Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Score	Zero	VT	Player
42256	2021-08-24 09:19	sy.exe 3ca87d704392649bdfd2e0e50c2cca35 PE File PE32 VirusTotal Malware unpack itself				1.6	M	23	ZeroCERT

42257	2021-08-24 09:18	deck.exe 0afb31c3e6018c85df11d2a25a581079 RAT Generic Malware Admin Tool (Sysinternals etc ...) PE File .NET EXE PE32 VirusTotal Malware Check memory Checks debugger unpack itself Windows ComputerName Cryptographic key				3.0	M	47	ZeroCERT

42258	2021-08-24 09:17	yg.exe 577b5fbdcf47f70f4d17d87cc8a20550 RAT Generic Malware Admin Tool (Sysinternals etc ...) PE File .NET EXE PE32 VirusTotal Malware Check memory Checks debugger unpack itself Windows ComputerName Cryptographic key				2.8	M	34	ZeroCERT

42259	2021-08-24 09:10	Pluton.exe 89af8d786625c48a71ce9cb93a8d367f Malicious Library PE File OS Processor Check PE32 VirusTotal Malware PDB unpack itself				1.8	M	25	ZeroCERT

42260	2021-08-24 09:10	23.exe bd07a2728f0a5c4a971125e51830b459 Gen2 RAT Generic Malware UPX Malicious Library Malicious Packer PE File OS Processor Check .NET EXE PE32 VirusTotal Malware suspicious privilege Check memory Checks debugger unpack itself Check virtual network interfaces Windows DNS Cryptographic key		1		4.8	M	26	ZeroCERT

42261	2021-08-24 09:08	220821new.exe 008608dca212d3f45e4c7fda3cacb663 RAT Generic Malware Themida Packer PE File OS Processor Check .NET EXE PE32 Browser Info Stealer FTP Client Info Stealer VirusTotal Malware suspicious privilege Malicious Traffic Check memory Checks debugger buffers extracted unpack itself Checks Bios Collect installed applications Detects VMWare Check virtual network interfaces VMware anti-virtualization installed browsers check Tofsee Windows Browser ComputerName Firmware DNS Cryptographic key Software crashed	1 Keyword trend analysis	3	1	10.6	M	25	ZeroCERT

42262	2021-08-24 09:08	clip.exe 92bfafc1e9023665745fee7ef443712e Generic Malware Admin Tool (Sysinternals etc ...) AntiDebug AntiVM PE File .NET EXE PE32 VirusTotal Malware Code Injection Check memory Checks debugger buffers extracted unpack itself Windows Cryptographic key				7.0	M	46	ZeroCERT

42263	2021-08-24 09:06	pen.exe 70ed4eb21284e9359cf11d375724f299 PWS .NET framework Generic Malware Admin Tool (Sysinternals etc ...) DNS AntiDebug AntiVM PE File OS Processor Check .NET EXE PE32 VirusTotal Malware Buffer PE suspicious privilege MachineGuid Code Injection Check memory Checks debugger buffers extracted unpack itself Windows utilities suspicious process WriteConsoleW human activity check Windows ComputerName DNS Cryptographic key DDNS crashed		2	1	14.2	M	29	ZeroCERT

42264	2021-08-24 09:05	Neptun.exe d110032f570a2c3945fb844948fc1184 UPX Malicious Library PE File OS Processor Check PE32 VirusTotal Malware PDB unpack itself				2.0	M	34	ZeroCERT

42265	2021-08-24 09:03	ab.exe 3f5998401e2da3c62b4ef0114b8a27a4 PE File PE32 VirusTotal Malware unpack itself				1.8	M	31	ZeroCERT

42266	2021-08-24 09:03	Ahiles.exe 823f3cbc0b6ad5ee6f23d1da1a49cdc4 Malicious Library PE File OS Processor Check PE32 VirusTotal Malware PDB unpack itself DNS		1		2.6	M	30	ZeroCERT

42267	2021-08-24 09:02	solex.exe 60a55d0c6cba71cd1215b63ee7a1cc82 UPX PE File PE32 VirusTotal Malware Check memory RWX flags setting unpack itself anti-virtualization RCE DNS DDNS crashed	1 Keyword trend analysis	4	1	5.2	M	23	ZeroCERT

42268	2021-08-24 09:02	warzx.exe 00db430a07a7ebfe2dda4d10bffbde37 NPKI email stealer Generic Malware Malicious Library Malicious Packer DNS Socket Escalate priviledges KeyLogger Code injection Downloader persistence AntiDebug AntiVM PE File .NET EXE PE32 PE64 OS Processor Check DLL Browser Info Stealer VirusTotal Email Client Info Stealer Malware AutoRuns suspicious privilege MachineGuid Code Injection Check memory Checks debugger buffers extracted WMI Creates executable files unpack itself AntiVM_Disk VM Disk Size Check installed browsers check Windows Browser Email ComputerName DNS Cryptographic key crashed		2	1	12.2	M	39	ZeroCERT

42269	2021-08-24 09:01	sufile.exe ff3152ecd477958a1a8dc359a648c651 Malicious Library PE File PE32 VirusTotal Malware PDB unpack itself RCE				2.0	M	26	ZeroCERT

42270	2021-08-24 09:00	soul3ss.exe e16f915796d4762014fc3864d4444ac3 RAT PWS .NET framework Generic Malware Malicious Library DGA DNS Socket Create Service Sniff Audio Escalate priviledges KeyLogger Code injection HTTP Internet API FTP ScreenShot Http API Steal credential Downloader P2P AntiDebug AntiVM PE File PE64 OS Pro Browser Info Stealer FTP Client Info Stealer VirusTotal Malware suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted WMI Creates executable files unpack itself Windows utilities Collect installed applications Check virtual network interfaces AppData folder WriteConsoleW installed browsers check Tofsee Windows Browser ComputerName DNS Cryptographic key Software crashed	3 Keyword trend analysis	7	1	13.4	M	23	ZeroCERT