Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	Score	Zero	VT	Player
33136	2022-03-26 10:21	226.exe 3fba66f2f0e5abdcb3c0f264fcb92ce9 PWS[m] RedLine stealer[m] NPKI Emotet RAT PWS .NET framework Malicious Library UPX Malicious Packer Antivirus Create Service DGA Socket ScreenShot DNS Internet API Code injection Sniff Audio HTTP Steal credential KeyLogger P2P Downloader Escalate priviled Browser Info Stealer FTP Client Info Stealer VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger buffers extracted WMI Creates executable files unpack itself Windows utilities Collect installed applications AntiVM_Disk WriteConsoleW VM Disk Size Check installed browsers check Windows Browser ComputerName DNS Cryptographic key Software crashed		1	10.6		11	ZeroCERT

33137	2022-03-26 10:20	sefile.exe 97119d47867dfb63f3ccde928d539f58 Malicious Library PE File PE32 VirusTotal Malware PDB unpack itself RCE			1.6	M	25	ZeroCERT

33138	2022-03-26 10:18	230.exe 4055925f00a70eb57712c0f185bdbf00 PWS[m] RedLine stealer[m] AntiDebug AntiVM PE File PE32 Browser Info Stealer FTP Client Info Stealer VirusTotal Malware Buffer PE suspicious privilege Code Injection Check memory Checks debugger buffers extracted WMI unpack itself Windows Browser ComputerName DNS Cryptographic key Software crashed		1	11.0	M	30	ZeroCERT

33139	2022-03-26 10:18	232.exe cbb9b40b7b9316f1ba472d5fe171b169 ASProtect PE File PE32			0.8			ZeroCERT

33140	2022-03-26 10:17	233.exe 632d6fb83b1d8707145c5be76396c596 PWS[m] RedLine stealer[m] ASProtect AntiDebug AntiVM PE File PE32 Browser Info Stealer FTP Client Info Stealer VirusTotal Malware Buffer PE suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself Collect installed applications installed browsers check Windows Browser ComputerName DNS Cryptographic key Software crashed		1	11.0	M	24	ZeroCERT

33141	2022-03-26 10:16	alfile.exe e01c0c7d91a7030bb17c272044442bb1 Malicious Library PE File PE32 VirusTotal Malware PDB unpack itself RCE			2.4	M	47	ZeroCERT

33142	2022-03-26 10:15	K3362p2954.doc 2549fdb48c76b7dacf0dc369e4c7e8db VBA_macro Generic Malware MSOffice File VirusTotal Malware unpack itself DNS		1	3.6		23	ZeroCERT

33143	2022-03-26 09:56	Akt_sverki_Consultant.docx.lnk e8fce013184401fb8d6e248fc91b4f9e PWS[m] Generic Malware Create Service DGA Socket ScreenShot DNS Internet API Code injection Sniff Audio HTTP Steal credential KeyLogger P2P Downloader Escalate priviledges persistence FTP Http API AntiDebug AntiVM GIF Format Word 2007 file format(docx) VirusTotal Malware MachineGuid Code Injection Malicious Traffic Check memory Checks debugger buffers extracted Creates shortcut unpack itself Windows utilities Check virtual network interfaces suspicious process WriteConsoleW GameoverP2P Zeus Windows Trojan Banking DNS Cryptographic key	7 Keyword trend analysis	2	9.8	M	4	ZeroCERT

33144	2022-03-26 09:47	Form - Mar 26_ 2022.xls 45bfa4c49f3998d874df60f3f86c12dc PWS[m] ScreenShot KeyLogger AntiDebug AntiVM MSOffice File Code Injection unpack itself			2.0			ZeroCERT

33145	2022-03-26 09:40	b123.exe 2e89a7aae558e9be86042e2bd7e65803 Gen2 Gen1 Malicious Library UPX OS Processor Check PE File PE32 VirusTotal Malware unpack itself ComputerName		2	3.6		50	ZeroCERT

33146	2022-03-26 09:40	borw4.doc 279e7ad898e2c667b6c933a9bf87494d MSOffice File RWX flags setting			1.2			ZeroCERT

33147	2022-03-26 09:34	Payment 622558388_03252022 xlx... 9aa3fb9a528a12893b0a932f3ae0bb51 RAT PWS .NET framework Generic Malware Antivirus .NET EXE PE File PE32 VirusTotal Malware powershell suspicious privilege Malicious Traffic Check memory Checks debugger buffers extracted Creates shortcut unpack itself powershell.exe wrote Check virtual network interfaces suspicious process Windows ComputerName Cryptographic key	1 Keyword trend analysis	2	5.8		20	ZeroCERT

33148	2022-03-26 09:15	vbc.exe 4ffe63bc2aee54a04661c96742b7cfd1 Malicious Library UPX PE File PE32 VirusTotal Malware Code Injection Check memory Creates executable files unpack itself AppData folder			4.0	M	26	ZeroCERT

33149	2022-03-26 09:13	vbc.exe f2f14fcb63ff7e0106a1fe73386702ad Malicious Library UPX PE File PE32 Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware suspicious privilege MachineGuid Code Injection Malicious Traffic Check memory Creates executable files unpack itself AntiVM_Disk VM Disk Size Check installed browsers check Browser Email ComputerName Software	1 Keyword trend analysis	2	9.6	M	27	ZeroCERT

33150	2022-03-26 09:11	rc.exe 1098eea1ee550a0b6100a11be53d27d8 PWS[m] Generic Malware Malicious Library Admin Tool (Sysinternals etc ...) UPX Antivirus Create Service DGA Socket ScreenShot DNS Internet API Code injection Sniff Audio HTTP Steal credential KeyLogger P2P Downloader Escalate priviledges FTP Http API Anti Emotet VirusTotal Malware powershell Buffer PE AutoRuns suspicious privilege Code Injection Check memory Checks debugger buffers extracted Creates shortcut Creates executable files ICMP traffic RWX flags setting unpack itself Windows utilities suspicious process WriteConsoleW Windows ComputerName RCE Cryptographic key crashed	1 Keyword trend analysis	7	15.4	M	28	ZeroCERT