Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Rule	Score	Zero	VT	Player
33061	2022-03-28 18:19	4230_1648314017_5437.exe 7d85d4cdbb617ec644e5ea39a804009f PWS[m] RedLine stealer[m] RAT PWS .NET framework AntiDebug AntiVM .NET EXE PE File PE32 VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself					6.8	M	34	ZeroCERT

33062	2022-03-28 18:17	477_1648224166_8462.exe 2f7c50f565827dabe6a94d3a16f4b214 RAT .NET EXE PE File PE32 Malware download VirusTotal Malware MachineGuid Malicious Traffic Check memory Checks debugger Creates executable files ICMP traffic unpack itself Windows utilities suspicious process AppData folder WriteConsoleW Windows DNS	2 Keyword trend analysis	3	4	2	8.8	M	28	ZeroCERT

33063	2022-03-28 18:17	3211_1648033125_6586.exe d0588f2f63ec6728f72e9283dee2a6dd Obsidium protector UPX .NET EXE PE File PE32 Browser Info Stealer FTP Client Info Stealer VirusTotal Malware suspicious privilege Malicious Traffic Check memory Checks debugger buffers extracted WMI RWX flags setting unpack itself Collect installed applications Check virtual network interfaces sandbox evasion installed browsers check Tofsee Windows Browser ComputerName RCE DNS Cryptographic key Software crashed	1 Keyword trend analysis	3	1		12.2	M	35	ZeroCERT

33064	2022-03-28 18:15	628_1648330545_5592.exe cd02019ee328cbc8b483eb5761015db2 PWS[m] RedLine stealer[m] Generic Malware Antivirus AntiDebug AntiVM PE File PE32 VirusTotal Malware powershell Buffer PE suspicious privilege Code Injection Check memory Checks debugger buffers extracted Creates shortcut unpack itself powershell.exe wrote suspicious process Windows ComputerName DNS Cryptographic key		1			12.2	M	34	ZeroCERT

33065	2022-03-28 18:14	1594_1648371767_4698.exe 6cd547c9839a354f6f09479abf144b51 RAT PWS .NET framework UPX OS Processor Check .NET EXE PE File PE32 VirusTotal Malware PDB suspicious privilege Check memory Checks debugger unpack itself crashed					2.6	M	32	ZeroCERT

33066	2022-03-28 18:12	5036_1648146526_3563.exe 0fb9a48e30c15113f7b1d3055a278581 RAT PWS .NET framework Generic Malware Malicious Packer Malicious Library UPX OS Processor Check .NET EXE PE File PE32 VirusTotal Malware PDB suspicious privilege Check memory Checks debugger unpack itself crashed					2.6	M	34	ZeroCERT

33067	2022-03-28 18:12	6762_1648304407_2545.exe 516860ee9ea6ea663b01d79b7971121a RAT PWS .NET framework .NET EXE PE File PE32 VirusTotal Malware PDB suspicious privilege Check memory Checks debugger unpack itself ComputerName					3.8	M	41	ZeroCERT

33068	2022-03-28 18:10	4048_1648374648_5952.exe 93788173ca76358a3cbed54f7d2041f3 RAT PWS .NET framework UPX OS Processor Check .NET EXE PE File PE32 VirusTotal Malware Check memory Checks debugger unpack itself Windows DNS Cryptographic key		1			3.8	M	41	ZeroCERT

33069	2022-03-28 18:10	5755_1648311609_8617.exe 7f4c65b13475829f834c330ac5df51bf RAT PWS .NET framework .NET EXE PE File PE32 VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself					6.8	M	38	ZeroCERT

33070	2022-03-28 18:08	6359_1648375136_6928.exe 569659eefba72467de0dec7a4c78b5f6 Obsidium protector UPX .NET EXE PE File PE32 Browser Info Stealer FTP Client Info Stealer VirusTotal Malware suspicious privilege Check memory Checks debugger buffers extracted WMI RWX flags setting unpack itself Collect installed applications sandbox evasion installed browsers check Windows Browser ComputerName DNS Cryptographic key Software crashed		2			10.4	M	27	ZeroCERT

33071	2022-03-28 18:08	1156_1648210643_8454.exe a32b40a2442df6d9d2f3fd5d90ebf34d RAT PWS .NET framework Generic Malware UPX OS Processor Check .NET EXE PE File PE32 VirusTotal Malware PDB MachineGuid Check memory Checks debugger unpack itself ComputerName					2.0	M	19	ZeroCERT

33072	2022-03-28 18:06	7027_1648133534_4507.exe 5e2d3eddb851b087f7e0b26775923c21 Malicious Library UPX PE File PE64 VirusTotal Malware Buffer PE AutoRuns Malicious Traffic buffers extracted Creates executable files Disables Windows Security Windows DNS	3 Keyword trend analysis	1	2	3	6.2	M	42	ZeroCERT

33073	2022-03-28 18:06	6244_1648378236_5247.exe 663072e7557d8207807b8737992c5316 RAT PWS .NET framework UPX OS Processor Check .NET EXE PE File PE32 VirusTotal Malware Check memory Checks debugger unpack itself Windows DNS Cryptographic key		2			3.8	M	40	ZeroCERT

33074	2022-03-28 18:06	Docu1067400023.exe a45446231e82afed10fd821a417ef355 PWS[m] RAT PWS .NET framework SMTP KeyLogger AntiDebug AntiVM .NET EXE PE File PE32 Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware AutoRuns suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted Creates executable files unpack itself Check virtual network interfaces suspicious process AppData folder WriteConsoleW IP Check Tofsee Windows Browser Email ComputerName DNS Cryptographic key DDNS Software crashed	3 Keyword trend analysis	6	3		18.6	M	17	ZeroCERT

33075	2022-03-28 18:04	6917_1648366453_2174.exe 266103db7a5bd5f71e5b74772f5a75bb Obsidium protector UPX .NET EXE PE File PE32 Browser Info Stealer FTP Client Info Stealer VirusTotal Malware suspicious privilege Malicious Traffic Check memory Checks debugger buffers extracted WMI RWX flags setting unpack itself Collect installed applications Check virtual network interfaces sandbox evasion installed browsers check Tofsee Windows Browser ComputerName DNS Cryptographic key Software crashed	1 Keyword trend analysis	3	1		11.6	M	28	ZeroCERT