Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Score	Zero	VT	Player
2761	2024-06-21 15:51	changezuhaolnk.exe 90f9973120104179d008e06cde39670c MPRESS UPX PE File PE64 VirusTotal Malware crashed				1.4	M	14	ZeroCERT

2762	2024-06-21 15:49	sysup.exe e11e67d21c40e31313b4611bd0af0301 Generic Malware UPX PE File PE32 VirusTotal Malware Checks debugger unpack itself				2.6	M	49	ZeroCERT

2763	2024-06-21 15:49	storyhosts.exe 3c48dddcbad4b1bd6285722968150c80 Generic Malware UPX PE File PE32 VirusTotal Malware suspicious privilege Checks debugger sandbox evasion				2.8	M	37	ZeroCERT

2764	2024-06-21 15:29	RobloxPlayerInstaller.exe c484a17ffc8468f2815c0798a53427b8 Gen1 Generic Malware Malicious Library Malicious Packer UPX PE File ftp PE32 OS Processor Check VirusTotal Malware PDB unpack itself Remote Code Execution				2.2		12	ZeroCERT

2765	2024-06-21 15:17	RobloxPlayerInstaller.exe c484a17ffc8468f2815c0798a53427b8 Gen1 Generic Malware Malicious Library Malicious Packer UPX PE File ftp PE32 OS Processor Check VirusTotal Malware PDB Remote Code Execution crashed				2.0		12	ZeroCERT

2766	2024-06-21 09:50	WezoAutoUP.exe 46748aff6fcab034d0affddc99c6d876 CoinMiner Emotet AutoIt Generic Malware Suspicious_Script_Bin UPX Malicious Library Malicious Packer MPRESS PE File PE32 DLL MSOffice File OS Processor Check PE64 VirusTotal Malware AutoRuns suspicious privilege Check memory Checks debugger Creates executable files Windows utilities Check virtual network interfaces suspicious process AppData folder sandbox evasion WriteConsoleW Windows crashed	13 Keyword trend analysis Info http://wieie.cn:8765/wzoptBmp.exe http://wieie.cn:8765/DelHosts.exe http://dl-cn.verysync.com/releases/ http://wieie.cn:8765/changezuhaolnk.exe http://wieie.cn:8765/dbzclientUpdate.exe http://wieie.cn:8765/WezoEventUP.exe http://wieie.cn:8765/sysup.exe http://wieie.cn:8765/wzoptup.exe http://wieie.cn:8765/arpwriteIni.exe http://wieie.cn:8765/storyhosts.exe http://wieie.cn:8765/Config.ini http://dl-cn.verysync.com/releases/v2.15.0/verysync-windows-amd64-v2.15.0.zip http://wieie.cn:8765/DownVerySync.exe	4	4	9.4		51	ZeroCERT

2767	2024-06-21 09:49	vncDbnt.exe 3597cd93701c4505d035a34271e0b931 CoinMiner AutoIt Generic Malware UPX PE File PE32 VirusTotal Malware Check memory Checks debugger Windows utilities suspicious process sandbox evasion WriteConsoleW Windows				4.0		54	ZeroCERT

2768	2024-06-21 09:49	79973772993.pdf.lnk e1e2e0cf2113a375950c57f87e265345 Generic Malware Antivirus AntiDebug AntiVM GIF Format Lnk Format VirusTotal Malware powershell suspicious privilege Code Injection Check memory Checks debugger Creates shortcut unpack itself powershell.exe wrote suspicious process WriteConsoleW Windows ComputerName Cryptographic key	1 Keyword trend analysis			5.0		23	ZeroCERT

2769	2024-06-21 09:48	see.exe 2b9dd031eeb129f66c079b1c59b5f9d9 Gen1 Generic Malware Malicious Library WinRAR UPX Malicious Packer PE File PE64 OS Processor Check DLL PDB Creates executable files unpack itself Remote Code Execution				3.0			ZeroCERT

2770	2024-06-21 09:45	slip5683.pdf.exe 2c7be29b02d725b0fd09b7f832d8d288 Gen1 Generic Malware Malicious Library WinRAR UPX Malicious Packer PE File PE64 OS Processor Check DLL PDB Creates executable files Remote Code Execution				2.6			ZeroCERT

2771	2024-06-21 09:45	Invoice.bat 45c581bf3caca47ff9f0515f42571935 Generic Malware Downloader Antivirus Create Service Socket DGA Http API ScreenShot Escalate priviledges Steal credential PWS Sniff Audio HTTP DNS Code injection Internet API FTP KeyLogger P2P AntiDebug AntiVM powershell suspicious privilege Code Injection Check memory Checks debugger Creates shortcut unpack itself Windows utilities powershell.exe wrote suspicious process WriteConsoleW Windows ComputerName Cryptographic key				5.2			ZeroCERT

2772	2024-06-21 09:45	Invoice.bat 4e93a25a919fdb46bd3155c66cb16c61 Generic Malware Downloader Antivirus Create Service Socket DGA Http API ScreenShot Escalate priviledges Steal credential PWS Sniff Audio HTTP DNS Code injection Internet API FTP KeyLogger P2P AntiDebug AntiVM VirusTotal Malware powershell suspicious privilege Code Injection Check memory Checks debugger Creates shortcut unpack itself Windows utilities powershell.exe wrote suspicious process WriteConsoleW Windows ComputerName Cryptographic key				5.6		4	ZeroCERT

2773	2024-06-21 09:35	Downdd.exe f6be85b0254a308f77189fc96fa6f38e CoinMiner AutoIt Generic Malware UPX PE File PE32 VirusTotal Malware Check memory Checks debugger unpack itself				3.0	M	53	r0d

2774	2024-06-21 07:53	avg_secure_browser_setup.exe 13b3860a2827e505cb6de1418f640b16 HermeticWiper NSIS Generic Malware PhysicalDrive Malicious Library UPX Malicious Packer PE File PE32 DLL DllRegisterServer dll OS Processor Check MSOffice File CAB PE64 Browser Info Stealer VirusTotal Malware AutoRuns suspicious privilege Malicious Traffic Check memory Checks debugger buffers extracted Creates executable files RWX flags setting unpack itself Windows utilities Collect installed applications Auto service Check virtual network interfaces AppData folder sandbox evasion anti-virtualization installed browsers check Tofsee Ransomware Fortinet Windows Browser ComputerName Firmware crashed	4 Keyword trend analysis Info http://browser-update.avg.com/browser-avg/win/x64/109.0.24252.121/AVGBrowserInstaller.exe https://stats.securebrowser.com/?_=1718955853989&retry_tracking_count=0&last_request_error_code=0&last_request_error_message=&last_request_status=0&last_request_system_error=0&request_proxy=0 https://update.avgbrowser.com/service/update2 https://update.avgbrowser.com/service/update2?cup2key=9:2906594695&cup2hreq=1a77176c46ecf7b2954c2373054d5a3b455eb7a159f1b6ad23c4e5706d55a272	6	2	19.8		4	ZeroCERT

2775	2024-06-21 07:51	deep.exe 864d1a4e41a56c8f2e7e7eec89a47638 Generic Malware Themida Packer Malicious Library WinRAR UPX PE File PE32 OS Processor Check .NET EXE VirusTotal Malware PDB suspicious privilege Check memory Checks debugger Creates executable files unpack itself Checks Bios Detects VMWare AppData folder AntiVM_Disk VMware anti-virtualization VM Disk Size Check Windows ComputerName Remote Code Execution Firmware crashed				8.0		45	ZeroCERT