Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Score	Zero	VT	Player
43576	2024-03-22 07:48	sadfbsdaf6.exe cb0abfec359d8dbf934857d9448c898a Malicious Library UPX PE File PE32 OS Processor Check VirusTotal Malware unpack itself				1.6	M	27	ZeroCERT

43577	2024-03-22 07:48	green.exe a67169c874028b84c830f38235fc7d3c .NET framework(MSIL) DNS AntiDebug AntiVM PE File .NET EXE PE32 VirusTotal Malware Buffer PE suspicious privilege Code Injection Check memory Checks debugger buffers extracted RWX flags setting unpack itself Windows ComputerName Cryptographic key crashed				11.4	M	53	ZeroCERT

43578	2024-03-22 07:49	cmon.exe 2bae8753475af921d7258f9b1e9fccd4 .NET framework(MSIL) PE File .NET EXE PE32 VirusTotal Malware Buffer PE AutoRuns suspicious privilege Check memory Checks debugger buffers extracted unpack itself Windows ComputerName Cryptographic key crashed				5.0	M	48	ZeroCERT

43579	2024-03-22 07:51	alex1234.exe 85a15f080b09acace350ab30460c8996 RedLine stealer Craxs RAT RedlineStealer .NET framework(MSIL) UPX ScreenShot PWS AntiDebug AntiVM PE File .NET EXE PE32 OS Processor Check Browser Info Stealer RedLine Malware download FTP Client Info Stealer VirusTotal Malware Microsoft PDB suspicious privilege Code Injection Check memory Checks debugger buffers extracted WMI Creates executable files unpack itself Collect installed applications AppData folder malicious URLs installed browsers check Stealer Windows Browser ComputerName DNS Cryptographic key Software crashed		2	5 Info ET INFO Microsoft net.tcp Connection Initialization Activity ET MALWARE Redline Stealer TCP CnC Activity ET MALWARE [ANY.RUN] RedLine Stealer/MetaStealer Family Related (MC-NMF Authorization) ET MALWARE Redline Stealer TCP CnC - Id1Response ET MALWARE Redline Stealer/MetaStealer Family Activity (Response)	15.6	M	51	ZeroCERT

43580	2024-03-23 03:59	Verse.exe aa3108cb85f6914024672c89d7edd8ce Themida Packer Downloader Malicious Packer PE64 PE File VirusTotal Malware				1.4		28	guest

43581	2024-03-23 13:54	googleupdate.exe 957f66473b4fb51b4221f9692d65d3c8 Malicious Library Malicious Packer UPX MSOffice File PE64 PE File CAB OS Processor Check VirusTotal Malware Remote Code Execution				1.6		8	guest

43582	2024-03-24 09:28	clip64.dll 358ddcec1819198ecad04ef86899feaa Amadey Malicious Library Admin Tool (Sysinternals etc ...) UPX PE File DLL PE32 OS Processor Check VirusTotal Malware PDB Checks debugger unpack itself				2.0	M	61	guest

43583	2024-03-24 13:53	blue2_A1.exe 3abe68c3c880232b833c674d9b1034ce Generic Malware Malicious Library Admin Tool (Sysinternals etc ...) Malicious Packer PE64 PE File VirusTotal Malware Check memory Checks debugger unpack itself Windows Cryptographic key				2.2	M	47	ZeroCERT

43584	2024-03-24 13:54	ISetup9.exe 7fc84a450c54f5430a27845f12596965 Malicious Library UPX PE File PE32 OS Processor Check VirusTotal Malware unpack itself Remote Code Execution				2.0	M	33	ZeroCERT

43585	2024-03-24 13:55	mysto.exe c8f2055d7a8c0f170fabf3fa9042b927 Gen1 Malicious Library UPX Malicious Packer AntiDebug AntiVM PE File PE32 OS Processor Check PE64 .NET EXE VirusTotal Malware Buffer PE PDB suspicious privilege MachineGuid Code Injection Check memory Checks debugger buffers extracted Creates executable files unpack itself Windows Remote Code Execution DNS Cryptographic key		1		12.2	M	49	ZeroCERT

43586	2024-03-24 13:55	flowercreatedentielovetounders... 5f612be9d83c8fef9cfc15252718179e MS_RTF_Obfuscation_Objects RTF File doc VirusTotal Malware buffers extracted exploit crash unpack itself Exploit DNS crashed		1		5.2	M	38	ZeroCERT

43587	2024-03-24 13:56	toolspub1.exe 60f468fb140a2497c65273bbaccb51f7 Malicious Library UPX PE File PE32 OS Processor Check VirusTotal Malware unpack itself Remote Code Execution				1.8	M	52	ZeroCERT

43588	2024-03-24 13:57	Build_hLGMRX.exe f172eca2f33e28e22b926a3bc32cd273 Malicious Library UPX PE File PE32 OS Processor Check FTP Client Info Stealer VirusTotal Malware sandbox evasion Software				2.2	M	59	ZeroCERT

43589	2024-03-24 13:58	syncUpd.exe 0d45ff7c2f891cd298f1e307f9a6243a Malicious Library UPX PE File PE32 OS Processor Check VirusTotal Malware unpack itself Remote Code Execution				1.6	M	35	ZeroCERT

43590	2024-03-24 13:59	yoffens_crypted_EASY.exe e3c0b0533534c6517afc94790d7b760c Malicious Library UPX PE File PE32 OS Processor Check RedLine Malware download VirusTotal Malware Microsoft Malicious Traffic Tofsee Stealer DNS	1 Keyword trend analysis	4	3	3.0	M	56	ZeroCERT