popup

Submissions

No Date Request Urls Hosts IDS Rule Score Zero VT Player Etc
44476 2021-06-24 19:32 svcshost.exe  

71a631f1113b4a885d5bc6bcd063482f


Gen2 Antivirus PE File OS Processor Check PE32 VirusTotal Malware powershell AutoRuns PDB suspicious privilege Code Injection Check memory Checks debugger Creates shortcut Creates executable files unpack itself powershell.exe wrote suspicious process WriteConsoleW Windows ComputerName DNS Cryptographic key 		1 10.6 29 ZeroCERT

44477 2021-06-24 19:31 clean1.exe  

e5b895e9aa0f2d53b535f968bd05ae7f


PE File PE32 VirusTotal Malware Creates executable files Windows utilities WriteConsoleW Windows 		4.0 17 ZeroCERT

44478 2021-06-24 19:29 vbc.exe  

7ff6857b4e750127cfb44e3392ce0d06


PE File PE32 DLL Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware suspicious privilege Check memory Checks debugger Creates executable files unpack itself AppData folder Windows Browser Email ComputerName DNS Cryptographic key Software crashed 		1 8.4 10 ZeroCERT

44479 2021-06-24 19:29 ie.exe  

a85e6746a9b2c8b9f66d030ff757dc7f


Generic Malware AntiDebug AntiVM PE File .NET EXE PE32 FormBook Malware download VirusTotal Malware suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted unpack itself Tofsee Windows DNS crashed 		6 8 5 9.2 26 ZeroCERT

44480 2021-06-24 19:29 iTV.exe  

2a270d6a0d77fd1e12f813c8f8661e86


PE File OS Processor Check PE32 VirusTotal Malware RCE 		1.2 13 ZeroCERT

44481 2021-06-24 19:27 Regnator.exe  

da1beec86fb22f7e885ce7d96704998a


PE File PE32 VirusTotal Malware RCE 		1.4 11 ZeroCERT

44482 2021-06-24 19:26 vbv.exe  

c9aaebff7a6bfa505bf2e171c3775df0


Generic Malware Antivirus DNS AntiDebug AntiVM PE File .NET EXE PE32 Malware download Nanocore VirusTotal Malware c&c powershell Buffer PE AutoRuns suspicious privilege MachineGuid Code Injection Check memory Checks debugger buffers extracted Creates shortcut unpack itself powershell.exe wrote suspicious process WriteConsoleW human activity check Windows ComputerName DNS Cryptographic key DDNS crashed 		2 2 14.4 45 ZeroCERT

44483 2021-06-24 19:24 p3.exe  

b9d0d135d4feddc5dbda11c5aa4cc586


Malicious Library DGA DNS Socket Create Service Sniff Audio HTTP Escalate priviledges KeyLogger FTP Hijack Network Code injection Http API Internet API Steal credential ScreenShot Downloader P2P persistence AntiDebug AntiVM PE File PE32 OS Processor Check VirusTotal Malware Code Injection Check memory Checks debugger Creates executable files unpack itself Windows utilities suspicious process malicious URLs AntiVM_Disk WriteConsoleW anti-virtualization VM Disk Size Check Windows 		1 6.8 35 ZeroCERT

44484 2021-06-24 19:22 stagelessexe.exe  

088bd377384bc07c458f3b6bd5d54dbd


Malicious Library PE File PE32 VirusTotal Malware RWX flags setting ComputerName DNS 		2 4.4 58 ZeroCERT

44485 2021-06-24 19:22 sxx.exe  

8d99254d17f2ea92ac1910f82c50d18f


Generic Malware AntiDebug AntiVM PE File .NET EXE PE32 FormBook Malware download VirusTotal Malware suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted unpack itself crashed 		3 6 1 8.2 24 ZeroCERT

44486 2021-06-24 19:22 3EBCE3A4.Png  

808c722e8a8c165b817196f050f70d39


MSOffice File VirusTotal Malware 		1.0 34 ZeroCERT

44487 2021-06-24 19:20 20210511a.exe  

ad6509463c3fe2164613c56a909807f3


Gen1 VMProtect PE File OS Processor Check PE32 VirusTotal Malware suspicious privilege Check memory Creates executable files unpack itself Windows utilities suspicious process WriteConsoleW Windows RCE DNS 		5.4 23 ZeroCERT

44488 2021-06-24 19:18 fj37ruwe5.exe  

95762a936318d338049d7d27216ceda4


AsyncRAT backdoor Generic Malware AntiDebug AntiVM PE File .NET EXE PE32 VirusTotal Malware suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted unpack itself Windows utilities Check virtual network interfaces suspicious process WriteConsoleW Tofsee Windows ComputerName crashed 		1 2 1 12.2 36 ZeroCERT

44489 2021-06-24 19:17 Pupdate.exe  

a7e34959537cedd0cfef50389edf3b03


PE File PE32 VirusTotal Malware 		1.0 12 ZeroCERT

44490 2021-06-24 19:15 reddd.exe  

9f45e62d5df98c831e4a9caf5dc5ec27


AsyncRAT backdoor BitCoin Generic Malware AntiDebug AntiVM PE File .NET EXE PE32 Browser Info Stealer VirusTotal Malware suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted unpack itself Collect installed applications Check virtual network interfaces installed browsers check Tofsee Windows Browser ComputerName DNS Cryptographic key crashed 		2 3 2 10.8 24 ZeroCERT

keyword