8		63	ZeroCERT

2748	2024-06-24 07:47	pic1.exe 1fecbc51b5620e578c48a12ebeb19bc2 Generic Malware Downloader Malicious Library UPX MPRESS Create Service Socket DGA Http API ScreenShot Escalate priviledges Steal credential PWS Sniff Audio HTTP DNS Code injection Internet API FTP KeyLogger P2P AntiDebug AntiVM PE File PE64 OS Processor C VirusTotal Malware PDB Code Injection Creates executable files unpack itself suspicious TLD Tofsee Remote Code Execution crashed		2	1	5.4		44	ZeroCERT

2749	2024-06-24 07:44	ama.exe 5d860e52bfa60fec84b6a46661b45246 RedLine stealer RedlineStealer Malicious Library .NET framework(MSIL) UPX AntiDebug AntiVM PE File .NET EXE PE32 OS Processor Check MSOffice File PNG Format JPEG Format Browser Info Stealer RedLine Malware download FTP Client Info Stealer VirusTotal Malware Microsoft suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted Creates executable files RWX flags setting exploit crash unpack itself Windows utilities Collect installed applications Check virtual network interfaces AppData folder installed browsers check Tofsee Stealer Windows Exploit Browser ComputerName DNS Cryptographic key Software crashed	3 Keyword trend analysis	9	7 Info ET DROP Spamhaus DROP Listed Traffic Inbound group 33 ET INFO Microsoft net.tcp Connection Initialization Activity ET MALWARE Redline Stealer TCP CnC Activity ET MALWARE [ANY.RUN] RedLine Stealer/MetaStealer Family Related (MC-NMF Authorization) ET MALWARE Redline Stealer TCP CnC - Id1Response ET MALWARE Redline Stealer/MetaStealer Family Activity (Response) SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	11.4		58	ZeroCERT

2750	2024-06-24 07:43	taskweaker.exe 6c149b39619395a8ba117a4cae95ba6f Generic Malware Malicious Library Malicious Packer UPX PE File PE64 DllRegisterServer dll OS Processor Check VirusTotal Malware crashed				1.4		48	ZeroCERT

2751	2024-06-24 07:41	setup.exe b6698d4058a87ffcd7bfd86ed09860af Malicious Library ASPack Malicious Packer UPX PE File PE64 OS Processor Check				0.6	M		ZeroCERT

2752	2024-06-24 07:39	setup.exe 0e12bdd2a8200d4c1f368750e2c87bfe Malicious Library ASPack Malicious Packer UPX PE File PE64 OS Processor Check VirusTotal Malware DNS		1		1.8	M	13	ZeroCERT

2753	2024-06-24 07:35	uYtF.exe 4691a9fe21f8589b793ea16f0d1749f1 PE File PE64 VirusTotal Cryptocurrency Miner Malware Cryptocurrency DNS CoinMiner		2	2	1.4		55	ZeroCERT

2754	2024-06-24 07:33	0x3fg.exe c4aeaafc0507785736e000ff7e823f5e Generic Malware Malicious Library Malicious Packer UPX PE File PE32 OS Processor Check PE64 Malware download Amadey VirusTotal Cryptocurrency Miner Malware Cryptocurrency AutoRuns Malicious Traffic Creates executable files unpack itself AppData folder suspicious TLD human activity check Windows DNS CoinMiner	2 Keyword trend analysis	4	10 Info ET DNS Query to a .top domain - Likely Hostile ET INFO HTTP Request to a .top domain ET INFO Executable Download from dotted-quad Host ET INFO Packed Executable Download ET POLICY PE EXE or DLL Windows file download HTTP ET INFO Executable Retrieved With Minimal HTTP Headers - Potential Second Stage Download ET HUNTING SUSPICIOUS Dotted Quad Host MZ Response ET MALWARE Win32/Amadey Host Fingerprint Exfil (POST) M2 ET COINMINER CoinMiner Domain in DNS Lookup (pool .hashvault .pro) ET POLICY Cryptocurrency Miner Checkin	6.8		60	ZeroCERT

2755	2024-06-24 07:28	a.exe 3c7cb3033983cabd6e2fbcded29ab704 Malicious Library UPX PE File .NET EXE PE32 VirusTotal Malware PDB Check memory Checks debugger unpack itself				3.2		51	ZeroCERT

2756	2024-06-22 01:56	Declaracion_de_renta_963202147... f1a22a6605c9cc540d223bea12e7b671 AntiDebug AntiVM VirusTotal Email Client Info Stealer Malware suspicious privilege Checks debugger Creates shortcut unpack itself installed browsers check Browser Email ComputerName				3.8		1	guest

2757	2024-06-21 16:42	AdBlock-1.7.5-install.exe 85a156ed1856c0eda8d7d6b60ef9ab31 Generic Malware Malicious Library UPX PE File PE64 OS Processor Check VirusTotal Malware Check memory crashed				2.2		52	ZeroCERT

2758	2024-06-21 15:56	arpwriteIni.exe 8ffe154b25091cb5a8547eb4f56d112c UPX PE File PE32 VirusTotal Malware Checks debugger Windows utilities Check virtual network interfaces suspicious process sandbox evasion Windows				4.0	M	30	ZeroCERT

2759	2024-06-21 15:53	WezoEventUP.exe 47bfeea9297530e45f26c4877bc078a6 CoinMiner AutoIt Generic Malware UPX PE File PE32 VirusTotal Malware Check memory Checks debugger				2.6	M	50	ZeroCERT

2760	2024-06-21 15:51	wzoptBmp.exe 8c6a57551936555b3fdc90562ccb9bf7 Generic Malware Malicious Library UPX PE File PE32 OS Processor Check VirusTotal Malware PDB unpack itself Remote Code Execution				2.2	M	7	ZeroCERT