popup

Submissions

No Date Request Urls Hosts IDS Rule Score Zero VT Player Etc
3196 2020-11-20 13:56 8YAOuE8zfTpo1M9.exe  

7e305229b6f13f866e2cae249318c9e3


VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger buffers extracted Creates executable files unpack itself Windows utilities suspicious process AppData folder malicious URLs WriteConsoleW Ransomware Windows Tor ComputerName DNS crashed 		14.2 M 21 guest

3197 2020-11-20 13:57 411.exe  

2398469593c9dec9561a556b30f6d63a


VirusTotal Malware Buffer PE AutoRuns suspicious privilege Code Injection Check memory Checks debugger buffers extracted Creates executable files unpack itself Windows utilities suspicious process AppData folder malicious URLs Ransomware Windows Tor ComputerName Cryptographic key crashed 		14.8 M 54 guest

3198 2020-11-20 13:57 uwgi에러.txt  

099d5cbb5f4db4f3a73b3fa6ca869273


Check memory unpack itself 		1.0 admin

3199 2020-11-20 13:59 ac.exe  

49ba8ccea19e418fd166e89e46e2897f


VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger buffers extracted ICMP traffic unpack itself malicious URLs DNS 		3 11.2 M 20 guest

3200 2020-11-20 14:10 ac.exe  

49ba8ccea19e418fd166e89e46e2897f


VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself malicious URLs 		3 9.4 M 20 guest

3201 2020-11-20 14:13 ac.exe  

49ba8ccea19e418fd166e89e46e2897f


VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger buffers extracted ICMP traffic unpack itself malicious URLs 		3 10.2 M 20 admin

3202 2020-11-20 18:46 ac.exe  

49ba8ccea19e418fd166e89e46e2897f


VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself malicious URLs 		3 9.8 M 48 guest

3203 2020-11-20 18:47 azchgftrq.exe  

b403152a9d1a6e02be9952ff3ea10214


Browser Info Stealer Malware download Vidar VirusTotal Email Client Info Stealer Malware Cryptocurrency wallets Cryptocurrency suspicious privilege MachineGuid Code Injection Malicious Traffic Check memory Checks debugger buffers extracted WMI Creates executable files ICMP traffic unpack itself Windows utilities Collect installed applications Check virtual network interfaces suspicious process AppData folder malicious URLs WriteConsoleW anti-virtualization installed browsers check OskiStealer Stealer Windows Browser Email ComputerName DNS 		10 3 6 20.2 M 26 guest

3204 2020-11-21 17:05 azchgftrq.exe  

b403152a9d1a6e02be9952ff3ea10214


VirusTotal Malware suspicious privilege MachineGuid Code Injection Malicious Traffic Check memory Checks debugger buffers extracted Creates executable files unpack itself Check virtual network interfaces AppData folder malicious URLs Windows ComputerName 		2 5 13.6 M 26 guest

3205 2020-11-21 17:06 BQoFEXaNOEtJ9dC.exe  

cbd9b726eb72d78bfba34ae1a7719ef2


VirusTotal Malware suspicious privilege Malicious Traffic Check memory Checks debugger Creates executable files unpack itself Windows utilities Check virtual network interfaces suspicious process AppData folder malicious URLs WriteConsoleW Ransomware Windows Tor ComputerName DNS crashed 		1 2 11.4 M 44 guest

3206 2020-11-21 17:09 document.doc  

bdf4feb317e41d2c450e006e90836e88


VirusTotal Malware exploit crash unpack itself malicious URLs Windows Exploit DNS crashed 		4 2 5.2 M 27 guest

3207 2020-11-21 17:09 ds1.exe  

db0b8c1100f32aafe63cb885a30cc7e0


VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger buffers extracted Creates executable files unpack itself malicious URLs crashed 		8.0 M 17 ZeroCERT

3208 2020-11-21 17:14 fank.exe  

fe2b5814b851201115c8964989899a4e


Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware suspicious privilege Check memory Checks debugger unpack itself Check virtual network interfaces malicious URLs IP Check Tofsee Ransomware Windows Browser Tor Email ComputerName Cryptographic key Software crashed 		2 4 1 11.4 M 51 ZeroCERT

3209 2020-11-21 17:14 ds1.exe  

db0b8c1100f32aafe63cb885a30cc7e0


VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger buffers extracted Creates executable files unpack itself malicious URLs DNS crashed 		8.6 M 17 ZeroCERT

3210 2020-11-21 17:16 nnab.exe  

f87c759372219f7aea1b53289f8f4ad8


VirusTotal Malware Code Injection buffers extracted unpack itself sandbox evasion crashed 		5.6 M 28 ZeroCERT

keyword