Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Score	Zero	VT	Player
2821	2024-06-19 17:18	msa.exe 230ef121bcb5b8c9b91a2c35788d60ca XWorm Generic Malware WebCam Malicious Library .NET framework(MSIL) UPX Antivirus AntiDebug AntiVM PE File .NET EXE PE32 VirusTotal Malware powershell Buffer PE suspicious privilege Code Injection Check memory Checks debugger buffers extracted Creates shortcut unpack itself powershell.exe wrote suspicious process AntiVM_Disk VM Disk Size Check Windows ComputerName Cryptographic key				12.4	M	55	ZeroCERT

2822	2024-06-19 17:17	legs.exe bbd06263062b2c536b5caacdd5f81b76 Generic Malware Malicious Library UPX PE File PE32 OS Processor Check VirusTotal Malware unpack itself DNS crashed		1	1	2.8		50	ZeroCERT

2823	2024-06-19 17:15	voda.exe 61454bbf62a50d22bc3d52b44de73edd Malicious Packer UPX PE File PE32 Malware download VirusTotal Malware AutoRuns MachineGuid unpack itself Windows utilities suspicious process WriteConsoleW IP Check Tofsee Windows RisePro ComputerName DNS crashed	1 Keyword trend analysis	5	7 Info ET DROP Spamhaus DROP Listed Traffic Inbound group 23 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) ET POLICY Possible External IP Lookup Domain Observed in SNI (ipinfo. io) ET MALWARE RisePro TCP Heartbeat Packet ET MALWARE [ANY.RUN] RisePro TCP (Token) ET MALWARE [ANY.RUN] RisePro TCP (Activity) ET MALWARE [ANY.RUN] RisePro TCP (External IP)	7.8		45	ZeroCERT

2824	2024-06-19 17:15	newfile_setup.exe 973a55a800d2b099f57fe7dfba56b848 Malicious Library Admin Tool (Sysinternals etc ...) .NET framework(MSIL) UPX PE File .NET EXE PE32 VirusTotal Malware PDB Check memory Checks debugger unpack itself ComputerName				2.8		45	ZeroCERT

2825	2024-06-19 14:40	gui.exe 8af55ab72dc0c45e52c7af0752cbbc4a NSIS Generic Malware Malicious Library UPX Antivirus PE File PE32 VirusTotal Malware powershell suspicious privilege Check memory Checks debugger WMI Creates shortcut unpack itself powershell.exe wrote suspicious process WriteConsoleW Windows ComputerName Cryptographic key				6.6		26	ZeroCERT

2826	2024-06-19 14:36	obf.exe 47978fd3f8bef45e4cd2e45c317c8f49 Gen1 Generic Malware Malicious Library UPX Malicious Packer Anti_VM PE64 PE File OS Processor Check DLL ZIP Format VirusTotal Malware Check memory Creates executable files				1.6	M	10	ZeroCERT

2827	2024-06-19 14:35	x.exe 5d53a02ab5d5d587f2ed596908d59a01 Malicious Library Antivirus UPX PE File .NET EXE PE32 OS Processor Check suspicious privilege MachineGuid Check memory Checks debugger unpack itself AntiVM_Disk VM Disk Size Check Windows ComputerName Cryptographic key				2.8	M		ZeroCERT

2828	2024-06-19 14:29	build.exe e59cb9f032187838b2be9823757bb85a Malicious Library .NET framework(MSIL) PE File .NET EXE PE32 DNS		1	1	1.0			ZeroCERT

2829	2024-06-19 14:20	lucas.exe 6ac7718e6b8ac2b54f6ad121b1589d99 Malicious Packer Malicious Library UPX PE File .NET EXE PE32 VirusTotal Malware Check memory Checks debugger unpack itself				1.8		36	ZeroCERT

2830	2024-06-19 14:20	invoice.exe dfc21ed56aafad102fd6b985a15f8423 Malicious Library UPX AntiDebug AntiVM PE File PE32 OS Processor Check VirusTotal Malware Code Injection Check memory Creates executable files crashed				4.8		24	ZeroCERT

2831	2024-06-19 14:15	new_image.jpg.exe 3bc246a912d5b2c5db59f9421808d1eb Malicious Library UPX DLL PE File PE32 OS Processor Check .NET DLL VirusTotal Malware PDB				1.0		28	ZeroCERT

2832	2024-06-19 14:00	new_image.jpg.exe 3bc246a912d5b2c5db59f9421808d1eb Malicious Library UPX DLL PE File PE32 OS Processor Check .NET DLL VirusTotal Malware PDB				1.0		28	ZeroCERT

2833	2024-06-19 13:37	AntiVirus.exe 6945668834c3c7223d4d98e0e89428ec Generic Malware Downloader Malicious Packer Malicious Library .NET framework(MSIL) UPX Antivirus Create Service Socket DGA Http API ScreenShot Escalate priviledges Steal credential PWS Sniff Audio HTTP DNS Code injection Internet API FTP KeyLogger P2P Ant Browser Info Stealer VirusTotal Malware Cryptocurrency wallets Cryptocurrency powershell AutoRuns suspicious privilege MachineGuid Code Injection Check memory Checks debugger Creates shortcut ICMP traffic unpack itself Windows utilities powershell.exe wrote suspicious process Ransomware Windows Browser ComputerName Cryptographic key				9.8	M	46	ZeroCERT

2834	2024-06-19 13:36	vc.txt.vbs f6f5a4cce34ca5129908c36df08d4f1a Generic Malware Antivirus PowerShell VirusTotal Malware powershell suspicious privilege Check memory Checks debugger Creates shortcut unpack itself suspicious process WriteConsoleW Windows ComputerName Cryptographic key crashed	1 Keyword trend analysis			6.0	M	8	ZeroCERT

2835	2024-06-19 13:36	adobex.js 52251be9db3c249a21b437db2186a21c VirusTotal Malware VBScript wscript.exe payload download ICMP traffic Dropper	1 Keyword trend analysis	2		10.0		21	ZeroCERT