Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Score	Zero	VT	Player
4036	2024-05-16 08:59	x103.log 5c3eb8c100cef5725d79a35664e58646 UPX PE File PE32 VirusTotal Malware Check memory buffers extracted unpack itself AntiVM_Disk sandbox evasion VM Disk Size Check Browser DNS		1	1	5.6	M	43	ZeroCERT

4037	2024-05-16 08:44	Kaxhwswfup.exe 133fda00a490e613f3a6c511c1c660eb Hide_EXE Malicious Library .NET framework(MSIL) Anti_VM PE File .NET EXE PE32 VirusTotal Malware Check memory Checks debugger unpack itself ComputerName				2.2	M	43	ZeroCERT

4038	2024-05-16 07:38	danko.exe 2708fe8f7c8cd46754f3d60ba1ee5244 EnigmaProtector Malicious Packer PE File PE32 ZIP Format Browser Info Stealer Malware download FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware Cryptocurrency wallets Cryptocurrency AutoRuns MachineGuid Check memory buffers extracted unpack itself Windows utilities Collect installed applications suspicious process AntiVM_Disk WriteConsoleW anti-virtualization IP Check VM Disk Size Check installed browsers check Tofsee Ransomware Windows Browser RisePro Email ComputerName DNS Software crashed	1 Keyword trend analysis	5	8 Info ET MALWARE RisePro TCP Heartbeat Packet ET MALWARE [ANY.RUN] RisePro TCP (Token) ET MALWARE [ANY.RUN] RisePro TCP (External IP) ET POLICY Possible External IP Lookup Domain Observed in SNI (ipinfo. io) SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) ET MALWARE [ANY.RUN] RisePro TCP (Exfiltration) ET MALWARE RisePro CnC Activity (Inbound) ET MALWARE [ANY.RUN] RisePro TCP (Activity)	12.4	M	40	ZeroCERT

4039	2024-05-16 07:38	taskmgr.exe 73309cc961f9645c1c2562ffcdc2dab1 Malicious Library Antivirus UPX PE File .NET EXE PE32 OS Processor Check VirusTotal Malware suspicious privilege MachineGuid Check memory Checks debugger unpack itself AntiVM_Disk VM Disk Size Check Windows ComputerName Cryptographic key				4.0	M	58	ZeroCERT

4040	2024-05-16 07:37	crypted.exe 8246f422d28415bbb58d8fa3e2891817 Generic Malware Malicious Library UPX PE File PE32 OS Processor Check VirusTotal Malware unpack itself crashed				2.0	M	36	ZeroCERT

4041	2024-05-16 07:36	Windows.exe b3390afd5206f8b49b32382041b80c2b Ave Maria WARZONE RAT Generic Malware Malicious Library Downloader Malicious Packer UPX Antivirus PE File PE32 OS Processor Check VirusTotal Malware AutoRuns suspicious privilege Code Injection Check memory Checks debugger Creates shortcut Creates executable files unpack itself suspicious process WriteConsoleW Windows ComputerName Remote Code Execution DNS Cryptographic key		1		9.8	M	66	ZeroCERT

4042	2024-05-16 07:34	crt.exe 7d26f511c2149b527c48face0a8a476d Emotet Gen1 Generic Malware Malicious Library UPX PE File PE32 MZP Format PE64 DLL OS Processor Check ftp DllRegisterServer dll Check memory Checks debugger Creates executable files unpack itself AppData folder Windows ComputerName crashed				3.2			ZeroCERT

4043	2024-05-16 07:34	univ.exe 86175aba72dcc18e8665fc8bb23a92af Generic Malware Malicious Library UPX PE File PE32 OS Processor Check VirusTotal Malware suspicious privilege Malicious Traffic WMI Windows utilities suspicious process AppData folder WriteConsoleW Windows ComputerName DNS	1 Keyword trend analysis	1	1	5.4		40	ZeroCERT

4044	2024-05-16 07:34	build.exe 46cc1157f7333d7473e18467dfdad3ff Gen1 Generic Malware Malicious Library UPX Antivirus Malicious Packer Anti_VM PE64 PE File DLL OS Processor Check ftp wget VirusTotal Malware Check memory Creates executable files unpack itself				3.0		32	ZeroCERT

4045	2024-05-16 07:34	kub54.exe f5db5ea5dc2a7675f2060a03dc46b49a Generic Malware Malicious Library PE File PE32 VirusTotal Malware				1.4	M	35	ZeroCERT

4046	2024-05-16 07:29	spoolsv.exe 986a048eb1d47acb95947bc2591d1e9d Malicious Library Malicious Packer .NET framework(MSIL) PE File .NET EXE PE32 VirusTotal Malware Check memory Checks debugger unpack itself				2.4		49	ZeroCERT

4047	2024-05-16 07:29	univ.exe d221456c3724a8ae84d820c0d0afcbd0 Generic Malware Malicious Library PE File PE32 VirusTotal Malware				1.6		26	ZeroCERT

4048	2024-05-16 07:27	888.exe 0e71dd615925094d6b40a76280bb2ea1 Malicious Library UPX PE File PE32 VirusTotal Malware Check memory Checks debugger unpack itself crashed				2.2		37	ZeroCERT

4049	2024-05-16 07:27	installer.exe 611a4246c5aabf1594344d7bd3fccb4c Malicious Library UPX PE File .NET EXE PE32 VirusTotal Malware Check memory Checks debugger unpack itself				2.0	M	42	ZeroCERT

4050	2024-05-16 07:25	pub11.exe 879254e27447aa757455bfe4811f6da3 Generic Malware Malicious Library PE File PE32 VirusTotal Malware				1.8	M	35	ZeroCERT