Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Rule	Score	Zero	VT	Player
3571	2024-07-06 12:48	ukbvxz01.lnk 5029bd93186f57a8f5b7978910999604 Generic Malware Antivirus Lnk Format GIF Format Creates shortcut unpack itself WriteConsoleW					1.0			ZeroCERT

3572	2024-07-05 22:38	64.exe 3e682955546fe3b6b1296a509ff80f65 Malicious Library Malicious Packer UPX PE File .NET EXE PE32 Browser Info Stealer VirusTotal Malware PDB MachineGuid Check memory Checks debugger Creates executable files unpack itself AntiVM_Disk sandbox evasion VM Disk Size Check Browser					4.8	M	48	guest

3573	2024-07-05 22:38	64.exe 3e682955546fe3b6b1296a509ff80f65 Malicious Library Malicious Packer UPX PE File .NET EXE PE32 Browser Info Stealer VirusTotal Malware PDB MachineGuid Check memory Checks debugger Creates executable files unpack itself AntiVM_Disk sandbox evasion VM Disk Size Check Browser					4.8	M	48	guest

3574	2024-07-05 17:50	РОСКОМНАДЗОР письмо Google Ana... adc398c253cff3c1acf9a48e78f5775d PDF VirusTotal Malware					0.4		1	guest

3575	2024-07-05 15:56	64.exe 3e682955546fe3b6b1296a509ff80f65 Malicious Library Malicious Packer UPX PE File .NET EXE PE32 Browser Info Stealer VirusTotal Malware PDB MachineGuid Check memory Checks debugger Creates executable files unpack itself AntiVM_Disk sandbox evasion VM Disk Size Check Browser DNS		1			5.4	M	48	ZeroCERT

3576	2024-07-05 15:54	Report.ps1 054618073752ea5823c98130114a3241 Hide_EXE Generic Malware task schedule Antivirus KeyLogger AntiDebug AntiVM Malware download AsyncRAT NetWireRC VirusTotal Malware Code Injection Check memory buffers extracted unpack itself DDNS		2	3		7.2		10	ZeroCERT

3577	2024-07-05 15:01	Scandoc1114.exe 1028a0939cb0ce3475e93dcab08ebba8 Process Kill Generic Malware Suspicious_Script_Bin Malicious Library FindFirstVolume CryptGenKey UPX PE File PE32 Device_File_Check OS Processor Check Browser Info Stealer Malware download FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware AgentTesla suspicious privilege Check memory Checks debugger buffers extracted unpack itself Check virtual network interfaces IP Check Tofsee Windows Browser Email ComputerName DNS Software crashed keylogger	1 Keyword trend analysis	4	5		9.4	M	51	ZeroCERT

3578	2024-07-05 14:57	22per_.php.vbs 5e93270af81d27f6664145170cf45887 Generic Malware Antivirus Javascript_Blob OS Processor Check Check memory unpack itself WriteConsoleW Windows Cryptographic key					1.0			ZeroCERT

3579	2024-07-05 14:57	22per_.php.vbs 5e93270af81d27f6664145170cf45887 Generic Malware Antivirus Javascript_Blob OS Processor Check Check memory unpack itself WriteConsoleW Windows Cryptographic key					1.0			ZeroCERT

3580	2024-07-05 14:57	22per.php.vbs 434ba8778ce364dbcf397f5ca256c6a4 Generic Malware Antivirus Javascript_Blob OS Processor Check Check memory unpack itself WriteConsoleW Windows Cryptographic key					1.0			ZeroCERT

3581	2024-07-05 14:54	sostener.vbs c45cccf34e0483bbb46f55d04ccb781b Generic Malware Antivirus Hide_URL PowerShell VirusTotal Malware VBScript powershell suspicious privilege Malicious Traffic Check memory Checks debugger buffers extracted wscript.exe payload download Creates shortcut unpack itself Check virtual network interfaces suspicious process Tofsee Windows ComputerName DNS Cryptographic key Dropper	3 Keyword trend analysis	3	2		10.0	M	7	ZeroCERT

3582	2024-07-05 11:13	software.exe 1ed6f9d578e14edad0bf47edf1f6269f Vidar Client SW User Data Stealer LokiBot RedLine stealer ftp Client info stealer Malicious Library .NET framework(MSIL) UPX ASPack Http API PWS HTTP Code injection Internet API AntiDebug AntiVM PE File .NET EXE PE32 OS Processor Check FTP Client Info Stealer VirusTotal Malware Telegram PDB suspicious privilege MachineGuid Code Injection Malicious Traffic Check memory Checks debugger buffers extracted WMI unpack itself Windows utilities Collect installed applications suspicious process malicious URLs sandbox evasion WriteConsoleW anti-virtualization installed browsers check Tofsee Windows Browser ComputerName DNS Software	3 Keyword trend analysis	5	3	1	16.4		32	ZeroCERT

3583	2024-07-05 11:09	Balanza.exe 91256800ace9fbe4fe2158ec132fc01e UPX PE File PE32 MZP Format VirusTotal Malware Check memory					1.4	M	6	ZeroCERT

3584	2024-07-05 11:08	KuwaitSetupHockey.exe 7f69b1fa6c0a0fe8252b40794adc49c6 Emotet Generic Malware Malicious Library UPX Admin Tool (Sysinternals etc ...) Malicious Packer PE File PE32 MZP Format OS Processor Check Lnk Format GIF Format ftp DLL PE64 Buffer PE Check memory Checks debugger buffers extracted Creates shortcut Creates executable files ICMP traffic unpack itself AppData folder AntiVM_Disk VM Disk Size Check ComputerName DNS crashed	1 Keyword trend analysis	9	2		9.8	M		ZeroCERT

3585	2024-07-05 11:07	BestChange.exe 22aea1c65376a239fcead8d4e0ff00e3 Malicious Library .NET framework(MSIL) UPX PE File .NET EXE PE32 VirusTotal Malware PDB Check memory Checks debugger unpack itself ComputerName					1.6	M	2	ZeroCERT