popup

Submissions

No Date Request Urls Hosts IDS Rule Score Zero VT Player Etc
41851 2021-09-06 12:14 Request for Quote 30-08-2021·p...  

612bb2a0321b426e684e268ed72e9776


UPX PE File PE32 VirusTotal Malware RWX flags setting unpack itself anti-virtualization Tofsee Advertising Google RCE 		1 2 1 3.4 33 ZeroCERT

41852 2021-09-06 12:02 bypass.txt.ps1  

9a5efb3abce6346200b089761fff1688

VirusTotal Malware crashed 		0.6 M 1 ZeroCERT

41853 2021-09-06 08:42 0902_6686864155.doc  

b4095bc22ff3f27dd088852a49338c08


Generic Malware VBA_macro MSOffice File GIF Format VirusTotal Malware Checks debugger buffers extracted Creates shortcut Creates executable files ICMP traffic RWX flags setting unpack itself Check virtual network interfaces suspicious TLD IP Check ComputerName 		4 8 1 10.0 17 ZeroCERT

41854 2021-09-06 08:39 0831_3314378773.doc  

ca29d350e363b21d507ba30cb65413ce


Generic Malware VBA_macro MSOffice File GIF Format VirusTotal Malware Checks debugger buffers extracted Creates shortcut Creates executable files RWX flags setting unpack itself Check virtual network interfaces suspicious TLD IP Check ComputerName 		4 8 1 9.2 12 ZeroCERT

41855 2021-09-06 08:39 7iyjgopen.exe  

b5d53c4dbacaa04350366e05b7222e7f


NPKI Generic Malware UPX Malicious Library Malicious Packer PE File PE64 VirusTotal Malware MachineGuid Check memory Checks debugger unpack itself ComputerName 		3.2 41 ZeroCERT

41856 2021-09-06 08:32 bypass.txt.ps1  

9a5efb3abce6346200b089761fff1688


Generic Malware Antivirus VirusTotal Malware Check memory unpack itself WriteConsoleW Windows Cryptographic key 		1.4 M 1 ZeroCERT

41857 2021-09-06 08:21 faster4upusa.exe  

9eff1fa203474d2c90d490415fd380c9


PE File PE64 crashed 		0.8 ZeroCERT

41858 2021-09-06 08:19 LunaSA.exe  

e835d35349d0dd69dc96a5f67b937caf


RAT Generic Malware PE File OS Processor Check .NET EXE PE32 Browser Info Stealer VirusTotal Malware MachineGuid Malicious Traffic Check memory Checks debugger WMI unpack itself Checks Bios Detects VirtualBox Check virtual network interfaces VMware anti-virtualization IP Check Tofsee Browser ComputerName Software crashed 		3 6 2 8.4 40 ZeroCERT

41859 2021-09-06 08:16 clip.exe  

0f41234ce843d72a64c622ed1a7a8cb0


Malicious Library PE File PE32 VirusTotal Malware AutoRuns unpack itself Windows utilities suspicious process WriteConsoleW Windows ComputerName 		3.8 16 ZeroCERT

41860 2021-09-06 08:16 ann.exe  

ab554a6a408e86cc9a0332dc9eecc186


Worm Phorpiex Malicious Library Malicious Packer PE File OS Processor Check PE32 VirusTotal Malware Check memory unpack itself sandbox evasion 		2.0 8 ZeroCERT

41861 2021-09-06 08:14 winner.jpg  

62599714704819263c9eb56fb5ee7963


Generic Malware PE File .NET DLL DLL PE32 VirusTotal Malware PDB 		1.2 11 ZeroCERT

41862 2021-09-05 16:53 redis-server.exe  

28fed6fd70691d410de60a57d590b549


Generic Malware UPX Malicious Library Malicious Packer PE File PE64 OS Processor Check VirusTotal Malware unpack itself ComputerName 		1.6 36 ZeroCERT

41863 2021-09-05 16:48 5674d7511aa1fce0a68969dc57375b...  

627b9922c12fa0d1158a61b52a807028


Generic Malware Malicious Library PE File OS Processor Check PE32 VirusTotal Malware PDB unpack itself RCE DNS 		1 2.4 M 14 ZeroCERT

41864 2021-09-05 16:47 httpd.exe  

0fa802e8a7eafd690f71460f97be0140


Emotet Gen2 Gen1 Generic Malware Malicious Library UPX Malicious Packer Downloader DNS Socket Create Service BitCoin Escalate priviledges KeyLogger Code injection AntiDebug AntiVM PE File OS Processor Check PE32 PE64 DLL VirusTotal Cryptocurrency Miner Malware Cryptocurrency AutoRuns PDB Code Injection Check memory Checks debugger buffers extracted Creates executable files unpack itself Windows utilities Auto service Check virtual network interfaces suspicious process malicious URLs AntiVM_Disk suspicious TLD WriteConsoleW VM Disk Size Check Windows ComputerName Firmware DNS 		3 6 2 10.6 M 33 ZeroCERT

41865 2021-09-05 16:46 Abnegating.exe  

7c81058bf4838d0d570044981a0c4de5


RAT PWS .NET framework Generic Malware SMTP AntiDebug AntiVM PE File .NET EXE PE32 Browser Info Stealer FTP Client Info Stealer VirusTotal Malware suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted unpack itself Collect installed applications Check virtual network interfaces installed browsers check Tofsee Ransomware Windows Browser ComputerName DNS Cryptographic key Software crashed 		1 3 1 14.2 M 38 ZeroCERT

keyword