Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Rule	Score	Zero	VT	Player
42151	2021-08-27 15:34	petrol.exe 700a021908885c05ef227a55452d9ffe PWS .NET framework Generic Malware Admin Tool (Sysinternals etc ...) SMTP KeyLogger AntiDebug AntiVM PE File .NET EXE PE32 suspicious privilege Code Injection Check memory Checks debugger buffers extracted Creates executable files unpack itself Windows utilities suspicious process AppData folder WriteConsoleW Windows ComputerName crashed					10.8	M		ZeroCERT

42152	2021-08-27 15:31	Client.exe 26597663fcdb8fc32e2076bd5834889a RAT PWS .NET framework Generic Malware Antivirus Malicious Packer Malicious Library PE File OS Processor Check .NET EXE PE32 Check memory Checks debugger unpack itself DNS		1			1.4	M		ZeroCERT

42153	2021-08-27 15:31	68.exe c67c410c4be756c6bf3b0995f4fbb283 Emotet RAT Gen1 Malicious Library UPX PE File PE32 PE64 DLL OS Processor Check Malware download VirusTotal Malware Check memory Checks debugger Creates executable files unpack itself AppData folder AntiVM_Disk VM Disk Size Check ComputerName crashed	1 Keyword trend analysis	2	1		4.4		7	ZeroCERT

42154	2021-08-27 15:29	Bitcrave.exe 415869c1ab4d22fdc26b5618672d793f RAT Generic Malware Antivirus DGA DNS Socket Create Service SMTP Sniff Audio Escalate priviledges KeyLogger Code injection Internet API ScreenShot Downloader AntiDebug AntiVM PE File .NET EXE PE32 VirusTotal Malware powershell AutoRuns suspicious privilege Code Injection Check memory Checks debugger buffers extracted Creates shortcut Creates executable files unpack itself Windows utilities suspicious process AppData folder malicious URLs sandbox evasion installed browsers check BitRAT Windows Browser ComputerName Cryptographic key crashed keylogger		2	1		17.2		14	ZeroCERT

42155	2021-08-27 15:29	AjSo.exe 8d0467b08d8e576fa8c5150285a83456 PWS .NET framework Generic Malware Admin Tool (Sysinternals etc ...) PE File .NET EXE PE32 VirusTotal Malware Check memory Checks debugger unpack itself					1.6	M	22	ZeroCERT

42156	2021-08-26 09:22	vbc.bin 24c4788a737cda143d0edac9c711994d Generic Malware UPX PE File PE32 VirusTotal Malware Check memory Checks debugger unpack itself Tofsee	1 Keyword trend analysis	2	2		2.4		24	r0d

42157	2021-08-26 09:19	loader1.exe 6cd0a4f10dabb456456d0b7336f13116 Generic Malware UPX PE File PE32 VirusTotal Malware Check memory Checks debugger unpack itself Tofsee	1 Keyword trend analysis	2	2		2.4	M	21	r0d

42158	2021-08-26 09:19	loader2.exe fbae05d8fbfbb56b2a96afabfcaab501 Generic Malware UPX PE File PE32 VirusTotal Malware Check memory Checks debugger unpack itself Tofsee	1 Keyword trend analysis	2	2		2.2	M	15	r0d

42159	2021-08-26 09:16	vbc.exe 7a2484277599f27801079f9bbda665c1 Dimnie PE File PE32 Browser Info Stealer LokiBot Malware download FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware c&c suspicious privilege MachineGuid Malicious Traffic Check memory unpack itself installed browsers check Browser Email ComputerName DNS Software crashed	1 Keyword trend analysis	1	5 Info ET MALWARE LokiBot User-Agent (Charon/Inferno) ET MALWARE LokiBot Application/Credential Data Exfiltration Detected M1 ET MALWARE LokiBot Application/Credential Data Exfiltration Detected M2 ET MALWARE LokiBot Request for C2 Commands Detected M1 ET MALWARE LokiBot Request for C2 Commands Detected M2	1	8.6	M	40	r0d

42160	2021-08-26 08:52	razi.exe b2a06b4fb1811354110a6ff29195744f Generic Malware Malicious Library PE File .NET EXE PE32 VirusTotal Malware					1.0	M	33	ZeroCERT

42161	2021-08-26 08:51	ebb.exe 92d6baf79e990130a1db2175731d4e46 PWS .NET framework Generic Malware AntiDebug AntiVM PE File .NET EXE PE32 Browser Info Stealer VirusTotal Malware Code Injection Malicious Traffic Check memory Checks debugger buffers extracted Creates executable files unpack itself Windows Browser ComputerName DNS Cryptographic key DDNS crashed	8 Keyword trend analysis	3	3		10.4	M	25	ZeroCERT

42162	2021-08-26 08:49	7501.ps1 5480fceef4e5290938cb0a23955358df Generic Malware Antivirus VirusTotal Malware powershell AutoRuns WMI Creates executable files unpack itself Windows ComputerName	1 Keyword trend analysis	2			4.4		3	ZeroCERT

42163	2021-08-26 08:49	chekwazx.exe 6d31f5d6aed669946107e845c8037d9f PWS .NET framework Generic Malware Admin Tool (Sysinternals etc ...) Antivirus SMTP KeyLogger AntiDebug AntiVM PE File .NET EXE PE32 Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware powershell suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted Creates shortcut unpack itself Windows utilities Disables Windows Security Checks Bios Detects VirtualBox powershell.exe wrote Check virtual network interfaces suspicious process WriteConsoleW VMware anti-virtualization IP Check Tofsee Windows Browser Email ComputerName DNS Cryptographic key DDNS Software crashed	2 Keyword trend analysis	6	4		21.0	M	43	ZeroCERT

42164	2021-08-26 08:47	loader1.exe 6cd0a4f10dabb456456d0b7336f13116 UPX PE File PE32 VirusTotal Malware Check memory Checks debugger unpack itself Tofsee	1 Keyword trend analysis	2	2		2.4	M	21	ZeroCERT

42165	2021-08-26 08:46	vbc.exe f34f70137d2f8238d8525b2e6561623f UPX PE File PE32 Check memory Checks debugger unpack itself Tofsee	1 Keyword trend analysis	2	2		1.6			ZeroCERT