Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Score	Zero	VT	Player
3526	2024-07-08 09:48	update.exe f8ae25eb2bef827759f8cd837ad85bda Browser Login Data Stealer Generic Malware Malicious Library Downloader Malicious Packer UPX PE File PE64 OS Processor Check Browser Info Stealer VirusTotal Malware Malicious Traffic RWX flags setting sandbox evasion VMware Windows Update Browser DNS crashed	1 Keyword trend analysis	1	2	5.6	M	45	ZeroCERT

3527	2024-07-08 09:48	1.exe ed44c98c40576ef50f6abcf6e40c71d7 UPX PE File PE32 VirusTotal Malware suspicious privilege Windows utilities WriteConsoleW Windows DNS		1		4.0	M	23	ZeroCERT

3528	2024-07-08 09:46	Installer.exe bed8cdced2d57be2bd750f0f59991ecd Malicious Library UPX PE File .NET EXE PE32 OS Processor Check VirusTotal Malware Cryptocurrency wallets Cryptocurrency Telegram AutoRuns suspicious privilege MachineGuid Check memory Checks debugger Creates executable files unpack itself Windows utilities Check virtual network interfaces suspicious process AppData folder AntiVM_Disk WriteConsoleW VM Disk Size Check Tofsee Ransomware Windows ComputerName DNS		4	4	9.8	M	63	ZeroCERT

3529	2024-07-08 09:46	build.exe 7081e613321921500b70899fddb56a4d RedLine stealer RedlineStealer Malicious Library .NET framework(MSIL) UPX PE File .NET EXE PE32 OS Processor Check VirusTotal Malware Check memory Checks debugger unpack itself Windows DNS Cryptographic key		1		3.8	M	63	ZeroCERT

3530	2024-07-08 09:44	windows_update.exe 14129aa32bbd6bf03d3cde8837119e2a UPX PE File PE64 VirusTotal Malware				2.2	M	27	ZeroCERT

3531	2024-07-08 09:44	tool.exe 34c704347497551c5593eeabebb7b6ce UPX PE File PE64 VirusTotal Malware suspicious privilege Windows utilities WriteConsoleW Windows DNS		2		5.2	M	44	ZeroCERT

3532	2024-07-08 09:44	igccu.exe c3ebea7cd7e96887d0fffff22bf00101 Process Kill Generic Malware Suspicious_Script_Bin Malicious Library FindFirstVolume CryptGenKey UPX PE File PE32 Device_File_Check OS Processor Check DLL Browser Info Stealer VirusTotal Malware Checks debugger buffers extracted Creates executable files unpack itself AppData folder Browser	15 Keyword trend analysis Info http://www.wwfglobal.com/m95o/ http://www.freel2charger.com/a4ue/?Xp3xoqu0=3Vd/jhwRuTdOxuTB8JI5nOWg/apgnlL07zqrrDtNySlQNx92si9z0GTEyKNUovs2vFDx3z0WHuC5qtQtmV1Z+JPFOszkR7570ju18v427TjxuMC6Q9FdcnyuD0lX4EuWURba81w=&3C=-W0nH4abwqVx6Z http://www.j1k.tech/ggih/?Xp3xoqu0=i8yzt6XI/zjj0EvWzDpVtZBP16SoDk4AakjQiSQahgkkQjG9W6bktvv9lCGUtqBrNJmyocQc6INn5KIHl6b9E9My6YsY/pwJyHRA4RGjG4LpDxC6HG5D7wyJQEAKu8/ahrYwvcM=&3C=-W0nH4abwqVx6Z http://www.haimai.site/icf0/ http://www.ssicma.org/qxr1/ http://www.j1k.tech/ggih/ http://www.theweekendcreator.com/awb5/?Xp3xoqu0=q3JBavBuYNoAFHwauSUUJN+keHbDXRNO3B64FYkHj+ESHjf6uMe8Ml18n4dPe7A7aU95Qh4NdpEzKf8PQGGhOsCO//xwyGdpY4pSV5d1JaOmNNNmKMZpMyvkuOK0EM5V1PaCanQ=&3C=-W0nH4abwqVx6Z http://www.wwfglobal.com/m95o/?Xp3xoqu0=loIQP3UiqoDjBFJmw0L2TRhB20kRG2X9tn2fHKVmv6zwqnZvk5N84SggBG/BgRcfHRNHZvwpARRf777bnidZ37SD7iT6sqAUnBDtKNk/rHev/lWeFvdkUpIQjUOAVmPnkAOAZpw=&3C=-W0nH4abwqVx6Z http://www.haimai.site/icf0/?Xp3xoqu0=U4JeMG3qb5QJeBzWswvZRpXbdUbus2JptZtYRCnPoVuWQN8AMfSV/KSC/xeCxJC/O44U6AJahBfYedKb0boAnF2JoNLnI8yTZ7fVdLrvsXMgQtoLZXOjy9i/SxhsIguY533/7XI=&3C=-W0nH4abwqVx6Z http://www.valerieomage.com/szs0/ http://www.valerieomage.com/szs0/?Xp3xoqu0=nINTDym7Q9j+BCpkuujjwjGAmK2M3l6Ta6JnU7my4W3+ygqCWIWSYrKZWHtet07iDDp0UTeAPatxkU+Y4s9MpkgkU/s8fphY9KdqoJ4yoDvxJ+HW3rS0xLPCSn9cTKONJWJmDmU=&3C=-W0nH4abwqVx6Z http://www.sqlite.org/2017/sqlite-dll-win32-x86-3210000.zip http://www.freel2charger.com/a4ue/ http://www.ssicma.org/qxr1/?Xp3xoqu0=2m4sk20gG7hdiEEZPbwTHBPhtGachfxfUQkVGf1jp+PhCTwkzgTQmGXQy0a1TEtXBjpQyKYGB70SN5YHZcubEUeNS431TYCqoE6spLmJedjPDy0EPuJ9tZ8AUv34yB9u8tQMDRY=&3C=-W0nH4abwqVx6Z http://www.theweekendcreator.com/awb5/	17 Info www.wwfglobal.com(52.1.217.30) www.theweekendcreator.com(217.160.0.87) - mailcious www.jjkelker.com() www.glucotrustlonely.best() www.freel2charger.com(64.98.135.118) www.ssicma.org(15.197.148.33) www.j1k.tech(84.32.84.32) www.haimai.site(195.110.124.133) www.valerieomage.com(23.227.38.74) 64.98.135.118 52.1.217.30 195.110.124.133 - mailcious 3.33.130.190 - phishing 217.160.0.87 - mailcious 84.32.84.32 - mailcious 45.33.6.223 23.227.38.74 - mailcious		7.2		52	ZeroCERT

