Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Score	Zero	VT	Player
4426	2024-11-29 21:53	Windows_11_Update_Bypass_Setup... d29a079843c4f606e6daf91b6d687bcb Generic Malware Malicious Library ASPack UPX .NET framework(MSIL) Admin Tool (Sysinternals etc ...) PE32 PE File MZP Format OS Processor Check .NET EXE icon Lnk Format GIF Format PE64 VirusTotal Malware suspicious privilege Checks debugger Creates shortcut Creates executable files unpack itself AppData folder AntiVM_Disk VM Disk Size Check installed browsers check Browser ComputerName				4.6		6	guest

4427	2024-11-29 13:41	p.exe 87a4eba6b5a8e9d8db42ad9479eec2d3 Generic Malware Malicious Library Malicious Packer UPX PE64 PE File VirusTotal Malware DNS		1		1.0		6	ZeroCERT

4428	2024-11-29 13:39	nbea1t8.exe 18cf1b1667f8ca98abcd5e5dceb462e9 Themida UPX PE32 PE File VirusTotal Malware powershell AutoRuns Checks debugger unpack itself Checks Bios Detects VMWare VMware anti-virtualization Windows DNS crashed		1		7.2		27	ZeroCERT

4429	2024-11-29 13:37	random.exe 479e479e9b6da43b7f537bebf11f215a Themida UPX PE32 PE File VirusTotal Malware Checks debugger unpack itself Checks Bios Detects VMWare VMware anti-virtualization Windows crashed				5.2		32	ZeroCERT

4430	2024-11-29 13:34	rWmzULI.exe ef4b5e4dbb0c0cd9c261b1ca7a90e1f1 PhysicalDrive Generic Malware Malicious Library Admin Tool (Sysinternals etc ...) UPX Anti_VM PE32 PE File MZP Format OS Processor Check VirusTotal Malware Telegram Malicious Traffic unpack itself Tofsee ComputerName RCE DNS	1 Keyword trend analysis	5	3	4.4		4	ZeroCERT

4431	2024-11-29 13:34	uxN4wDZ.exe a55d149ef6d095d1499d0668459c236f Generic Malware Malicious Library UPX ScreenShot AntiDebug AntiVM PE32 PE File OS Processor Check VirusTotal Malware Code Injection Check memory Checks debugger buffers extracted unpack itself				7.0		24	ZeroCERT

4432	2024-11-29 13:33	TcMBq5M.exe 5f602a88eb5e8abb43c9035585f8dbef Gen1 Generic Malware PDF Suspicious Link Malicious Library Antivirus UPX Malicious Packer Admin Tool (Sysinternals etc ...) Anti_VM PE32 PE File OS Processor Check MSOffice File DLL Malware download VirusTotal Malware PDB suspicious privilege Check memory Checks debugger Creates shortcut Creates executable files unpack itself AppData folder AntiVM_Disk VM Disk Size Check installed browsers check Browser Advertising ComputerName DNS crashed	1 Keyword trend analysis	4	4	5.0		4	ZeroCERT

4433	2024-11-29 13:33	tvtC9D3.exe 56944be08ed3307c498123514956095b NSIS Malicious Library UPX PE32 PE File DLL VirusTotal Malware Malicious Traffic Check memory Creates executable files ICMP traffic Windows utilities AppData folder Windows DNS	2 Keyword trend analysis	2	6 Info ET INFO Executable Download from dotted-quad Host ET HUNTING Suspicious BITS EXE DL From Dotted Quad ET POLICY PE EXE or DLL Windows file download HTTP ET HUNTING SUSPICIOUS Dotted Quad Host MZ Response ET INFO EXE IsDebuggerPresent (Used in Malware Anti-Debugging) ET INFO Dotted Quad Host RAR Request	4.8		9	ZeroCERT

4434	2024-11-29 13:32	injector.ps1 2e1cab692dcab564f7117dbb6cf6a165 Generic Malware Antivirus DLL PE32 PE File .NET DLL VirusTotal Malware Check memory Creates executable files unpack itself Windows utilities AppData folder WriteConsoleW Windows Cryptographic key				3.8		2	ZeroCERT

4435	2024-11-29 13:30	22.exe 3126725f67989c5f249c4c2bd1da2c64 Malicious Library UPX PE64 PE File VirusTotal Malware ICMP traffic DNS		1		3.0		19	ZeroCERT

4436	2024-11-28 22:31	winfuck.exe 53cc9d24a2dacc86819a40ac71819870 Generic Malware Malicious Library .NET framework(MSIL) Admin Tool (Sysinternals etc ...) UPX Antivirus .NET EXE PE32 PE File VirusTotal Malware powershell AutoRuns suspicious privilege Check memory Checks debugger Creates shortcut Creates executable files unpack itself Windows utilities powershell.exe wrote suspicious process WriteConsoleW Windows ComputerName Cryptographic key				6.6	M	55	guest

4437	2024-11-27 12:36	Hyttegsten.bat 3eb2c328550925d05ae2752a11941ef9 Generic Malware Downloader Antivirus Create Service Socket DGA Http API ScreenShot Escalate priviledges Steal credential PWS Sniff Audio HTTP DNS Code injection Internet API FTP KeyLogger P2P AntiDebug AntiVM powershell suspicious privilege Code Injection Check memory Checks debugger Creates shortcut unpack itself Windows utilities Check virtual network interfaces suspicious process WriteConsoleW Windows ComputerName Cryptographic key		1		5.4			guest

4438	2024-11-27 12:36	Grundtvigsk.cmd 63b3e6c2830edd0332ac2509ec420469 Generic Malware Downloader Antivirus Create Service Socket DGA Http API ScreenShot Escalate priviledges Steal credential PWS Sniff Audio HTTP DNS Code injection Internet API FTP KeyLogger P2P AntiDebug AntiVM powershell suspicious privilege Code Injection Check memory Checks debugger Creates shortcut unpack itself Windows utilities powershell.exe wrote Check virtual network interfaces suspicious process WriteConsoleW Windows ComputerName Cryptographic key		1		6.6			guest

4439	2024-11-27 12:35	Heteroepy.wsf ec9e0e26868eafb7c3eb93257048fadc Generic Malware Antivirus AntiDebug AntiVM powershell suspicious privilege Code Injection Check memory Checks debugger Creates shortcut unpack itself Windows utilities Check virtual network interfaces suspicious process WriteConsoleW Windows ComputerName Cryptographic key		1		7.2			guest

4440	2024-11-27 10:39	SkXyKtfH.txt cc9c30f64dc341f3326e0ba75934eb81 ScreenShot AntiDebug AntiVM VirusTotal Malware Check memory unpack itself				1.4		7	guest