popup

Submissions

No Date Request Urls Hosts IDS Rule Score Zero VT Player Etc
3946 2024-05-18 20:17 crypted_4c800f49.exe  

04dc5bb453bfac86b98f055022f0e281


Generic Malware Malicious Library UPX PE File PE32 OS Processor Check VirusTotal Malware PDB unpack itself crashed 		2.4 M 51 ZeroCERT

3947 2024-05-18 20:15 EAP.exe  

76609684d4f0fdd1e46ddf8353c389bf


Process Kill Generic Malware Suspicious_Script_Bin Malicious Library FindFirstVolume CryptGenKey UPX PE File Device_File_Check PE32 OS Processor Check Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware suspicious privilege Check memory Checks debugger buffers extracted unpack itself Check virtual network interfaces IP Check Tofsee Windows Browser Email ComputerName DNS Cryptographic key Software crashed 		1 2 3 7.8 M 41 ZeroCERT

3948 2024-05-18 20:15 swizzz.exe  

ad63629d1cc7a27553c9a52795b93d6d


Generic Malware Malicious Library UPX PE File PE32 OS Processor Check VirusTotal Malware unpack itself crashed 		2.2 M 57 ZeroCERT

3949 2024-05-18 20:13 eee.exe  

db8d5c5808856045722588e5c2e589fb


Process Kill Generic Malware Suspicious_Script_Bin Malicious Library FindFirstVolume CryptGenKey UPX PE File Device_File_Check PE32 OS Processor Check Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware suspicious privilege Check memory Checks debugger buffers extracted unpack itself Check virtual network interfaces IP Check Tofsee Windows Browser Email ComputerName DNS Cryptographic key Software crashed 		1 2 3 7.8 M 41 ZeroCERT

3950 2024-05-18 20:12 WinSec.exe  

7986acff81fdbe475364a07ff01ad325


Ave Maria WARZONE RAT Generic Malware Malicious Library Downloader Malicious Packer UPX Antivirus PE File PE32 OS Processor Check VirusTotal Malware powershell AutoRuns suspicious privilege Code Injection Check memory Checks debugger Creates shortcut Creates executable files unpack itself powershell.exe wrote suspicious process WriteConsoleW human activity check Windows ComputerName Remote Code Execution DNS Cryptographic key 		1 10.8 M 66 ZeroCERT

3951 2024-05-18 20:11 tdrpload.exe  

9a24a00438a4d06d64fe4820061a1b45


Worm Phorpiex Generic Malware Malicious Library Downloader Admin Tool (Sysinternals etc ...) Malicious Packer UPX PE File PE32 PE64 Malware download VirusTotal Cryptocurrency Miner Malware Cryptocurrency Buffer PE AutoRuns Malicious Traffic Checks debugger buffers extracted Creates executable files ICMP traffic Disables Windows Security AppData folder Windows Update DNS 		10 42 9 5 13.6 M 55 ZeroCERT

3952 2024-05-18 20:11 lumma0805.exe  

e1ab31d73262bdee62de0be92463771b


Generic Malware Malicious Library UPX PE File PE32 OS Processor Check VirusTotal Malware unpack itself crashed 		2.2 M 56 ZeroCERT

3953 2024-05-18 20:10 swizzzz.exe  

05b11e7b711b4aaa512029ffcb529b5a


Generic Malware Malicious Library UPX PE File PE32 OS Processor Check VirusTotal Malware PDB unpack itself DNS crashed 		1 1 2.8 M 35 ZeroCERT

3954 2024-05-18 20:08 swizzzz.exe  

05b11e7b711b4aaa512029ffcb529b5a


Generic Malware Malicious Library UPX PE File PE32 OS Processor Check PDB unpack itself crashed 		1.2 ZeroCERT

3955 2024-05-18 20:06 getfile.php  

28c1720427cbbd5358a817b609301c7b


ZIP Format VirusTotal Malware 		0.6 19 ZeroCERT

3956 2024-05-18 20:06 49j8t349t83495vj945jfd.exe  

3aac4627c0904126c45ed250a7dee34e


Malicious Library Malicious Packer UPX PE File PE32 MZP Format VirusTotal Malware Check memory unpack itself crashed 		2.2 36 ZeroCERT

3957 2024-05-18 11:01 eyelidsfix.exe  

153f6ec6324b9c4bfc1843e437618953


Malicious Library Malicious Packer UPX PE64 PE File OS Processor Check PDB Check memory ComputerName 		0.8 guest

3958 2024-05-17 15:36 smss.exe  

8a9978dfed7583d2e18a8fdcd39a2191


AgentTesla Malicious Library .NET framework(MSIL) PWS SMTP KeyLogger AntiDebug AntiVM PE File .NET EXE PE32 VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself 		7.6 M 45 ZeroCERT

3959 2024-05-17 15:36 crypted333.exe  

e967f019b01357086d92181e6ee28e0b


Generic Malware Malicious Library UPX PE File PE32 OS Processor Check VirusTotal Malware unpack itself crashed 		2.2 M 54 ZeroCERT

3960 2024-05-17 15:34 findlawthose.exe  

0340a002bf0a8c4a243f4bbef0834236


NSIS Generic Malware Malicious Library UPX PE File PE32 OS Processor Check VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger WMI Creates executable files Windows utilities suspicious process AppData folder sandbox evasion WriteConsoleW Windows ComputerName 		6.2 M 39 ZeroCERT

keyword