popup

Submissions

No Date Request Urls Hosts IDS Rule Score Zero VT Player Etc
40516 2021-10-18 09:44 Update-KB4524143.ps1  

ef3cff5072eb2e63a67c32f6ff699afb


Generic Malware Antivirus VirusTotal Malware Check memory Checks debugger unpack itself ComputerName crashed 		2.4 M 15 ZeroCERT

40517 2021-10-18 09:42 1324516478.exe  

fd7d8966e180f5100abeebc7e7d13257


RAT Generic Malware AntiDebug AntiVM PE File PE32 .NET EXE Browser Info Stealer FTP Client Info Stealer VirusTotal Malware suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted ICMP traffic unpack itself Collect installed applications Check virtual network interfaces suspicious TLD installed browsers check Windows Browser ComputerName DNS Cryptographic key Software crashed 		1 3 13.0 M 44 ZeroCERT

40518 2021-10-18 09:40 lv.exe  

3eceac4a10a0ab1d4d87b8801eeb29c1


Themida Packer PE64 PE File VirusTotal Malware Windows crashed 		2.2 M 29 ZeroCERT

40519 2021-10-18 09:38 1527052794.exe  

e7d3f7d73daf1510524df4500970d48e


RAT Generic Malware task schedule AntiDebug AntiVM PE File PE32 .NET EXE VirusTotal Malware AutoRuns Code Injection Check memory Checks debugger buffers extracted unpack itself Windows utilities suspicious process WriteConsoleW Windows ComputerName Cryptographic key 		9.8 48 ZeroCERT

40520 2021-10-18 09:36 customer50.exe  

5fc5f085acfa0071db7d7ecaca696650


ASPack Malicious Library UPX PE64 PE File OS Processor Check Browser Info Stealer VirusTotal Malware PDB Malicious Traffic Check memory Check virtual network interfaces IP Check Browser RCE 		3 4 1 2 4.2 M 39 ZeroCERT

40521 2021-10-18 09:36 2103609787.exe  

4058a27cf325710ab5a9020fe95e57f7


Admin Tool (Sysinternals etc ...) PE File PE32 VirusTotal Malware Check memory Checks debugger unpack itself crashed 		2.6 45 ZeroCERT

40522 2021-10-18 09:34 search_hyperfs_212.exe  

816fb2a92609e69e339ee9677647b7f8


Malicious Library UPX Create Service DGA Socket Steal credential DNS Internet API Code injection Sniff Audio HTTP KeyLogger FTP Escalate priviledges Downloader ScreenShot Http API P2P AntiDebug AntiVM PE File OS Processor Check PE32 DLL VirusTotal Malware PDB suspicious privilege Code Injection Check memory WMI unpack itself Windows utilities suspicious process AppData folder AntiVM_Disk WriteConsoleW VM Disk Size Check Windows ComputerName RCE 		6.8 35 ZeroCERT

40523 2021-10-18 09:34 491302577.exe  

e7302252512b968f8b082e3a22ecca23


RAT Generic Malware AntiDebug AntiVM PE File PE32 .NET EXE Browser Info Stealer FTP Client Info Stealer VirusTotal Malware suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted ICMP traffic unpack itself Collect installed applications Check virtual network interfaces suspicious TLD installed browsers check Tofsee Windows Browser ComputerName DNS Cryptographic key Software crashed 		2 5 1 13.0 43 ZeroCERT

40524 2021-10-18 09:32 DownFlSetup155.exe  

7d09810664be0b0d9dab03e6652cfb26


RAT PWS .NET framework Generic Malware PE File PE32 .NET EXE Browser Info Stealer VirusTotal Malware suspicious privilege MachineGuid Malicious Traffic Check memory Checks debugger buffers extracted Creates executable files unpack itself Collect installed applications Check virtual network interfaces AppData folder installed browsers check Tofsee Windows Browser ComputerName DNS Cryptographic key crashed 		10 7 2 7 9.4 M 46 ZeroCERT

40525 2021-10-18 09:32 customer6.exe  

807f55cee679ba76724aee80756a0c4f


ASPack Malicious Library UPX PE64 PE File OS Processor Check Browser Info Stealer VirusTotal Malware PDB Malicious Traffic Check memory Check virtual network interfaces IP Check Browser RCE 		3 4 1 2 4.4 M 47 ZeroCERT

40526 2021-10-18 09:31 DownFlSetup166.exe  

9f34928ecd64f71c6f2a7cdd85740586


RAT PWS .NET framework Generic Malware Themida Packer Admin Tool (Sysinternals etc ...) Anti_VM Malicious Library UPX PE File PE32 .NET EXE Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware suspicious privilege MachineGuid Malicious Traffic Check memory Checks debugger buffers extracted WMI Creates executable files unpack itself Checks Bios Collect installed applications Detects VMWare Check virtual network interfaces AppData folder VMware anti-virtualization installed browsers check Tofsee Windows Browser Email ComputerName Firmware DNS Cryptographic key Software crashed 		9 16 2 5 17.2 M 21 ZeroCERT

40527 2021-10-18 09:30 Dv31BrowInst.exe  

592bff278b2bf2551ca505447229c399


RAT PWS .NET framework Generic Malware PE File PE32 .NET EXE VirusTotal Malware AutoRuns suspicious privilege MachineGuid Malicious Traffic Check memory Checks debugger buffers extracted Creates executable files unpack itself Check virtual network interfaces AppData folder suspicious TLD Tofsee Windows DNS 		9 5 2 7 8.2 M 41 ZeroCERT

40528 2021-10-16 13:40 Tax Payment Challan.exe  

9c3259f246b2cd7518816219582660e6


Antivirus Admin Tool (Sysinternals etc ...) UPX PE File PE32 PNG Format JPEG Format VirusTotal Malware Check memory RWX flags setting unpack itself suspicious process WriteConsoleW Interception ComputerName RCE crashed 		4.2 32 ZeroCERT

40529 2021-10-16 13:40 DOCS-20211510-VP-KMC022021.scr  

bc87c171c5e5c075ebcb336ca4518452


Generic Malware UPX Antivirus DNS AntiDebug AntiVM PE File PE32 .NET EXE VirusTotal Malware powershell Buffer PE AutoRuns suspicious privilege MachineGuid Code Injection Check memory Checks debugger buffers extracted Creates shortcut unpack itself Windows utilities powershell.exe wrote suspicious process WriteConsoleW human activity check Windows ComputerName DNS Cryptographic key 		1 17.4 21 ZeroCERT

40530 2021-10-16 13:37 zoo.exe  

2c2811633faebf78e7bdefb5e8867faf


PWS .NET framework Generic Malware AntiDebug AntiVM PE File PE32 .NET EXE FormBook Malware download VirusTotal Malware PDB suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted unpack itself 		11 24 2 10 8.0 M 16 ZeroCERT

keyword