3533	2024-07-08 09:42	igccu.exe 7e65b6742284236fdd138467fad4a26b Process Kill Generic Malware Suspicious_Script_Bin Malicious Library FindFirstVolume CryptGenKey UPX PE File PE32 Device_File_Check OS Processor Check FormBook Malware download VirusTotal Malware suspicious privilege Malicious Traffic Checks debugger unpack itself	1 Keyword trend analysis	4	1	4.4		49	ZeroCERT

3534	2024-07-08 09:40	aaa.exe e52ba92d25281e90aa7f27bd3719951f Malicious Library Malicious Packer Antivirus .NET framework(MSIL) UPX PE File .NET EXE PE32 OS Processor Check VirusTotal Malware Check memory Checks debugger unpack itself				2.0		63	ZeroCERT

3535	2024-07-08 09:39	Server.exe 68fad5f5f8de1c290df5d3754b4af358 Generic Malware Malicious Library Malicious Packer .NET framework(MSIL) UPX PE File .NET EXE PE32 OS Processor Check VirusTotal Malware				1.2		65	ZeroCERT

3536	2024-07-08 09:32	1.exe 956cc5fc3eb02c4e9fa0f180a7155895 ELF VirusTotal Malware				0.4	M	3	ZeroCERT

3537	2024-07-08 07:58	vidar0607.exe 47a4c6547aaa57510c4d02ce8a6ae548 Generic Malware Malicious Library UPX PE File PE32 OS Processor Check VirusTotal Malware unpack itself crashed				2.2	M	39	ZeroCERT

3538	2024-07-08 07:56	win.exe 36dcf115331160b2f88e83e5b8d07036 UPX Anti_VM PE File PE64 VirusTotal Malware				2.2	M	24	ZeroCERT

3539	2024-07-08 07:54	lumma0607.exe 383dc98d03038d2374701a5bfa5d8c0a Generic Malware Malicious Library UPX PE File PE32 OS Processor Check VirusTotal Malware unpack itself crashed				2.4	M	54	ZeroCERT

3540	2024-07-08 07:52	PACKAGE_DEMO.exe e450ca946d4bf6173ebe3f00c3d08d81 Generic Malware Malicious Library Malicious Packer UPX PE File PE64 OS Processor Check Browser Info Stealer Malware download VirusTotal Email Client Info Stealer Malware Cryptocurrency wallets Cryptocurrency Check memory Creates shortcut Collect installed applications sandbox evasion IP Check installed browsers check Tofsee Ransomware MeduzaStealer Stealer Browser Email ComputerName Trojan Banking DNS		3	8 Info ET INFO TLS Handshake Failure ET INFO External IP Address Lookup Domain (ipify .org) in TLS SNI SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) ET INFO External IP Lookup Domain (ipify .org) in DNS Lookup ET MALWARE Win32/Unknown Grabber Base64 Data Exfiltration Attempt ET MALWARE [ANY.RUN] Meduza Stealer Exfiltration M2 ET MALWARE [ANY.RUN] Possible Meduza Stealer Exfiltration (TCP) SURICATA Applayer Protocol detection skipped	11.8	M	56	ZeroCERT