Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Score	Zero	VT	Player
43981	2024-04-21 12:52	.hta dbc5a204c56d2c6c974bb9ce287978d4 Generic Malware Downloader Antivirus Create Service Socket DGA Http API ScreenShot Escalate priviledges Steal credential PWS Sniff Audio HTTP DNS Code injection Internet API FTP KeyLogger P2P AntiDebug AntiVM PowerShell Lnk Format GIF Format ZIP Format Vulnerability VirusTotal Malware powershell suspicious privilege MachineGuid Code Injection Check memory Checks debugger buffers extracted Creates shortcut Creates executable files RWX flags setting unpack itself powershell.exe wrote Check virtual network interfaces suspicious process WriteConsoleW Windows ComputerName DNS Cryptographic key	2 Keyword trend analysis	1	2	12.4	M	23	ZeroCERT

43982	2024-04-21 12:53	Calrasjl.exe 7f1e688e77760ad29c560404a2fb9d2f Malicious Library UPX PE File .NET EXE PE32 VirusTotal Malware Check memory Checks debugger unpack itself ComputerName crashed				2.4	M	24	ZeroCERT

43983	2024-04-21 12:53	3.dat b68ced78e1348de3af3fb2052aa4f1a1 Malicious Library Malicious Packer AntiDebug AntiVM PE File .NET EXE PE32 VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself DNS		1	1	8.2	M	56	ZeroCERT

43984	2024-04-21 12:55	y.exe 67183ea2fdfbaace4c265de91e218c59 Generic Malware Malicious Library Antivirus UPX PE File .NET EXE PE32 OS Processor Check VirusTotal Malware powershell AutoRuns suspicious privilege MachineGuid Check memory Checks debugger Creates shortcut Creates executable files unpack itself suspicious process AppData folder AntiVM_Disk VM Disk Size Check Windows ComputerName Cryptographic key				7.2	M	59	ZeroCERT

43985	2024-04-21 20:54	Endermanch@WannaCrypt0r.exe 84c82835a5d21bbcf75a61706d8ab549 Browser Login Data Stealer Generic Malware Suspicious_Script_Bin Downloader Malicious Library UPX Admin Tool (Sysinternals etc ...) Antivirus Create Service Socket DGA Http API ScreenShot Escalate priviledges Steal credential PWS Hijack Network Sniff Audi Browser Info Stealer WannaCry ENERGETIC BEAR VirusTotal Malware AutoRuns suspicious privilege Code Injection Check memory Checks debugger buffers extracted WMI Creates shortcut Creates executable files ICMP traffic RWX flags setting unpack itself Windows utilities Check virtual network interfaces suspicious process AppData folder malicious URLs AntiVM_Disk sandbox evasion WriteConsoleW shadowcopy delete Ransom Message Turn off Windows Error Recovery notification window VM Disk Size Check human activity check Ransomware WannaCryptor Windows Browser Tor MalSpam ComputerName Remote Code Execution DNS Cryptographic key crashed		9	7 Info ET TOR Known Tor Exit Node Traffic group 134 ET TOR Known Tor Relay/Router (Not Exit) Node Traffic group 246 ET TOR Known Tor Relay/Router (Not Exit) Node Traffic group 135 ET JA3 Hash - Possible Malware - Malspam ET TOR Known Tor Relay/Router (Not Exit) Node Traffic group 314 ET TOR Known Tor Relay/Router (Not Exit) Node Traffic group 240 ET POLICY TLS possible TOR SSL traffic	24.4	M	64	guest

43986	2024-04-21 23:46	faintxakers-76060706313.exe 628e9b3aa525960223fd93bae86b5e7d Malicious Library .NET framework(MSIL) PE File .NET EXE PE32 Malware download VirusTotal Malware PDB Check memory Checks debugger buffers extracted unpack itself Check virtual network interfaces suspicious TLD Tofsee Cinoshi ComputerName		2	2	4.2	M	55	guest

43987	2024-04-22 13:15	retf543.bat 078bded0d7282b8b8daf4b40b837233a WebCam Admin Tool (Sysinternals etc ...) UPX AntiDebug AntiVM PE File PE32 VirusTotal Malware Code Injection Check memory Checks debugger buffers extracted RWX flags setting unpack itself Tofsee Remote Code Execution	1 Keyword trend analysis	4	2	9.4	M	26	ZeroCERT

43988	2024-04-22 13:16	setup294.exe 0cb2c7acebecb2db200e6987c69d2afa Generic Malware Malicious Library UPX AntiDebug AntiVM PE File PE32 OS Processor Check DLL VirusTotal Malware PDB Code Injection Checks debugger Creates executable files unpack itself AppData folder Remote Code Execution				4.6		27	ZeroCERT

43989	2024-04-22 13:17	sutra.exe d668244429e4a7a0b205b2ce843b9663 Generic Malware Malicious Library UPX PE File PE32 OS Processor Check VirusTotal Malware PDB unpack itself				2.0	M	35	ZeroCERT

43990	2024-04-22 13:19	s%20-Zn--%20-S.exe c8fbdd732dfadeb0eabde5a558ee010f WebCam Admin Tool (Sysinternals etc ...) UPX AntiDebug AntiVM PE File PE32 VirusTotal Malware Code Injection Check memory Checks debugger buffers extracted RWX flags setting unpack itself Tofsee Remote Code Execution	1 Keyword trend analysis	4	2	10.0	M	26	ZeroCERT

43991	2024-04-22 13:21	754abcd6.bat 7f77b237f660c6ef5aa674dbe4d3b38f WebCam Admin Tool (Sysinternals etc ...) UPX AntiDebug AntiVM PE File PE32 VirusTotal Malware Code Injection Check memory Checks debugger buffers extracted RWX flags setting unpack itself Tofsee Remote Code Execution DNS	1 Keyword trend analysis	3	2	10.0	M	24	ZeroCERT

43992	2024-04-22 13:23	testr35tgjhjg.bat b6e853f1dcad6a0a4bb6ab1eedeb8988 Admin Tool (Sysinternals etc ...) UPX PWS AntiDebug AntiVM PE File PE32 VirusTotal Malware Code Injection Check memory Checks debugger buffers extracted RWX flags setting unpack itself Tofsee ComputerName Remote Code Execution	1 Keyword trend analysis	2	2	8.2	M	28	ZeroCERT

43993	2024-04-22 14:19	Hakros Images Optimizer.exe b0499a584bfe83562cfd11385d8e6459 Malicious Library .NET framework(MSIL) UPX PE File .NET EXE PE32 VirusTotal Malware PDB MachineGuid Check memory Checks debugger buffers extracted unpack itself				3.0		16	guest

43994	2024-04-23 07:37	ghgjhjhgj.exe d28d15d73793b9630f91b3b4041af46c Malicious Library PE64 PE File VirusTotal Malware Buffer PE PDB suspicious privilege Check memory Checks debugger buffers extracted unpack itself				2.8		8	ZeroCERT

43995	2024-04-23 07:39	iz.exe 86c87988e4c163f7b19bd68555c9d019 Malicious Library UPX PE File DllRegisterServer dll PE32 MZP Format VirusTotal Malware RWX flags setting unpack itself Tofsee Interception crashed		2	1	4.0		39	ZeroCERT