popup

Submissions

No Date Request Urls Hosts IDS Rule Score Zero VT Player Etc
44326 2020-12-29 14:50 200k.exe  

b66dbb305a9c9454b5dd5a894d257dbc


unpack itself 		2.2 ZeroCERT

44327 2020-12-29 14:42 askinstall5.exe  

1700d52ae8e1b07c16d2efbd2439fc7d


Browser Info Stealer VirusTotal Malware PDB suspicious privilege MachineGuid Code Injection Malicious Traffic Checks debugger WMI Creates executable files exploit crash unpack itself Windows utilities suspicious process AppData folder malicious URLs suspicious TLD WriteConsoleW installed browsers check Tofsee Ransomware Windows Exploit Browser ComputerName Remote Code Execution DNS crashed 		4 8 3 14.0 47 ZeroCERT

44328 2020-12-29 14:39 askinstall102.exe  

dee19dc1523b455fe966856b1e40c318


VirusTotal Malware unpack itself malicious URLs 		3.2 M 39 ZeroCERT

44329 2020-12-29 13:05 Arcserve_Unified_Data_Protecti...  

d41d8cd98f00b204e9800998ecf8427e

 0.4 guest

44330 2020-12-29 12:31 ask.exe  

08ce06744e5fa947d7639cf606c4ff5c


VirusTotal Malware DNS 		1.8 21 ZeroCERT

44331 2020-12-29 12:30 apdf.exe  

4091edb6fc4ddec9dc69a3a6dd60d929


VirusTotal Malware powershell AutoRuns suspicious privilege Code Injection Check memory Checks debugger buffers extracted Creates shortcut Creates executable files unpack itself powershell.exe wrote suspicious process malicious URLs AntiVM_Disk WriteConsoleW VM Disk Size Check Windows ComputerName Cryptographic key 		12.0 M 19 ZeroCERT

44332 2020-12-29 12:26 apdf.exe  

4091edb6fc4ddec9dc69a3a6dd60d929


Browser Info Stealer VirusTotal Malware powershell AutoRuns suspicious privilege MachineGuid Code Injection Check memory Checks debugger buffers extracted WMI Creates shortcut Creates executable files unpack itself powershell.exe wrote suspicious process malicious URLs AntiVM_Disk WriteConsoleW VM Disk Size Check Windows Browser ComputerName DNS Cryptographic key 		1 15.6 M 19 ZeroCERT

44333 2020-12-29 12:25 add.exe  

e6731de795cc99d6186f1d94ff5a03e6


Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware AutoRuns suspicious privilege Check memory Checks debugger Creates executable files unpack itself Windows utilities suspicious process AppData folder malicious URLs WriteConsoleW Ransomware Windows Browser Tor Email ComputerName Cryptographic key Software crashed keylogger 		12.6 M 21 ZeroCERT

44334 2020-12-29 12:11 0QD13JK5BSW67X42.doc  

a31982ecb88498bb30b0c1a289d82c6b


Vulnerability VirusTotal Malware Malicious Traffic ICMP traffic unpack itself malicious URLs Windows DNS 		3 5 3 6.0 M 20 ZeroCERT

44335 2020-12-29 12:11 YZ3CK00V3KVPD.doc  

a31982ecb88498bb30b0c1a289d82c6b


Vulnerability VirusTotal Malware Malicious Traffic unpack itself malicious URLs Windows DNS 		3 5 3 5.2 M 20 ZeroCERT

44336 2020-12-29 11:13 111.doc  

3de02c4740511692cdc896dbbd4f7648


Vulnerability VirusTotal Malware Malicious Traffic unpack itself malicious URLs Windows DNS 		3 5 3 5.0 15 r0d

44337 2020-12-27 15:03 Doc1.dotm  

1a575a4cbc7fa8faba585373c44e3edb


VirusTotal Malware Code Injection unpack itself malicious URLs DNS 		2 1 6.8 41 ZeroCERT

44338 2020-12-27 15:01 nethelper.dll  

e835f27f6b6a2b0af42873ce2cc6cc07


VirusTotal Malware unpack itself malicious URLs 		2.6 42 ZeroCERT

44339 2020-12-26 22:10 form.exe  

c8eeac24eca23bd1df10b02d5430432d


Malware PDB Malicious Traffic Check memory buffers extracted WMI Creates executable files unpack itself Check virtual network interfaces AppData folder malicious URLs sandbox evasion anti-virtualization ComputerName DNS Software AnyDesk 		1 6 1 8.8 ZeroCERT

44340 2020-12-26 22:10 image.jpg.exe  

aebeb7b1a23449b44195814dda4fb002


Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware Buffer PE suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted RWX flags setting unpack itself Check virtual network interfaces malicious URLs IP Check Tofsee Ransomware Interception Windows Browser Tor Email ComputerName Cryptographic key Software crashed 		3 8 1 17.2 M 58 ZeroCERT

keyword