Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Score	Zero	VT	Player
44851	2024-06-04 13:25	new_image.jpg.exe 34401908a80bd0bedd2a44cd93beb367 Malicious Library Malicious Packer Antivirus UPX PE File DLL PE32 OS Processor Check .NET DLL VirusTotal Malware PDB				1.2		37	ZeroCERT

44852	2024-06-04 13:26	new_image.jpg.exe 34401908a80bd0bedd2a44cd93beb367 Malicious Library Malicious Packer Antivirus UPX PE File DLL PE32 OS Processor Check .NET DLL VirusTotal Malware PDB				1.2		37	ZeroCERT

44853	2024-06-04 17:23	Resume+LetterofSI-2023.10.7-Fo... cfb5465e301f3850d70480660f188e17 MSOffice File unpack itself				1.2			guest

44854	2024-06-04 23:46	svchost.exe 8ec922c7a58a8701ab481b7be9644536 Gen1 Generic Malware Malicious Packer UPX PE64 PE File PDB Remote Code Execution				0.6			guest

44855	2024-06-05 03:19	FPTool.exe f421bbe1658cfb4615537c78e5311534 PhysicalDrive Generic Malware Malicious Library UPX PE File PE32 OS Processor Check VirusTotal Malware Check memory unpack itself Remote Code Execution				2.2		5	guest

44856	2024-06-05 07:29	swizzzz.exe a74811b7e2d71612463144c69c0ca7e2 Generic Malware Malicious Library UPX PE File PE32 OS Processor Check unpack itself crashed				1.2			ZeroCERT

44857	2024-06-05 07:30	lrthijawd.exe 1b1ecd323162c054864b63ada693cd71 SystemBC Generic Malware Downloader Malicious Library UPX Malicious Packer Antivirus Create Service Socket DGA Http API ScreenShot Escalate priviledges Steal credential PWS Sniff Audio HTTP DNS Code injection Internet API persistence FTP KeyLogger P2P Ant AutoRuns PDB Code Injection Checks debugger Creates executable files AppData folder sandbox evasion Windows Remote Code Execution				5.2			ZeroCERT

44858	2024-06-05 07:31	newbild.exe c302ed158d988bc5aeb37a4658e3eb0a RedLine stealer RedlineStealer Malicious Library .NET framework(MSIL) UPX PE File .NET EXE PE32 OS Processor Check Browser Info Stealer RedLine Malware download FTP Client Info Stealer Malware Microsoft suspicious privilege Check memory Checks debugger buffers extracted unpack itself Collect installed applications installed browsers check Stealer Windows Browser ComputerName DNS Cryptographic key Software crashed		1	6 Info ET DROP Spamhaus DROP Listed Traffic Inbound group 33 ET INFO Microsoft net.tcp Connection Initialization Activity ET MALWARE Redline Stealer TCP CnC Activity ET MALWARE [ANY.RUN] RedLine Stealer/MetaStealer Family Related (MC-NMF Authorization) ET MALWARE Redline Stealer TCP CnC - Id1Response ET MALWARE Redline Stealer/MetaStealer Family Activity (Response)	5.0			ZeroCERT

44859	2024-06-05 07:31	lumma123.exe 5161d6c2af56a358e4d00d3d50b3cafb Generic Malware Malicious Library UPX PE File PE32 OS Processor Check unpack itself crashed				1.2	M		ZeroCERT

44860	2024-06-05 07:34	upd.exe e8a7d0c6dedce0d4a403908a29273d43 Generic Malware Malicious Library UPX PE File PE32 OS Processor Check unpack itself crashed				1.2	M		ZeroCERT

44861	2024-06-05 07:41	igcc.exe 007c45864ab8a36a66fe21a24797432b Malicious Library PE File .NET EXE PE32 PDB suspicious privilege Code Injection Check memory Checks debugger unpack itself				4.4			ZeroCERT

44862	2024-06-05 07:41	redline123123.exe 0efd5136528869a8ea1a37c5059d706e RedLine stealer RedlineStealer Malicious Library .NET framework(MSIL) UPX PE File .NET EXE PE32 OS Processor Check Browser Info Stealer RedLine Malware download FTP Client Info Stealer Malware Microsoft suspicious privilege Check memory Checks debugger buffers extracted unpack itself Collect installed applications installed browsers check Stealer Windows Browser ComputerName DNS Cryptographic key Software crashed		1	6 Info ET DROP Spamhaus DROP Listed Traffic Inbound group 33 ET INFO Microsoft net.tcp Connection Initialization Activity ET MALWARE Redline Stealer TCP CnC Activity ET MALWARE [ANY.RUN] RedLine Stealer/MetaStealer Family Related (MC-NMF Authorization) ET MALWARE Redline Stealer TCP CnC - Id1Response ET MALWARE Redline Stealer/MetaStealer Family Activity (Response)	5.0	M		ZeroCERT

44863	2024-06-05 07:43	NUZfgivQhifX46kon.exe 957f18ab4db251c4c04ec51d97e27c4b AgentTesla Malicious Library PWS SMTP KeyLogger AntiDebug AntiVM PE64 PE File Browser Info Stealer FTP Client Info Stealer Email Client Info Stealer Buffer PE PDB suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself Check virtual network interfaces IP Check Tofsee Windows Browser Email ComputerName DNS Cryptographic key Software crashed keylogger	1 Keyword trend analysis	2	3	11.8	M		ZeroCERT

44864	2024-06-05 07:43	igcc.exe 01c92d0c5eeee2d1d15b6386f36b8af8 AgentTesla Malicious Library PWS SMTP KeyLogger AntiDebug AntiVM PE File .NET EXE PE32 Browser Info Stealer FTP Client Info Stealer Email Client Info Stealer AutoRuns PDB suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself Check virtual network interfaces IP Check Tofsee Windows Browser Email ComputerName DNS Software crashed	1 Keyword trend analysis	2	4	11.0	M		ZeroCERT

44865	2024-06-05 07:45	igcc.exe 2e1fea17aeea8852800f17ead782ca53 AgentTesla Malicious Library .NET framework(MSIL) PWS SMTP KeyLogger AntiDebug AntiVM PE File .NET EXE PE32 Browser Info Stealer FTP Client Info Stealer Email Client Info Stealer suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself Browser Email ComputerName Software crashed				10.0	M		ZeroCERT