Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Score	VT	Player
38551	2021-11-19 10:55	vbc.exe 8788403c75f9e4ba7b98dd2137c2432c PWS Loki[b] Loki.m .NET framework Generic Malware UPX Socket DNS AntiDebug AntiVM PE File PE32 .NET EXE Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware suspicious privilege MachineGuid Code Injection Check memory Checks debugger buffers extracted unpack itself malicious URLs AntiVM_Disk VM Disk Size Check installed browsers check Browser Email ComputerName DNS Software		1		14.2	31	ZeroCERT

38552	2021-11-19 10:53	ck.exe 5ae44030c55c06a01bf8b26f7da83812 Generic Malware PE64 PE File VirusTotal Malware MachineGuid Check memory Checks debugger unpack itself				2.4	17	ZeroCERT

38553	2021-11-19 10:53	c.exe 11422b8118db41e8b742912354cba427 UPX PE File PE32 .NET EXE VirusTotal Malware Checks debugger RWX flags setting unpack itself Detects VMWare sandbox evasion VMware anti-virtualization Windows Firmware crashed				6.8	24	ZeroCERT

38554	2021-11-19 09:45	file1.cms 4e28e9e6d6444d1ac41dd7ef7da32196 PE64 PE File DLL IcedID Malware download VirusTotal Malware MachineGuid Malicious Traffic Check memory Checks debugger buffers extracted unpack itself Tofsee	2 Keyword trend analysis	4	2	3.4	7	ZeroCERT

38555	2021-11-19 08:01	bird.png 31123eebb209289d005e3e07b272cd7f UPX PE File OS Processor Check PE32 RCE				0.8		ZeroCERT

38556	2021-11-19 07:38	bird.png e94a7d335b6c55a000bd6f4fa16e31e9 UPX PE File OS Processor Check PE32 RCE				0.8		ZeroCERT

38557	2021-11-19 07:38	bird.png 31123eebb209289d005e3e07b272cd7f UPX PE File OS Processor Check PE32 RCE				0.8		ZeroCERT

38558	2021-11-19 03:27	4d98cebff1b5d6be_{d6a26b00-482... 05f5c9b74ca844b5ca0c6a12779cb134 AntiDebug AntiVM MSOffice File Email Client Info Stealer suspicious privilege Checks debugger Creates shortcut unpack itself installed browsers check Browser Email ComputerName				3.4		C0d3_22

38559	2021-11-19 03:17	d4079341c2fb7e07_recoverystore... 3f0712810d85140ff5cdbc9c3a10ed0e AntiDebug AntiVM MSOffice File Email Client Info Stealer suspicious privilege Checks debugger Creates shortcut unpack itself installed browsers check Browser Email ComputerName				3.4		C0d3_22

38560	2021-11-19 03:09	cdc64ecdc44c8c19_{d2af698a-482... f8304bc408093367ee74b0d9ce554540 AntiDebug AntiVM MSOffice File Email Client Info Stealer suspicious privilege Checks debugger Creates shortcut unpack itself installed browsers check Browser Email ComputerName				3.4		C0d3_22

38561	2021-11-19 03:01	77294cb3d09d9742_SandboxieInst... 2219aef85b43c674813d641d7f0897df Gen2 Emotet Generic Malware Malicious Library UPX Malicious Packer Antivirus PE File OS Processor Check PE32 GIF Format DLL PE64 PDB suspicious privilege MachineGuid Check memory Creates shortcut Creates executable files unpack itself AppData folder AntiVM_Disk VM Disk Size Check Tofsee ComputerName		2	3	5.4		guest

38562	2021-11-19 02:18	http://down.dd799aa.com/upload... 72f844be2a8de883393bdcbbdd89ec45 Create Service DGA Socket Steal credential DNS Internet API Hijack Network Code injection Sniff Audio HTTP KeyLogger FTP Escalate priviledges Downloader ScreenShot Http API P2P persistence AntiDebug AntiVM MSOffice File VirusTotal Malware Code Injection RWX flags setting exploit crash unpack itself Windows utilities malicious URLs Tofsee Windows Exploit DNS crashed	1 Keyword trend analysis	2	3	4.8	26	C0d3_22

38563	2021-11-19 02:14	http://down.dd788.aa.com/uploa... Create Service DGA Socket Steal credential DNS Internet API Hijack Network Code injection Sniff Audio HTTP KeyLogger FTP Escalate priviledges Downloader ScreenShot Http API P2P persistence AntiDebug AntiVM PNG Format MSOffice File JPEG Format Code Injection RWX flags setting exploit crash unpack itself Windows utilities malicious URLs Tofsee Windows Exploit DNS crashed		1	2	4.2		C0d3_22

38564	2021-11-19 02:07	opera.exe 3c98acf1760cf6c13d4b82e4dc133252 Gen2 Generic Malware UPX Malicious Library Malicious Packer Admin Tool (Sysinternals etc ...) PE File PE32 OS Processor Check DLL Browser Info Stealer VirusTotal Malware Malicious Traffic Check memory Checks debugger buffers extracted Creates executable files unpack itself AppData folder AntiVM_Disk VM Disk Size Check Tofsee Browser RCE	5 Keyword trend analysis Info https://download.opera.com/download/get/?id=55532&autoupdate=1&ni=1&stream=stable&utm_campaign=search_relatedapp_via_opera_com_https&utm_lastpage=opera.com/partner&utm_medium=pb&utm_site=opera_com&utm_source=softonic_via_opera_com&utm_tryagain=yes&niuid=0aab6fe4-e22e-44e0-82f5-3816589ecd7c https://get.geo.opera.com/pub/opera/desktop/81.0.4196.54/win/Opera_81.0.4196.54_Autoupdate_x64.exe https://autoupdate.geo.opera.com/geolocation/ https://desktop-netinstaller-sub.osp.opera.software/v1/binary https://autoupdate.geo.opera.com/v2/netinstaller/Stable/windows/x64	8	1	6.2	2	C0d3_22

38565	2021-11-19 01:52	Sysmon64.exe 511d34ceb256dbe2b1edce2e5f76f70d Gen2 Generic Malware Malicious Packer Antivirus Admin Tool (Sysinternals etc ...) Malicious Library UPX PE64 PE File OS Processor Check PDB MachineGuid RCE				0.6		C0d3_22