Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Rule	Score	Zero	VT	Player
41431	2021-09-17 11:08	diagram-118.doc 4cf2a06cb2d3e70ce6bf9cc716e0cbaf VBA_macro Generic Malware MSOffice File RWX flags setting unpack itself					1.6			guest

41432	2021-09-17 11:08	diagram-116.doc ed7013efeb9d004aba9b9a5daa757261 VBA_macro Generic Malware MSOffice File exploit crash unpack itself Exploit crashed					2.4			guest

41433	2021-09-17 11:05	diagram-114.doc 876b64688a3e91ca83a24cbe82bc77b5 VBA_macro Generic Malware MSOffice File RWX flags setting unpack itself					1.6			guest

41434	2021-09-17 10:59	HTM.exe ce5451bcdc0d951b27cb1f42d4f8a4f8 PWS .NET framework Generic Malware SMTP KeyLogger AntiDebug AntiVM PE File .NET EXE PE32 Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware suspicious privilege MachineGuid Code Injection Malicious Traffic Check memory Checks debugger buffers extracted unpack itself Windows utilities Check virtual network interfaces suspicious process AntiVM_Disk WriteConsoleW IP Check VM Disk Size Check Tofsee Windows Browser Email ComputerName DNS Cryptographic key DDNS Software crashed	2 Keyword trend analysis	4	4		14.6	M	29	ZeroCERT

41435	2021-09-17 10:57	Setup12.exe e0ef2cfe575206c8a60ddba16c3be2f5 Gen2 Emotet UPX Malicious Library ASPack PE File PE32 OS Processor Check PE64 Browser Info Stealer VirusTotal Malware suspicious privilege Malicious Traffic Check memory Checks debugger Creates shortcut Creates executable files unpack itself Check virtual network interfaces AntiVM_Disk IP Check VM Disk Size Check installed browsers check Tofsee Interception Browser ComputerName DNS crashed	5 Keyword trend analysis	7	2	1	9.6	M	51	ZeroCERT

41436	2021-09-17 10:54	Instruction.exe b86b5f5e6345e0b9184d34bde48772f2 RAT PWS .NET framework Generic Malware PE File OS Processor Check .NET EXE PE32 Browser Info Stealer FTP Client Info Stealer VirusTotal Malware suspicious privilege Malicious Traffic Check memory Checks debugger buffers extracted WMI unpack itself Collect installed applications Check virtual network interfaces installed browsers check Tofsee Windows Browser ComputerName DNS Cryptographic key Software crashed	1 Keyword trend analysis	3	1		8.8	M	35	ZeroCERT

41437	2021-09-17 10:54	2eeeewsf.exe 632ae2e6e4e1899f19b6b7ba36d3ee0e RAT PWS .NET framework Generic Malware PE File OS Processor Check .NET EXE PE32 VirusTotal Malware Check memory Checks debugger unpack itself Windows DNS Cryptographic key		1			3.6	M	36	ZeroCERT

41438	2021-09-17 10:54	newb.exe 31b923409d179c5e197785d13a17d9cb Generic Malware Themida Packer PE File .NET EXE PE32 Browser Info Stealer FTP Client Info Stealer VirusTotal Malware suspicious privilege Malicious Traffic Check memory Checks debugger buffers extracted unpack itself Checks Bios Collect installed applications Detects VMWare Check virtual network interfaces VMware anti-virtualization installed browsers check Tofsee Windows Browser ComputerName RCE Firmware DNS Cryptographic key Software crashed	2 Keyword trend analysis	3	2		10.8	M	31	ZeroCERT

41439	2021-09-17 10:54	3_Microsoft.Office.Infopath.Cl... 1e057c393a8684cd569ad803edb08980 Malicious Library PE File DLL PE32 VirusTotal Malware unpack itself Windows crashed					2.4	M	26	ZeroCERT

41440	2021-09-17 10:50	zW22iRETmqE.dll c678bbd306d11244564339371a8136ae RAT Generic Malware PE File .NET DLL DLL PE32 VirusTotal Malware PDB					1.0	M	10	ZeroCERT

41441	2021-09-17 10:50	luboe.exe e8fd991862a9c88bab9e967992e572ae RAT PWS .NET framework Generic Malware PE File OS Processor Check .NET EXE PE32 VirusTotal Malware Check memory Checks debugger unpack itself Windows DNS Cryptographic key		1			3.4	M	27	ZeroCERT

41442	2021-09-17 10:50	instal.exe 3a00ac1d224382941045b8673a3b66a0 Themida Packer Admin Tool (Sysinternals etc ...) Malicious Library PE File .NET EXE PE32 VirusTotal Malware Check memory Checks debugger unpack itself Checks Bios Detects VMWare VMware anti-virtualization Windows RCE Firmware DNS Cryptographic key crashed		1			8.8	M	31	ZeroCERT

41443	2021-09-17 10:07	sepcon.exe 8b932daa6b317c6baef47bf2a2646e38 UPX Malicious Library PE File PE32 VirusTotal Malware RWX flags setting unpack itself Tofsee RCE crashed	1 Keyword trend analysis	2	1		3.2	M	42	ZeroCERT

41444	2021-09-17 10:05	vbc.exe c1035f9cbed8afef93eae63e9a00bdb9 PWS .NET framework Generic Malware SMTP KeyLogger AntiDebug AntiVM PE File .NET EXE PE32 VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself Windows ComputerName crashed					8.8	M	21	ZeroCERT

41445	2021-09-17 10:03	SJFIIEESD-7.exe ea3e64c8d0945a81842d2a3a925949d7 RAT Generic Malware Antivirus PE File .NET EXE PE32 VirusTotal Malware powershell suspicious privilege Check memory Checks debugger Creates shortcut unpack itself powershell.exe wrote suspicious process AppData folder Windows ComputerName Cryptographic key crashed					6.8	M	48	ZeroCERT