Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Rule	Score	Zero	VT	Player
44401	2024-05-18 20:11	lumma0805.exe e1ab31d73262bdee62de0be92463771b Generic Malware Malicious Library UPX PE File PE32 OS Processor Check VirusTotal Malware unpack itself crashed					2.2	M	56	ZeroCERT

44402	2024-05-18 20:11	tdrpload.exe 9a24a00438a4d06d64fe4820061a1b45 Worm Phorpiex Generic Malware Malicious Library Downloader Admin Tool (Sysinternals etc ...) Malicious Packer UPX PE File PE32 PE64 Malware download VirusTotal Cryptocurrency Miner Malware Cryptocurrency Buffer PE AutoRuns Malicious Traffic Checks debugger buffers extracted Creates executable files ICMP traffic Disables Windows Security AppData folder Windows Update DNS	10 Keyword trend analysis Info http://185.215.113.66/4 - rule_id: 26697 http://185.215.113.66/_1 http://185.215.113.66/_3 http://185.215.113.66/_2 http://185.215.113.66/6 http://185.215.113.66/5 - rule_id: 26698 http://185.215.113.66/3 - rule_id: 26696 http://185.215.113.66/2 - rule_id: 26695 http://185.215.113.66/1 - rule_id: 26694 http://twizt.net/ALLSTATA	42 Info twizt.net(185.215.113.66) - malware www.update.microsoft.com(20.109.209.108) 105.111.97.94 151.233.182.35 5.42.96.117 46.167.138.154 95.59.4.234 178.130.73.157 78.39.232.233 185.215.113.66 - malware 188.209.24.211 213.230.99.184 188.215.185.154 185.203.237.213 103.4.92.235 82.194.13.95 213.230.90.13 216.107.138.162 175.107.56.212 45.150.25.234 2.182.101.42 5.190.247.209 89.38.90.198 20.72.235.82 2.180.32.222 82.194.13.101 188.208.58.14 93.118.99.152 151.247.86.184 89.236.219.80 45.244.97.228 77.221.27.6 2.185.241.24 89.236.205.171 89.236.208.174 2.183.172.29 89.165.5.25 91.202.233.141 134.35.181.192 78.137.80.115 5.232.129.90 189.222.32.81	9 Info ET DROP Spamhaus DROP Listed Traffic Inbound group 32 ET INFO Executable Download from dotted-quad Host ET INFO Packed Executable Download ET MALWARE Win32/Phorpiex UDP Peer-to-Peer CnC ET POLICY PE EXE or DLL Windows file download HTTP ET HUNTING SUSPICIOUS Dotted Quad Host MZ Response ET DROP Spamhaus DROP Listed Traffic Inbound group 1 ET DROP Spamhaus DROP Listed Traffic Inbound group 13 ET POLICY Cryptocurrency Miner Checkin	5	13.6	M	55	ZeroCERT

44403	2024-05-18 20:12	WinSec.exe 7986acff81fdbe475364a07ff01ad325 Ave Maria WARZONE RAT Generic Malware Malicious Library Downloader Malicious Packer UPX Antivirus PE File PE32 OS Processor Check VirusTotal Malware powershell AutoRuns suspicious privilege Code Injection Check memory Checks debugger Creates shortcut Creates executable files unpack itself powershell.exe wrote suspicious process WriteConsoleW human activity check Windows ComputerName Remote Code Execution DNS Cryptographic key		1			10.8	M	66	ZeroCERT

44404	2024-05-18 20:13	eee.exe db8d5c5808856045722588e5c2e589fb Process Kill Generic Malware Suspicious_Script_Bin Malicious Library FindFirstVolume CryptGenKey UPX PE File Device_File_Check PE32 OS Processor Check Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware suspicious privilege Check memory Checks debugger buffers extracted unpack itself Check virtual network interfaces IP Check Tofsee Windows Browser Email ComputerName DNS Cryptographic key Software crashed	1 Keyword trend analysis	2	3		7.8	M	41	ZeroCERT

44405	2024-05-18 20:15	swizzz.exe ad63629d1cc7a27553c9a52795b93d6d Generic Malware Malicious Library UPX PE File PE32 OS Processor Check VirusTotal Malware unpack itself crashed					2.2	M	57	ZeroCERT

44406	2024-05-18 20:15	EAP.exe 76609684d4f0fdd1e46ddf8353c389bf Process Kill Generic Malware Suspicious_Script_Bin Malicious Library FindFirstVolume CryptGenKey UPX PE File Device_File_Check PE32 OS Processor Check Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware suspicious privilege Check memory Checks debugger buffers extracted unpack itself Check virtual network interfaces IP Check Tofsee Windows Browser Email ComputerName DNS Cryptographic key Software crashed	1 Keyword trend analysis	2	3		7.8	M	41	ZeroCERT

44407	2024-05-18 20:17	crypted_4c800f49.exe 04dc5bb453bfac86b98f055022f0e281 Generic Malware Malicious Library UPX PE File PE32 OS Processor Check VirusTotal Malware PDB unpack itself crashed					2.4	M	51	ZeroCERT

44408	2024-05-18 20:17	setup294.exe 2be1c12303c2c515a9ffcefe0565f6d2 Generic Malware Malicious Library UPX PE File PE32 OS Processor Check DLL PDB unpack itself suspicious process AppData folder Remote Code Execution					1.8	M		ZeroCERT

44409	2024-05-18 20:19	HVC.exe d3d4eadf3c33f7f479c4e647ac76ed25 Process Kill Generic Malware Suspicious_Script_Bin Malicious Library FindFirstVolume CryptGenKey UPX PE File Device_File_Check PE32 OS Processor Check Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware suspicious privilege Check memory Checks debugger buffers extracted unpack itself Check virtual network interfaces IP Check Tofsee Windows Browser Email ComputerName DNS Cryptographic key Software crashed	1 Keyword trend analysis	2	3		7.0	M	38	ZeroCERT

44410	2024-05-18 20:21	dl.php 26014026c431d9580db7c53bc0bab9dd Generic Malware Malicious Library PE File PE32 VirusTotal Malware unpack itself					2.2	M	37	ZeroCERT

44411	2024-05-18 20:23	print.exe 6ea7a8430947755910dd530609ccd33c PE64 PE File Malware download Amadey VirusTotal Malware Malicious Traffic DNS SilentCryptoMiner	1 Keyword trend analysis	1	2		3.2	M	53	ZeroCERT

44412	2024-05-18 20:31	222.exe 0603ce41d19c5ed6f06d28d7c1a0d8fe Malicious Library UPX PE File PE32 VirusTotal Malware Check memory Checks debugger unpack itself crashed					2.4		46	ZeroCERT

44413	2024-05-19 10:32	o2i3jroi23joj23ikrjokij3oroi.e... 79a106e33e12d0388b10b15be9dfeb7c Malicious Library Malicious Packer UPX PE File PE32 MZP Format VirusTotal Malware unpack itself crashed					2.0	M	37	ZeroCERT

44414	2024-05-19 10:32	sdf34ert3etgrthrthfghfghjfgh.e... 43af92d0ca9ed93bed997f65b784cdf1 Malicious Library Malicious Packer UPX PE File PE32 MZP Format VirusTotal Malware Check memory unpack itself crashed					2.2	M	35	ZeroCERT

44415	2024-05-19 10:34	fee.exe 38531b2b0413ec8925c2ab8d9755d24b RedLine Infostealer UltraVNC Generic Malware Malicious Library UPX PE File PE32 OS Processor Check VirusTotal Malware PDB					1.8	M	45	ZeroCERT