Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Score	Zero	VT	Player
43651	2024-03-28 07:51	game_1.exe a9ccc460407d9f29da334921bc5c1bf9 Gen1 Generic Malware Malicious Library UPX .NET framework(MSIL) Malicious Packer Anti_VM PE File PE32 ftp DLL .NET DLL PNG Format JPEG Format .NET EXE OS Processor Check OS Memory Check OS Name Check VirusTotal Malware Check memory Creates executable files AppData folder Windows	1 Keyword trend analysis	2	2	2.4	M	4	ZeroCERT

43652	2024-03-28 07:51	Qmpjm.exe 7bbc4afa6e27835feccb28fd07eaa31f PE64 PE File VirusTotal Malware suspicious privilege MachineGuid Check memory Checks debugger unpack itself Windows ComputerName Cryptographic key				3.4		51	ZeroCERT

43653	2024-03-28 07:54	6nSkW0jqkE1okon.exe 5d76a9e3a1948a1307330e52cfefd7bb AgentTesla UPX PWS SMTP KeyLogger AntiDebug AntiVM PE64 PE File OS Processor Check Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware Buffer PE PDB suspicious privilege MachineGuid Code Injection Check memory Checks debugger buffers extracted unpack itself Windows utilities Check virtual network interfaces IP Check Tofsee Windows Browser Email ComputerName DNS Cryptographic key Software crashed keylogger	1 Keyword trend analysis	2	3	13.0	M	33	ZeroCERT

43654	2024-03-28 07:55	file.exe 90489ae7eda45c9ab0904ec54c1caa71 XWorm WebCam Malicious Library UPX AntiDebug AntiVM PE File PE32 OS Processor Check DLL .NET EXE Browser Info Stealer VirusTotal Malware PDB suspicious privilege Code Injection Check memory Checks debugger buffers extracted Creates executable files unpack itself AppData folder AntiVM_Disk VM Disk Size Check Windows Browser ComputerName Remote Code Execution DNS Cryptographic key crashed	3 Keyword trend analysis	4		15.6	M	50	ZeroCERT

43655	2024-03-28 07:56	http://www.example.com 7077ab5685f753d94192aca8e3158fb5 Malicious Library Malicious Packer UPX PE File PE32 OS Processor Check PNG Format VirusTotal Malware Malicious Traffic Check memory unpack itself suspicious process ComputerName Remote Code Execution	1 Keyword trend analysis	2		6.0	M	43	ZeroCERT

43656	2024-03-29 07:45	timeSync.exe 8240488d2fcb690ee31e00fef612eb3a Malicious Library Malicious Packer UPX PE File PE32 OS Processor Check VirusTotal Malware unpack itself				1.4	M	30	ZeroCERT

43657	2024-03-29 07:46	getimage15.php 9ffa99ae9f8ab00f8e944cb3317f1dd3 Craxs RAT Malicious Packer UPX PE File PE32 .NET EXE PNG Format ZIP Format Browser Info Stealer Malware download FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware Cryptocurrency wallets Cryptocurrency AutoRuns MachineGuid Malicious Traffic Check memory Checks debugger buffers extracted Creates executable files unpack itself Windows utilities Collect installed applications suspicious process AppData folder AntiVM_Disk sandbox evasion WriteConsoleW anti-virtualization IP Check VM Disk Size Check installed browsers check Tofsee Ransomware Windows Browser RisePro Email ComputerName Remote Code Execution DNS Software crashed	3 Keyword trend analysis	7	9 Info ET MALWARE RisePro TCP Heartbeat Packet ET MALWARE [ANY.RUN] RisePro TCP (Token) ET POLICY Possible External IP Lookup Domain Observed in SNI (ipinfo. io) SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) ET MALWARE [ANY.RUN] RisePro TCP (Exfiltration) ET MALWARE RisePro CnC Activity (Inbound) ET INFO Executable Download from dotted-quad Host ET POLICY PE EXE or DLL Windows file download HTTP ET HUNTING SUSPICIOUS Dotted Quad Host MZ Response	16.0	M	50	ZeroCERT

43658	2024-03-29 07:49	pt.exe 28b734a208be706ba26a552f1b0adafe Generic Malware Malicious Library Malicious Packer UPX PE64 PE File OS Processor Check Browser Info Stealer VirusTotal Malware AutoRuns suspicious privilege Check memory WMI Windows utilities Check virtual network interfaces WriteConsoleW Windows Browser ComputerName DNS crashed	2 Keyword trend analysis	1		4.6	M	9	ZeroCERT

43659	2024-03-29 07:50	instrumentMAIN.exe c66b1f6942762649c44bca726995a227 Generic Malware Admin Tool (Sysinternals etc ...) .NET framework(MSIL) UPX PE File .NET EXE PE32 OS Processor Check VirusTotal Malware Check memory Checks debugger unpack itself ComputerName DNS		1		3.2		47	ZeroCERT

43660	2024-03-29 07:50	go.exe 7f264ba8e4c519ce90c6e3b430945476 AsyncRAT task schedule Downloader Malicious Library Malicious Packer .NET framework(MSIL) UPX PWS Create Service Socket DGA Http API ScreenShot Escalate priviledges Steal credential Sniff Audio HTTP DNS Code injection Internet API FTP KeyLogger P2P AntiDe Malware download AsyncRAT NetWireRC VirusTotal Malware Buffer PE AutoRuns MachineGuid Code Injection Check memory Checks debugger buffers extracted Creates executable files unpack itself Windows utilities suspicious process AppData folder WriteConsoleW Windows ComputerName Cryptographic key DDNS crashed DoTNet		2	4	11.4	M	54	ZeroCERT

43661	2024-03-29 07:51	bd2.exe 8b8db4eaa6f5368eb5f64359c6197b43 NSIS Generic Malware Malicious Library UPX Antivirus PE File PE32 VirusTotal Malware powershell suspicious privilege Check memory Checks debugger Creates shortcut Creates executable files unpack itself suspicious process WriteConsoleW Windows ComputerName Cryptographic key				7.0	M	26	ZeroCERT

43662	2024-03-29 07:52	ketamine6699.exe 13595ca5d5503aee4b4c67cd2ed5730c Craxs RAT PE File .NET EXE PE32 VirusTotal Malware PDB Check memory Checks debugger unpack itself WriteConsoleW ComputerName				3.0	M	45	ZeroCERT

43663	2024-03-29 07:55	http://www.example.com 89ec2c6bf09ed9a38bd11acb2a41cd1b Craxs RAT PE File .NET EXE PE32 VirusTotal Malware PDB suspicious privilege Check memory Checks debugger unpack itself WriteConsoleW ComputerName	1 Keyword trend analysis	2		3.4	M	45	ZeroCERT

43664	2024-03-29 07:58	TextMarks.exe ff35671d54d612772b0c22c141a3056e Gen1 Malicious Library Malicious Packer UPX MSOffice File PE64 PE File DllRegisterServer dll wget OS Processor Check VirusTotal Malware				0.8	M	27	ZeroCERT

43665	2024-03-29 07:59	spl.exe 3cb61ce448a806e79ce88d06e992cc9d Malicious Library Downloader Admin Tool (Sysinternals etc ...) UPX PE File PE32 VirusTotal Malware AutoRuns Windows	1 Keyword trend analysis	2	1	3.2	M	51	ZeroCERT