popup

Submissions

No Date Request Urls Hosts IDS Rule Score Zero VT Player Etc
35581 2022-01-18 10:29 shipping_content_file.jar  

e3dba28a1ee161da74def4d4417b201e


Gen1 NPKI Generic Malware Malicious Library UPX Malicious Packer OS Processor Check MSOffice File PE File PE32 DLL VirusTotal Email Client Info Stealer Malware AutoRuns Check memory Checks debugger buffers extracted WMI Creates executable files RWX flags setting unpack itself Windows utilities Check virtual network interfaces suspicious process AppData folder WriteConsoleW IP Check Windows Java Email ComputerName DNS crashed 		2 11 1 9.0 M 12 ZeroCERT

35582 2022-01-18 10:26 JcDnYBSKpyfU  

10f5439bf6c4a72a845ba8945620bdc3


Malicious Packer Malicious Library UPX PE File OS Processor Check PE32 DLL VirusTotal Malware Checks debugger ICMP traffic RWX flags setting unpack itself sandbox evasion ComputerName DNS 		13 6.4 10 ZeroCERT

35583 2022-01-18 10:26 MediaPlayer.exe  

c07f4cb050b38f534e8ca8cab866fa71


Malicious Library UPX PE File OS Processor Check PE32 PDB unpack itself 		0.6 ZeroCERT

35584 2022-01-18 10:19 Service.bmp  

dabae535097a94f593d5afad04acd5ea


Malicious Library UPX PE File OS Processor Check PE32 VirusTotal Malware Malicious Traffic Check memory buffers extracted suspicious TLD DNS 		2 8 1 4.6 M 47 ZeroCERT

35585 2022-01-18 10:19 lionlee.exe  

3bd42085584a11f32b619102c57eba91


Ave Maria WARZONE RAT Generic Malware Malicious Packer Malicious Library UPX PE File OS Processor Check PE32 VirusTotal Malware MachineGuid Check memory WMI unpack itself AntiVM_Disk VM Disk Size Check ComputerName RCE crashed 		2 4.4 M 46 ZeroCERT

35586 2022-01-18 10:17 OLDTEXE.exe  

b628fc267d7a45f2fc59e9f9ae9a7b26


PWS .NET framework Hide_EXE Generic Malware Antivirus PE File PE32 .NET EXE VirusTotal Malware suspicious privilege Check memory Checks debugger Creates shortcut unpack itself suspicious process AppData folder Windows ComputerName Cryptographic key 		4.8 M 45 ZeroCERT

35587 2022-01-18 10:16 db_sos.exe  

14197a464695f025b5285b7aec90246f


ASPack PE File PE32 VirusTotal Malware Check memory unpack itself RCE Trojan Banking crashed 		3.4 21 ZeroCERT

35588 2022-01-18 10:14 9833_1642430208_7948.exe  

f4130da97980d97dda8c1917ec49d04c


RedLine stealer[m] NPKI RAT Generic Malware TEST AntiDebug AntiVM PE File PE32 .NET EXE Browser Info Stealer FTP Client Info Stealer VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger buffers extracted WMI unpack itself Collect installed applications installed browsers check Windows Browser ComputerName DNS Cryptographic key Software crashed 		1 11.2 M 21 ZeroCERT

35589 2022-01-18 10:07 cc.html  

8f12c9ff33ea9aa35e97faaeb09f63d7


emotet Generic Malware Malicious Packer Malicious Library UPX Antivirus AntiDebug AntiVM PE File OS Processor Check PE32 DLL VirusTotal Malware powershell AutoRuns suspicious privilege MachineGuid Code Injection Malicious Traffic Check memory Checks debugger buffers extracted Creates shortcut Creates executable files RWX flags setting unpack itself Windows utilities Auto service powershell.exe wrote Check virtual network interfaces suspicious process sandbox evasion WriteConsoleW Windows ComputerName DNS Cryptographic key 		2 22 1 15.4 M 6 ZeroCERT

35590 2022-01-18 10:00 kdmapper.exe  

cb06eaaab474acba326f863bf3519688


RAT Generic Malware UPX PE64 PE File VirusTotal Malware Check memory Checks debugger Creates executable files unpack itself 		2.8 M 39 ZeroCERT

35591 2022-01-18 09:59 rea4gb440m4.exe  

dda320cdb60094470b148e93760105f3


PE File PE32 VirusTotal Malware Checks debugger unpack itself 		2.4 M 39 ZeroCERT

35592 2022-01-18 09:58 hsh.exe  

be40cd9201701836b9f39ec261dbcabb


Generic Malware task schedule Antivirus Create Service DGA Socket DNS Internet API Code injection Sniff Audio HTTP KeyLogger FTP Escalate priviledges Downloader ScreenShot P2P Steal credential Http API AntiDebug AntiVM PE64 PE File VirusTotal Malware AutoRuns suspicious privilege MachineGuid Code Injection Check memory Checks debugger buffers extracted Creates shortcut unpack itself Windows utilities suspicious process Windows ComputerName Cryptographic key 		11.0 M 36 ZeroCERT

35593 2022-01-18 09:57 quninix.exe  

bab3def9f13753a5fdf4e9b4bf251689


RedLine stealer[m] NPKI Generic Malware Malicious Library UPX AntiDebug AntiVM PE File OS Processor Check PE32 PE64 Browser Info Stealer VirusTotal Malware Buffer PE suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted WMI Creates executable files ICMP traffic unpack itself Collect installed applications Check virtual network interfaces installed browsers check Windows Browser ComputerName DNS Cryptographic key crashed 		2 7 1 14.4 M 49 ZeroCERT

35594 2022-01-18 09:56 dsssss.vmp.exe  

4458c540fd331753fb4539c51664a3bb


RAT Generic Malware Malicious Packer TEST VMProtect UPX Antivirus PE64 PE File VirusTotal Malware AutoRuns suspicious privilege MachineGuid Check memory Checks debugger Creates shortcut unpack itself Windows utilities Check virtual network interfaces suspicious process Windows ComputerName Cryptographic key 		6.2 M 28 ZeroCERT

35595 2022-01-18 09:54 shipping_content_file.jar  

e3dba28a1ee161da74def4d4417b201e


Gen1 Generic Malware Malicious Library OS Processor Check MSOffice File VirusTotal Malware Check memory heapspray unpack itself Java 		2.0 M 12 ZeroCERT

keyword