Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Score	Zero	VT	Player
3691	2024-05-28 11:13	4.exe efdf33fdadb58c109e3811a2db514904 Generic Malware Malicious Library UPX PE File PE32 OS Processor Check VirusTotal Malware unpack itself Remote Code Execution				2.6	M	57	ZeroCERT

3692	2024-05-28 11:11	example.exe 356697b39d3721250aa3cc92bacc6120 Malicious Packer PE File PE32 VirusTotal Malware unpack itself DNS		1		4.0	M	67	ZeroCERT

3693	2024-05-28 11:08	toolspub1.exe 32685b36f7414ff7a3434cc6735d0a62 Generic Malware Malicious Library PE File PE32 VirusTotal Malware unpack itself DNS		1		2.4	M	33	ZeroCERT

3694	2024-05-28 11:08	kureyonshinchan.exe 598f99c870529c864b369aff4b27fc20 PhysicalDrive Generic Malware Malicious Library Malicious Packer Antivirus UPX PE File PE32 OS Processor Check PE64 DLL Malware download VirusTotal Malware AutoRuns Malicious Traffic Check memory Creates executable files unpack itself Windows utilities suspicious process AntiVM_Disk sandbox evasion WriteConsoleW VM Disk Size Check Windows Browser ComputerName Remote Code Execution DNS crashed	6 Keyword trend analysis	3	8 Info ET ADWARE_PUP User-Agent (Mozilla/4.0 (compatible)) ET HUNTING Rejetto HTTP File Sever Response ET HUNTING Terse Request for .txt - Likely Hostile ET POLICY PE EXE or DLL Windows file download HTTP ET MALWARE Possible Windows executable sent when remote host claims to send a Text File ET HUNTING SUSPICIOUS Dotted Quad Host MZ Response ET INFO Packed Executable Download ET INFO EXE IsDebuggerPresent (Used in Malware Anti-Debugging)	9.8	M	36	ZeroCERT

3695	2024-05-28 11:04	STHealthBQ.exe e67f683eac76d370334f3fdf51aa430a RedLine Infostealer UltraVNC Generic Malware Malicious Library UPX PE File PE32 OS Processor Check VirusTotal Malware PDB suspicious privilege Check memory Checks debugger unpack itself Windows Cryptographic key crashed				3.4	M	44	ZeroCERT

3696	2024-05-28 11:02	tsaplQyj.exe bcdda917607e4c698f148d10466c3b80 Process Kill Generic Malware Suspicious_Script_Bin Malicious Library FindFirstVolume CryptGenKey UPX PE File Device_File_Check PE32 OS Processor Check Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware suspicious privilege Check memory Checks debugger unpack itself Browser Email ComputerName Software crashed				5.4	M	57	ZeroCERT

3697	2024-05-28 11:01	AppGate2103v15.exe f0587649682207064554a2372966435d Generic Malware UPX PE64 PE File OS Processor Check VirusTotal Malware heapspray unpack itself Windows Remote Code Execution crashed				4.4	M	51	ZeroCERT

3698	2024-05-28 10:58	server.exe cea282b7b4912cbab23179d043cde05d Malicious Library VMProtect PE64 PE File VirusTotal Malware unpack itself crashed				2.8	M	46	ZeroCERT

3699	2024-05-28 10:56	STHealthUpload.exe 26c7da49199c31fcfe179cee64b89116 RedLine Infostealer UltraVNC Generic Malware Malicious Library UPX PE File PE32 OS Processor Check VirusTotal Malware PDB suspicious privilege Check memory Checks debugger unpack itself Windows Cryptographic key crashed				3.4	M	48	ZeroCERT

3700	2024-05-28 10:53	STHealthUp.exe e78473bca17b8e1e7353570719b5ad0c RedLine Infostealer UltraVNC Generic Malware Malicious Library UPX PE File PE32 OS Processor Check VirusTotal Malware PDB suspicious privilege Check memory Checks debugger unpack itself Windows Cryptographic key crashed				3.4	M	46	ZeroCERT

3701	2024-05-28 10:51	venom.exe 195032debcdcfbd4e56986070144a475 Malicious Packer PE File PE32 VirusTotal Malware unpack itself DNS		1		3.6	M	67	ZeroCERT

3702	2024-05-28 10:49	wsiopohwqsd.exe a7e106df2ca7b17bd39ec582d19522a0 Process Kill Generic Malware Suspicious_Script_Bin Malicious Library FindFirstVolume CryptGenKey UPX PE File Device_File_Check PE32 OS Processor Check Browser Info Stealer VirusTotal Email Client Info Stealer Malware suspicious privilege Malicious Traffic Check memory Checks debugger unpack itself Check virtual network interfaces IP Check Browser Email ComputerName crashed	1 Keyword trend analysis	2	1	7.0	M	53	ZeroCERT

3703	2024-05-28 10:49	go.exe 02a0c991ae4070f754f0d46ee1cacf68 Generic Malware Malicious Library UPX AntiDebug AntiVM PE File PE32 OS Processor Check MSOffice File VirusTotal Malware Code Injection Check memory Checks debugger buffers extracted RWX flags setting exploit crash unpack itself Windows utilities Tofsee Windows Exploit DNS crashed	8 Keyword trend analysis Info https://accounts.google.com/generate_204?Bd_bhQ https://www.google.com/favicon.ico https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Faccounts.google.com%2F&followup=https%3A%2F%2Faccounts.google.com%2F&ifkv=AaSxoQxJSQfRgSvbcN4CCAR5Cv1vi0mtSDJubDwaCZfi3oDyh2K0IRbr6QdURxYZZ9aKOSzITZzYCw&passive=1209600&flowName=WebLiteSignIn&flowEntry=ServiceLogin&dsh=S-1526235381%3A1716860687656877 https://accounts.google.com/ServiceLogin?passive=1209600&continue=https%3A%2F%2Faccounts.google.com%2F&followup=https%3A%2F%2Faccounts.google.com%2F https://accounts.google.com/_/bscframe https://accounts.google.com/ https://accounts.google.com/InteractiveLogin?continue=https://accounts.google.com/&followup=https://accounts.google.com/&passive=1209600&ifkv=AaSxoQyfq-7cY1XYRwY0ShX6ZV4VcZueKcLnzJPsI6p6tZOYS9WyJYiRxxUn4zwmOnW_RmvTApfUTA https://ssl.gstatic.com/images/branding/googlelogo/2x/googlelogo_color_74x24dp.png	6	1	6.2	M	38	ZeroCERT

3704	2024-05-28 10:45	GGWS_UPLOAD.exe cbaa1a61c93704f1540e48a8dd9bac14 RedLine Infostealer UltraVNC Generic Malware Malicious Library UPX PE File PE32 OS Processor Check VirusTotal Malware PDB suspicious privilege Check memory Checks debugger unpack itself Windows Cryptographic key crashed				3.4	M	51	ZeroCERT

3705	2024-05-28 10:45	applovin_ic_mediation_inmobi.x... 3587f4e12056e3bad710ecc16cf29283 Downloader Create Service Socket DGA Http API ScreenShot Escalate priviledges Steal credential PWS Hijack Network Sniff Audio HTTP DNS Code injection Internet API persistence FTP KeyLogger P2P AntiDebug AntiVM MSOffice File Code Injection RWX flags setting exploit crash unpack itself Windows utilities malicious URLs Tofsee Windows Exploit DNS crashed			2	4.8			guest