popup

Submissions

No Date Request Urls Hosts IDS Rule Score Zero VT Player Etc
42286 2021-08-23 16:54 PO623473258-50465043274032859-...  

59faa740c9efe54f967745118e4bc625


Generic Malware UPX Malicious Packer PE File PE32 VirusTotal Malware RWX flags setting unpack itself RCE 		2.2 26 r0d

42287 2021-08-23 16:39 PO623473258-50465043274032859-...  

59faa740c9efe54f967745118e4bc625


UPX PE File PE32 VirusTotal Malware RWX flags setting unpack itself RCE 		2.2 26 Kim.GS

42288 2021-08-23 16:28 SAMSUNG Golar gFLNG FEED Updat...  

ddd570573ab5711d161bcbde884f3028


Generic Malware AntiDebug AntiVM PE File .NET EXE PE32 FormBook Malware download VirusTotal Malware suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted unpack itself Windows utilities suspicious process WriteConsoleW Windows ComputerName Cryptographic key 		3 6 1 9.8 26 Kim.GS

42289 2021-08-23 16:07 45-8801B 예천양수발전 제작 및 납품 설치공사 견...  

94a20af025fdd40b139844c3c61a0580


AntiDebug AntiVM VirusTotal Email Client Info Stealer Malware suspicious privilege Checks debugger Creates shortcut unpack itself AntiVM_Disk VM Disk Size Check installed browsers check Browser Email ComputerName 		4.2 6 Kim.GS

42290 2021-08-23 15:55 微信图片_20181017153614.exe  

330d84024809897bd0e60a4b4a4fd1fc


Generic Malware PE File .NET EXE PE32 VirusTotal Malware suspicious privilege Check memory Checks debugger unpack itself 		2.4 21 ZeroCERT

42291 2021-08-23 13:30 faveSQTg6lvyAQO.exe  

fd496a2b10e16382abba374c4ce2fc4d


Plimrost EnigmaProtector PE File .NET EXE PE32 VirusTotal Malware AutoRuns suspicious privilege Checks debugger Creates executable files unpack itself Windows utilities suspicious process AntiVM_Disk WriteConsoleW VM Disk Size Check Windows ComputerName crashed 		6.4 M 39 r0d

42292 2021-08-23 12:50 AudioMD.exe  

04a571f97551cafab9847b1211c250b2


RAT Generic Malware Antivirus HTTP Internet API Http API Downloader AntiDebug AntiVM PE File .NET EXE PE32 VirusTotal Malware powershell suspicious privilege Code Injection Check memory Checks debugger buffers extracted Creates shortcut unpack itself Windows utilities powershell.exe wrote suspicious process sandbox evasion WriteConsoleW Tofsee Windows Browser ComputerName Cryptographic key 		2 4 2 12.6 30 ZeroCERT

42293 2021-08-23 12:43 steammaa.dll  

a1a454066b561968825cf19ca262b2fc


RAT Generic Malware Malicious Packer PE File .NET DLL DLL PE32 VirusTotal Malware PDB 		0.6 5 ZeroCERT

42294 2021-08-23 12:41 new.exe  

57f881c03e3b77a572bf422f2b255b4f


Lazarus Family Themida Packer Malicious Library PE File .NET EXE PE32 Browser Info Stealer VirusTotal Malware suspicious privilege Malicious Traffic Check memory Checks debugger buffers extracted unpack itself Checks Bios Collect installed applications Detects VMWare Check virtual network interfaces VMware anti-virtualization installed browsers check Tofsee Windows Browser ComputerName Firmware DNS Cryptographic key crashed 		2 3 2 9.8 27 ZeroCERT

42295 2021-08-23 12:39 me.exe  

b4b7ec0373ca6105c4450a1763365496


RAT BitCoin Generic Malware AntiDebug AntiVM PE File .NET EXE PE32 Browser Info Stealer VirusTotal Malware suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted unpack itself Collect installed applications Check virtual network interfaces installed browsers check Tofsee Windows Browser ComputerName DNS Cryptographic key crashed 		2 3 2 10.4 43 ZeroCERT

42296 2021-08-23 12:33 cx2.crt.html  

c44f8602e3cd5a5f1e720873713df67d


Antivirus AntiDebug AntiVM powershell suspicious privilege MachineGuid Code Injection Check memory Checks debugger Creates shortcut unpack itself Windows utilities powershell.exe wrote Check virtual network interfaces suspicious process Tofsee Windows ComputerName Cryptographic key 		1 2 3 7.4 ZeroCERT

42297 2021-08-23 12:32 vaccine appointment according ...  

f1680aa55c88220bcf83e24d89628cc9

VirusTotal Malware ComputerName 		0.6 4 ZeroCERT

42298 2021-08-23 12:28 Dran.exe  

224b8bb42508de25bd73489dc6e8ac32


RAT PWS .NET framework Generic Malware PSW Bot LokiBot ZeusBot Admin Tool (Sysinternals etc ...) AntiDebug AntiVM PE File .NET EXE PE32 suspicious privilege Code Injection Check memory Checks debugger buffers extracted Creates executable files unpack itself AppData folder malicious URLs AntiVM_Disk VM Disk Size Check Windows ComputerName Cryptographic key 		10.4 M ZeroCERT

42299 2021-08-23 12:27 GodK6jam0J2bDZkC.exe  

80be083d6e199ea9ac0391d791379440


Gen1 Malicious Library Malicious Packer PE File OS Processor Check PE32 DLL JPEG Format Browser Info Stealer Malware download FTP Client Info Stealer Vidar Arkei VirusTotal Email Client Info Stealer Malware Cryptocurrency wallets Cryptocurrency suspicious privilege MachineGuid Malicious Traffic Check memory WMI Creates executable files unpack itself Windows utilities Collect installed applications suspicious process AppData folder sandbox evasion WriteConsoleW anti-virtualization installed browsers check Tofsee ArkeiStealer OskiStealer Stealer Windows Browser Email ComputerName DNS Software Password 		9 3 6 12.8 M 44 ZeroCERT

42300 2021-08-23 12:23 1664879191.exe  

96d3ef5ec108f2534df06d39ab70aac1


Malicious Library PE File OS Processor Check PE32 VirusTotal Malware PDB unpack itself RCE 		2.4 M 49 ZeroCERT

keyword