popup

Submissions

No Date Request Urls Hosts IDS Rule Score Zero VT Player Etc
43636 2024-03-27 07:39 nesdij.exe  

4f2752fcd683bfff201108b2091510ce


Suspicious_Script_Bin Malicious Library UPX PE File PE32 OS Processor Check Browser Info Stealer VirusTotal Email Client Info Stealer Malware suspicious privilege Check memory Checks debugger unpack itself Browser Email ComputerName crashed 		4.6 M 37 ZeroCERT

43637 2024-03-27 07:40 Vbnhtlkdfw.exe  

ffe58002561c927433fb391a123c9f23


PE File .NET EXE PE32 VirusTotal Malware Malicious Traffic Check memory Checks debugger unpack itself Check virtual network interfaces Tofsee Discord DNS 		1 2 3 3.0 M 30 ZeroCERT

43638 2024-03-27 07:41 Mtkfarukc.exe  

3e2f66f617318069be60fe1c16ecdfd6


.NET framework(MSIL) PE File .NET EXE PE32 VirusTotal Malware Check memory Checks debugger unpack itself Check virtual network interfaces Tofsee Discord DNS 		2 3 2.4 M 52 ZeroCERT

43639 2024-03-27 07:41 martinvnc.exe  

41b5953e5d8016a817f4f793f7eb708c


Generic Malware Downloader Malicious Library Malicious Packer UPX Create Service Socket DGA Http API ScreenShot Escalate priviledges Steal credential PWS Sniff Audio HTTP DNS Code injection Internet API FTP KeyLogger P2P AntiDebug AntiVM PE File PE32 OS P VirusTotal Malware Code Injection Check memory buffers extracted suspicious process ComputerName DNS Software 		1 7.8 M 64 ZeroCERT

43640 2024-03-27 07:43 Cvdnacb.exe  

50e198816a25e6ceeaf4174413b7d1b3


.NET framework(MSIL) PE File .NET EXE PE32 VirusTotal Malware Check memory Checks debugger unpack itself Check virtual network interfaces Tofsee Discord DNS 		2 3 2.8 M 54 ZeroCERT

43641 2024-03-27 07:45 afile.exe  

48ec43bc47556095321ebc57a883efcd


RedLine stealer Craxs RAT RedlineStealer .NET framework(MSIL) UPX ScreenShot PWS AntiDebug AntiVM PE File .NET EXE PE32 OS Processor Check Browser Info Stealer RedLine Malware download FTP Client Info Stealer VirusTotal Malware Microsoft PDB suspicious privilege Code Injection Check memory Checks debugger buffers extracted Creates executable files unpack itself Collect installed applications AppData folder malicious URLs installed browsers check Stealer Windows Browser ComputerName DNS Cryptographic key Software crashed 		1 5 12.8 M 56 ZeroCERT

43642 2024-03-27 07:46 dggfsff.exe  

2649ef15cf6004b05c80abd825cd594e


Generic Malware Malicious Library Antivirus UPX PE File .NET EXE PE32 OS Processor Check Lnk Format GIF Format VirusTotal Malware powershell Telegram AutoRuns suspicious privilege MachineGuid Check memory Checks debugger Creates shortcut Creates executable files unpack itself powershell.exe wrote Check virtual network interfaces suspicious process AntiVM_Disk VM Disk Size Check Tofsee Windows ComputerName DNS Cryptographic key keylogger 		2 4 8.4 M 56 ZeroCERT

43643 2024-03-27 07:50 ps.exe  

1edba8a76c4a327f6e0b81e85c14ede6


Malicious Library Malicious Packer UPX PE File PE32 Browser Info Stealer VirusTotal Malware Check memory unpack itself AntiVM_Disk sandbox evasion VM Disk Size Check Browser Remote Code Execution 		3.2 M 52 ZeroCERT

43644 2024-03-27 07:52 sleep.exe  

142b6a00a17c3f7853f4cfeebfe72c13


Admin Tool (Sysinternals etc ...) UPX PE File PE32 VirusTotal Malware AutoRuns Check memory Creates executable files RWX flags setting unpack itself AppData folder Windows Remote Code Execution crashed 		4.0 M 57 ZeroCERT

43645 2024-03-27 07:55 amadycry.exe  

90c738cebe2f8dda5d53e777ad286a43


Socket Http API HTTP DNS Code injection Internet API AntiDebug AntiVM PE File .NET EXE PE32 Malware download Amadey VirusTotal Malware Buffer PE AutoRuns suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted Creates shortcut Creates executable files unpack itself suspicious process AppData folder WriteConsoleW Windows ComputerName DNS Cryptographic key crashed 		4 3 9 1 15.4 M 53 ZeroCERT

43646 2024-03-27 20:26 slimjet.exe  

25385ea310e4e410a67d3b93857e3b22


Malicious Library Malicious Packer UPX PE File PE32 OS Processor Check PDB Remote Code Execution 		0.6 guest

43647 2024-03-27 22:22 slimjet.exe  

25385ea310e4e410a67d3b93857e3b22


Malicious Library Malicious Packer UPX PE File PE32 OS Processor Check PDB Remote Code Execution 		0.6 guest

43648 2024-03-28 01:24 Setup1.exe  

b5376e50d2c47b7b6bab9ba1d42e4436


Themida Packer Generic Malware PE64 PE File VirusTotal Malware unpack itself Windows crashed 		3.0 50 guest

43649 2024-03-28 04:17 Setup1.exe  

b5376e50d2c47b7b6bab9ba1d42e4436


Themida Packer Generic Malware PE64 PE File VirusTotal Malware unpack itself Windows crashed 		3.0 50 guest

43650 2024-03-28 07:50 redlinepanel.exe  

832eb4dc3ed8ceb9a1735bd0c7acaf1b


RedLine stealer RedlineStealer .NET framework(MSIL) UPX AntiDebug AntiVM PE File .NET EXE PE32 OS Processor Check MSOffice File Browser Info Stealer RedLine Malware download FTP Client Info Stealer VirusTotal Malware Microsoft suspicious privilege Code Injection Check memory Checks debugger buffers extracted RWX flags setting unpack itself Windows utilities Collect installed applications installed browsers check Tofsee Stealer Windows Browser ComputerName DNS Cryptographic key Software crashed 		2 3 9 9.4 55 ZeroCERT

keyword