popup

Submissions

No Date Request Urls Hosts IDS Rule Score Zero VT Player Etc
44581 2021-06-18 16:43 cports.exe  

120dd0fcdbecf5b37b0f6578fc541323


Gen1 Gen2 Generic Malware PE File OS Processor Check PE32 DLL PE64 VirusTotal Malware Checks debugger unpack itself AppData folder AntiVM_Disk VM Disk Size Check ComputerName 		2.8 16 ZeroCERT

44582 2021-06-18 14:07 seudebito9896642cqyrs9th nmbof...  

b6ba52508561cfb5fe75d151ffd3c7cc


Gen2 MSOffice File VirusTotal Malware suspicious privilege Check memory Checks debugger unpack itself AntiVM_Disk VM Disk Size Check ComputerName 		2.2 9 ZeroCERT

44583 2021-06-18 13:39 c.wbk  

c0c72fd2ce1b122fb69864ecf385b1b6


RTF File doc AntiDebug AntiVM MachineGuid Check memory Checks debugger exploit crash unpack itself Tofsee Exploit crashed 		2 2 2.8 ZeroCERT

44584 2021-06-18 11:33 winhost.exe  

2415c1f7de7b48be235bd153e7eb2470


AsyncRAT backdoor PE File PE64 VirusTotal Malware Check memory Checks debugger unpack itself crashed 		2.4 M 31 ZeroCERT

44585 2021-06-18 10:56 News.docx  

aa82c7bfecf2700a60cdb8c4e3642130

unpack itself DNS 		1.8 ZeroCERT

44586 2021-06-18 10:31 87435972.exe  

75cb80f790fc91926ba1d90a0bb6e09e


Generic Malware themida Admin Tool (Sysinternals etc ...) PE File PE32 VirusTotal Malware unpack itself Checks Bios Detects VirtualBox Detects VMWare VMware anti-virtualization Windows Firmware crashed 		5.4 M 45 r0d

44587 2021-06-18 10:07 test.exe  

d57237560c25aff34850ab1980a0fb04


Malicious Library PE File PE32 Dridex TrickBot VirusTotal Malware unpack itself Kovter DNS 		1 1 2.6 52 r0d

44588 2021-06-18 10:05 pub1.exe  

0c7adaaa32d263c051a72555d85323e9


Raccoon Stealer PE File OS Processor Check PE32 VirusTotal Malware PDB unpack itself Windows DNS crashed 		3.6 M 23 ZeroCERT

44589 2021-06-18 10:03 win32.exe  

b562af446e9f7361e4b10e3b6c50cf5b


PWS .NET framework Admin Tool (Sysinternals etc ...) Malicious Library AntiDebug AntiVM PE File .NET EXE PE32 VirusTotal Malware Buffer PE PDB suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself Windows DNS Cryptographic key 		9.0 M 33 ZeroCERT

44590 2021-06-18 10:01 TNWKX9Z3WCY9YXCB.jar  

082a3c07f697e6b1cd18ca2840f3a4df

VirusTotal Malware Check memory heapspray unpack itself Java DNS 		3.0 M 25 ZeroCERT

44591 2021-06-18 09:58 87435972.exe  

75cb80f790fc91926ba1d90a0bb6e09e


PE File PE32 VirusTotal Malware unpack itself Checks Bios Detects VirtualBox Detects VMWare VMware anti-virtualization Windows Firmware DNS crashed 		1 5 7.4 M 45 ZeroCERT

44592 2021-06-18 09:56 asd.exe  

8b7f7f3857dd6194924c982d97fd13ce


PWS Loki[b] Loki[m] PE File PE32 DLL JPEG Format Malware download Amadey FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware AutoRuns Malicious Traffic Check memory Checks debugger Creates executable files ICMP traffic unpack itself Windows utilities Checks Bios Detects VirtualBox Detects VMWare suspicious process AppData folder suspicious TLD WriteConsoleW VMware anti-virtualization Tofsee Windows Email ComputerName Firmware DNS Software crashed 		5 4 5 15.4 M 41 ZeroCERT

44593 2021-06-18 09:53 god.exe  

e5a571a66090b1a9c61ab60f41abc465


AsyncRAT backdoor PWS .NET framework Admin Tool (Sysinternals etc ...) Malicious Library SMTP KeyLogger AntiDebug AntiVM PE File .NET EXE PE32 VirusTotal Malware PDB suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself Windows ComputerName DNS Cryptographic key crashed 		11.0 M 30 ZeroCERT

44594 2021-06-18 09:52 redbutton.png  

1a5f3ca6597fcccd3295ead4d22ce70b


PE File OS Processor Check PE32 Dridex TrickBot VirusTotal Malware Report PDB suspicious privilege Malicious Traffic buffers extracted unpack itself Check virtual network interfaces suspicious process Kovter ComputerName RCE DNS crashed 		4 8 5 6.6 M 32 ZeroCERT

44595 2021-06-18 09:49 file.exe  

fb4bd33f89ac6417468bb1d4729f8b75


Raccoon Stealer PE File OS Processor Check PE32 VirusTotal Malware PDB unpack itself Windows DNS crashed 		3.6 M 22 ZeroCERT

keyword