Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Rule	Score	Zero	VT	Player
40606	2021-10-15 09:19	update.exe 9488b446052990dfb70a62e3efa57477 Generic Malware Antivirus Malicious Packer Malicious Library Create Service DGA Socket DNS Code injection Sniff Audio HTTP Internet API KeyLogger FTP ScreenShot Http API Escalate priviledges Downloader P2P Steal credential AntiDebug AntiVM PE File PE32 PE VirusTotal Cryptocurrency Miner Malware Cryptocurrency powershell suspicious privilege Code Injection Check memory Checks debugger buffers extracted Creates shortcut Creates executable files unpack itself powershell.exe wrote suspicious process WriteConsoleW Windows ComputerName Cryptographic key		2	1		8.4	M	33	ZeroCERT

40607	2021-10-15 09:17	112.exe 503015d7869b5edd64e07b0c733df2fc Lazarus Family Themida Packer UPX Anti_VM Malicious Library PE File PE32 .NET EXE VirusTotal Malware Check memory Checks debugger unpack itself Checks Bios Detects VMWare Check virtual network interfaces VMware anti-virtualization Windows RCE Firmware DNS Cryptographic key crashed	1 Keyword trend analysis	1			7.4	M	22	ZeroCERT

40608	2021-10-15 09:16	1562391525.exe 604b759172262363118ab37833ca63bb PE File PE32 VirusTotal Malware unpack itself Windows utilities WriteConsoleW Windows ComputerName					2.8		23	ZeroCERT

40609	2021-10-15 09:15	VLTKTanthuTN.exe 72ae1ef77048260282b4e791eede5e3c RAT PWS .NET framework Generic Malware Malicious Packer PE File PE32 .NET EXE VirusTotal Malware suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger unpack itself Check virtual network interfaces human activity check Windows crashed keylogger	3 Keyword trend analysis	14 Info time.nist.gov(132.163.96.2) kimyen.info(103.28.36.10) utcnist.colorado.edu(128.138.140.44) time.ien.it(193.204.114.105) ptbtime1.ptb.de(192.53.103.108) free.timeanddate.com(151.101.193.176) kimyen.net(103.255.237.239) - malware 128.138.140.44 103.28.36.10 146.75.49.176 128.138.141.172 103.255.237.239 - malware 192.53.103.108 193.204.114.105			9.0		15	ZeroCERT

40610	2021-10-15 09:14	game.exe 6aa2ecbc4dec00bba7febafced91e048 UPX Malicious Library PE File PE32 OS Processor Check PDB unpack itself					1.0			ZeroCERT

40611	2021-10-15 09:12	110.exe d8f411a8ac121a651e56becbbc6f9722 Themida Packer Admin Tool (Sysinternals etc ...) UPX Malicious Library PE File PE32 .NET EXE VirusTotal Malware AutoRuns suspicious privilege Check memory Checks debugger Creates executable files unpack itself Checks Bios Detects VMWare Check virtual network interfaces AntiVM_Disk VMware anti-virtualization VM Disk Size Check Windows ComputerName Firmware DNS crashed		1			9.8		30	ZeroCERT

40612	2021-10-15 09:12	see.exe 420dfd33b3fe55c741bbc5ddb09b3e38 PWS .NET framework Generic Malware PE File PE32 .NET EXE VirusTotal Malware PDB suspicious privilege Code Injection Check memory Checks debugger unpack itself					5.2		21	ZeroCERT

40613	2021-10-15 08:03	bad.ps1 b1fa83e12b8185c4e3ecb3b62795daa1 Generic Malware Antivirus Check memory unpack itself					0.6			guest

40614	2021-10-14 18:19	bloodteam.exe 2d82ec0905de054cd685e6a52e2d9442 Generic Malware Antivirus PE File PE32 VirusTotal Malware powershell suspicious privilege Malicious Traffic Check memory Checks debugger Creates shortcut unpack itself powershell.exe wrote Check virtual network interfaces suspicious process suspicious TLD WriteConsoleW Tofsee Windows ComputerName Cryptographic key Downloader	2 Keyword trend analysis	3	1	2	10.0	M	38	ZeroCERT

40615	2021-10-14 18:18	VanGoth.exe afff555062c4e6fb3a34e7c2be519fcd RAT Generic Malware PE File PE32 .NET EXE VirusTotal Malware Check memory Checks debugger unpack itself ComputerName					1.8		29	ZeroCERT

40616	2021-10-14 18:12	6666.exe f8d8071d3e0163eb4e816ec49d0b2e8e NPKI Malicious Library PE64 PE File VirusTotal Malware					1.6	M	31	r0d

40617	2021-10-14 18:10	monero-bandit.exe 342ef4f2941187bdc7f66d148be0ff75 Malicious Packer Malicious Library PE64 PE File VirusTotal Malware Code Injection buffers extracted					3.2	M	41	r0d

40618	2021-10-14 18:10	VanGoth.exe afff555062c4e6fb3a34e7c2be519fcd RAT Generic Malware PE File PE32 .NET EXE VirusTotal Malware Check memory Checks debugger unpack itself ComputerName					1.8		29	ZeroCERT

40619	2021-10-14 18:08	6666.exe f8d8071d3e0163eb4e816ec49d0b2e8e NPKI Malicious Library PE64 PE File VirusTotal Malware					1.6	M	31	r0d

40620	2021-10-14 18:07	t1.msi 2a4e5b1d5b49fc0dd4c867c2ab6aa854 Admin Tool (Sysinternals etc ...) MSOffice File VirusTotal Malware suspicious privilege Check memory Checks debugger unpack itself AntiVM_Disk VM Disk Size Check ComputerName					2.4		10	ZeroCERT