Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Rule	Score	Zero	VT	Player
44926	2021-06-01 17:14	IMG_065017223.exe 9b96740790bb0608fed5823c194d6083 AsyncRAT backdoor SMTP KeyLogger AntiDebug AntiVM PE File .NET EXE PE32 VirusTotal Malware suspicious privilege Check memory Checks debugger unpack itself Windows ComputerName DNS crashed					5.2		32	ZeroCERT

44927	2021-06-01 17:12	Questions about the study of f... 7833c0f413c1611f7281ac303bcef4b3 PE File OS Processor Check PE32 VirusTotal Malware MachineGuid unpack itself RCE DNS					3.8		51	ZeroCERT

44928	2021-06-01 17:10	Questions about the study of f... 7833c0f413c1611f7281ac303bcef4b3 PE File OS Processor Check PE32 VirusTotal Malware MachineGuid unpack itself RCE DNS					3.8		51	ZeroCERT

44929	2021-06-01 17:08	Questions about the study of f... 7833c0f413c1611f7281ac303bcef4b3 PE File OS Processor Check PE32 VirusTotal Malware MachineGuid unpack itself RCE DNS					3.8		51	ZeroCERT

44930	2021-06-01 17:04	consoleapp5a.exe 0ffde20bbcf9388a2b446c90222ac410 AsyncRAT backdoor AntiDebug AntiVM PE File .NET EXE PE32 Dridex TrickBot VirusTotal Malware Buffer PE suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted unpack itself Check virtual network interfaces Tofsee Kovter Windows DNS crashed	1 Keyword trend analysis	3	2	1	12.4	M	44	ZeroCERT

44931	2021-06-01 15:41	http://209.141.61.124/Q-2/IMG_... 9b96740790bb0608fed5823c194d6083 AgentTesla DGA DNS Socket Create Service Sniff Audio HTTP Escalate priviledges KeyLogger FTP Hijack Network Code injection Http API Internet API Steal credential ScreenShot Downloader P2P persistence AntiDebug AntiVM MSOffice File VirusTotal Malware Code Injection Malicious Traffic Creates executable files RWX flags setting exploit crash unpack itself Windows utilities malicious URLs Windows Exploit DNS crashed	1 Keyword trend analysis	1	3		6.6			guest

44932	2021-06-01 13:26	ClassLibrary1.dll be12adb79c30513a8a6eee55be2cae12 AsyncRAT backdoor PE File DLL .NET DLL PE32 VirusTotal Malware					0.4		4	ZeroCERT

44933	2021-06-01 11:21	svchost.exe 10d1dc044b4f546c7e1c29f40d364a77 Generic Malware Malicious Packer PE File PE32 VirusTotal Malware Check memory RWX flags setting unpack itself suspicious process anti-virtualization					3.2	M	43	r0d

44934	2021-06-01 10:58	svchost.exe d850f8d4823240e54f834f85e09bd9e7 Generic Malware Malicious Library PE File PE32 VirusTotal Malware Windows utilities suspicious process WriteConsoleW Windows ComputerName					2.8	M	40	r0d

44935	2021-06-01 09:39	c1124.exe 6bc34d0942aafd77c276b4ad40c02916 AsyncRAT backdoor AntiDebug AntiVM PE File .NET EXE PE32 VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself ComputerName DNS crashed		1			10.2	M	28	ZeroCERT

44936	2021-06-01 09:37	fsoleApp1.exe b9e9adf06ee8e96deae78c73127ffff6 AsyncRAT backdoor SMTP KeyLogger AntiDebug AntiVM PE File .NET EXE PE32 Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted unpack itself Check virtual network interfaces VMware IP Check Tofsee Windows Browser Email ComputerName DNS Cryptographic key DDNS Software crashed	2 Keyword trend analysis	4	4		14.6	M	32	ZeroCERT

44937	2021-06-01 09:33	d234.exe 4d502f30155e5f6215ed32de99c4ca14 AsyncRAT backdoor SMTP KeyLogger AntiDebug AntiVM PE File .NET EXE PE32 VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself Windows ComputerName DNS crashed					9.6	M	36	ZeroCERT

44938	2021-06-01 09:32	firefox.bat 0133dbb43454830e50e7540b52e5c59f AgentTesla Antivirus DGA DNS Socket Create Service Sniff Audio HTTP Escalate priviledges KeyLogger FTP Code injection Http API Internet API Steal credential ScreenShot Downloader P2P AntiDebug AntiVM powershell suspicious privilege Check memory Checks debugger Creates shortcut unpack itself powershell.exe wrote suspicious process WriteConsoleW Windows ComputerName DNS Cryptographic key					5.2	M		ZeroCERT

44939	2021-06-01 09:28	QUAConsoleApp5.exe 51ee29d68a7aefead4a82af353bab78c PWS Loki[b] Loki[m] AsyncRAT backdoor DNS KeyLogger ScreenShot AntiDebug AntiVM PE File .NET EXE PE32 VirusTotal Malware Malicious Traffic IP Check Tofsee	2 Keyword trend analysis	6	2		3.0	M	34	ZeroCERT

44940	2021-06-01 09:28	book.jpg 1db8ea99d5b3309e68f5bc941c3cb738 AsyncRAT backdoor PE File DLL .NET DLL PE32 VirusTotal Malware PDB					1.0	M	23	ZeroCERT