Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Score	Zero	VT	Player
3481	2024-06-04 07:35	0603.exe d4bed9420bd66fbf3c483e1dacabb726 Gen1 Generic Malware Malicious Library Malicious Packer UPX PE File PE32 OS Processor Check VirusTotal Malware PDB RWX flags setting unpack itself Remote Code Execution DNS		1		3.4	M	31	ZeroCERT

3482	2024-06-04 07:33	amm.exe 66d2e8e0fbc5b35bb09587834841f50e Generic Malware Malicious Library UPX PE File PE32 OS Processor Check VirusTotal Malware unpack itself crashed				2.4	M	51	ZeroCERT

3483	2024-06-04 07:31	kano.exe 439dafb5ed95e1036a120948e7996ea0 Malicious Packer Anti_VM PE File PE32 ZIP Format Browser Info Stealer Malware download FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware Cryptocurrency wallets Cryptocurrency AutoRuns MachineGuid Check memory buffers extracted unpack itself Windows utilities Collect installed applications suspicious process AntiVM_Disk sandbox evasion WriteConsoleW anti-virtualization IP Check VM Disk Size Check installed browsers check Tofsee Ransomware Windows Browser RisePro Email ComputerName DNS Software crashed	1 Keyword trend analysis	5	8 Info ET POLICY Possible External IP Lookup Domain Observed in SNI (ipinfo. io) SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) ET DROP Spamhaus DROP Listed Traffic Inbound group 23 ET MALWARE RisePro TCP Heartbeat Packet ET MALWARE [ANY.RUN] RisePro TCP (Token) ET MALWARE [ANY.RUN] RisePro TCP (Exfiltration) ET MALWARE RisePro CnC Activity (Inbound) ET MALWARE [ANY.RUN] RisePro TCP (Activity)	12.6	M	31	ZeroCERT

3484	2024-06-04 07:29	win.exe f74e8a071b955f39231c4c209e30f1a3 Malicious Library Malicious Packer Antivirus UPX PE64 PE File OS Processor Check VirusTotal Malware Check memory Checks debugger unpack itself				2.0	M	46	ZeroCERT

3485	2024-06-04 07:26	legendainstalls.exe da85889e565ecc8279c0d3b12ea0b40b Generic Malware UPX Malicious Library Malicious Packer PE File .NET EXE PE32 DLL OS Processor Check VirusTotal Malware Check memory Checks debugger Creates executable files unpack itself AppData folder WriteConsoleW crashed				3.6	M	31	ZeroCERT

3486	2024-06-04 07:24	%E7%A8%BD%E6%9F%A5%E4%BA%8B%E9... 6bd7b1da6cecdda481d35391eb2ba24f Generic Malware Malicious Library Malicious Packer UPX PE64 PE File OS Processor Check VirusTotal Malware MachineGuid unpack itself Tofsee DNS crashed	1 Keyword trend analysis	2	3	2.0		13	ZeroCERT

3487	2024-06-04 07:22	FrameworkSurvivor.exe 69f6dcdb3d87392f300e9052de99d7ce NSIS Generic Malware Downloader Malicious Library UPX Create Service Socket DGA Http API ScreenShot Escalate priviledges Steal credential PWS Hijack Network Sniff Audio HTTP DNS Code injection Internet API persistence FTP KeyLogger P2P AntiDebug AntiVM PE VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger WMI Creates executable files unpack itself Windows utilities suspicious process AppData folder malicious URLs WriteConsoleW Windows ComputerName				6.6		10	ZeroCERT

3488	2024-06-04 07:22	lumma2705.exe a09ef83719952de3da58e3af375af664 Generic Malware Malicious Library UPX PE File PE32 OS Processor Check VirusTotal Malware PDB unpack itself crashed				2.8		58	ZeroCERT

3489	2024-06-03 22:53	python-3.12.3-amd64.exe c86949710e0471a065db970290819489 Generic Malware Malicious Library UPX PE File PE32 CAB OS Processor Check PDB Check memory Checks debugger Creates executable files unpack itself				2.0			guest

3490	2024-06-03 22:21	RUS_QGYTZ.exe 5e3bc7cfb4f18e8c55e2808cd0d74bcf Gen1 Generic Malware Malicious Library UPX Anti_VM PE File PE32 OS Processor Check DLL Checks debugger unpack itself Detects VirtualBox Check virtual network interfaces AppData folder anti-virtualization ComputerName Firmware				4.4			guest

3491	2024-06-03 22:19	haspdinst_8_31+(2).exe 235623c73f1d0283860da85f75d41500 Gen1 Generic Malware Malicious Library Malicious Packer UPX Anti_VM PE File PE32 CAB OS Processor Check DLL VirusTotal Malware Check memory Checks debugger Creates executable files unpack itself AppData folder AntiVM_Disk VM Disk Size Check				2.4		2	guest

3492	2024-06-03 15:15	RFQ#ORDER-SP-24-0217891-003.do... 527d1b34d5c5759d38b6496008e379b1 NSIS Malicious Library UPX PE File PE32 VirusTotal Malware				1.2		34	ZeroCERT

3493	2024-06-03 14:26	RFQ7834599403 0037JH864_Rev001... 43f40fde792d50035c3769354a3208c0 NSIS Generic Malware Malicious Library UPX Antivirus PE File PE32 powershell suspicious privilege Check memory Checks debugger WMI Creates shortcut unpack itself Windows utilities powershell.exe wrote suspicious process WriteConsoleW Windows ComputerName Cryptographic key				6.2			ZeroCERT

3494	2024-06-03 14:26	RFQ#ORDER-SP-24-0217891-003.do... 527d1b34d5c5759d38b6496008e379b1 NSIS Malicious Library UPX PE File PE32 DLL JPEG Format VirusTotal Malware Check memory Creates executable files unpack itself AppData folder				2.6		34	ZeroCERT

3495	2024-06-03 14:14	Safety Manager JD (General Dyn... 8346d90508b5d41d151b7098c7a3e868 Client SW User Data Stealer browser info stealer Generic Malware Hide_EXE Google Chrome User Data Downloader Malicious Library UPX Antivirus Create Service Socket DGA Http API ScreenShot Escalate priviledges Steal credential PWS Sniff Audio HTTP DNS Code Browser Info Stealer VirusTotal Malware powershell AutoRuns suspicious privilege Code Injection Check memory Checks debugger Creates shortcut exploit crash unpack itself Windows utilities Auto service suspicious process malicious URLs WriteConsoleW installed browsers check Windows Exploit Browser ComputerName Cryptographic key crashed	1 Keyword trend analysis	1		12.6		8	ZeroCERT