popup

Submissions

No Date Request Urls Hosts IDS Rule Score Zero VT Player Etc
4366 2024-12-06 09:38 4XYFk9r.exe  

23b25ce90f70ffa0435db8df6a6764f2


Generic Malware Malicious Library Malicious Packer Antivirus .NET framework(MSIL) UPX .NET EXE PE32 PE File OS Processor Check DLL PE64 VirusTotal Malware PDB suspicious privilege MachineGuid Malicious Traffic Check memory Checks debugger Creates executable files unpack itself Check virtual network interfaces IP Check Tofsee Windows ComputerName DNS Cryptographic key 		1 4 3 6.2 44 ZeroCERT

4367 2024-12-06 09:38 hjgesadfseawd.exe  

ef75329efa1fa3cff64a2249e8b59306


Malicious Library .NET framework(MSIL) UPX .NET EXE PE32 PE File OS Processor Check VirusTotal Malware suspicious privilege MachineGuid Check memory Checks debugger unpack itself AntiVM_Disk VM Disk Size Check ComputerName 		3.2 58 ZeroCERT

4368 2024-12-06 09:36 ddd.exe  

37d3c4fb51f7ab9c67eec830ae6f9e1b


Generic Malware Malicious Library UPX PE64 PE File OS Processor Check VirusTotal Malware PDB Check memory Checks debugger unpack itself 		2.4 41 ZeroCERT

4369 2024-12-06 09:36 BhD8htX.exe  

ff4cf493ac5f7663d1cfc243e6646eb7


Themida UPX Anti_VM PE32 PE File VirusTotal Malware Checks debugger unpack itself Checks Bios Detects VMWare VMware anti-virtualization Windows crashed 		5.4 53 ZeroCERT

4370 2024-12-06 09:34 Ttok18.exe  

3544b39481484f67f807e54dd58a93d6


Generic Malware Antivirus .NET EXE PE32 PE File VirusTotal Malware powershell PDB suspicious privilege Check memory Checks debugger Creates shortcut unpack itself powershell.exe wrote suspicious process WriteConsoleW Windows ComputerName Cryptographic key 		6.4 29 ZeroCERT

4371 2024-12-06 09:33 fukjsefsdfh.exe  

8531a3df05fa0928c7d51087a203be69


PE32 PE File VirusTotal Malware unpack itself ComputerName crashed 		2.8 53 ZeroCERT

4372 2024-12-06 09:32 fhjsfryjaspyjga.exe  

37cb065f052d8cf6a46d41d6225b9a9f


Suspicious_Script_Bin Downloader Malicious Library .NET framework(MSIL) UPX Create Service Socket DGA Http API ScreenShot Escalate priviledges Steal credential PWS Sniff Audio HTTP DNS Code injection Internet API FTP KeyLogger P2P AntiDebug AntiVM .NET EX VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger Creates executable files unpack itself Windows utilities suspicious process AntiVM_Disk WriteConsoleW VM Disk Size Check Windows ComputerName 		6.8 53 ZeroCERT

4373 2024-12-06 09:32 vorpgkadeg.exe  

4d58df8719d488378f0b6462b39d3c63


Generic Malware Malicious Library Antivirus UPX PE32 PE File VirusTotal Malware DNS 		1 2.8 57 ZeroCERT

4374 2024-12-06 09:30 basx.exe  

6220543d415ef28746571e661206fbd4


Emotet Gen1 Generic Malware Malicious Library UPX PE32 PE File MZP Format DLL OS Processor Check PE64 CHM Format VirusTotal Malware Checks debugger Creates executable files unpack itself Windows utilities AppData folder WriteConsoleW Windows ComputerName crashed 		4.0 35 ZeroCERT

4375 2024-12-06 08:49 map_cache.db-shm  

628123b7982ea8169fb42d5c2ab16496


AntiDebug AntiVM Email Client Info Stealer suspicious privilege Checks debugger Creates shortcut unpack itself installed browsers check Browser Email ComputerName 		3.4 guest

4376 2024-12-04 17:02 tcp_windows_amd64.exe  

b6a2ea59733071ec77515c7841983c94


Trickbot Generic Malware PE64 PE File VirusTotal Malware unpack itself DNS 		1 2.2 43 r0d

4377 2024-12-04 16:43 tcp_windows_amd64.exe  

b6a2ea59733071ec77515c7841983c94


Generic Malware PE64 PE File VirusTotal Malware unpack itself DNS 		1 2.2 43 r0d

4378 2024-12-04 16:27 mtbkkesfthae.exe  

774a8755eccb3ebd8463204e8cd60941


Generic Malware Malicious Library UPX PE32 PE File OS Processor Check VirusTotal Malware Telegram Malicious Traffic unpack itself Tofsee ComputerName DNS 		2 5 3 5.0 55 ZeroCERT

4379 2024-12-04 16:24 s3_n.exe  

0e747d8ff04debc20e1f2df6c71b9190


Malicious Library Malicious Packer Antivirus UPX PE64 PE File OS Processor Check VirusTotal Malware crashed 		1.6 58 ZeroCERT

4380 2024-12-04 16:22 gweadtrgh.exe  

3a94ac80a1bbe958b6544874f311be69


Generic Malware Malicious Library UPX PE32 PE File OS Processor Check VirusTotal Malware Telegram Malicious Traffic unpack itself Tofsee ComputerName DNS 		1 5 3 5.0 57 ZeroCERT

keyword