Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Rule	Score	Zero	VT	Player
45031	2021-05-31 18:06	svchost.exe d850f8d4823240e54f834f85e09bd9e7 PE File PE32 VirusTotal Malware Windows utilities suspicious process WriteConsoleW Windows ComputerName DNS					3.2		32	ZeroCERT

45032	2021-05-31 18:05	asd80.exe b7c53f778e82c1594d8a1a27ebb65af0 AsyncRAT backdoor SMTP KeyLogger AntiDebug AntiVM PE File .NET EXE PE32 Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware suspicious privilege Malicious Traffic Check memory Checks debugger unpack itself Check virtual network interfaces VMware IP Check Tofsee Windows Browser Email ComputerName DNS Cryptographic key DDNS Software crashed	2 Keyword trend analysis	4	4		9.4		23	ZeroCERT

45033	2021-05-31 11:25	qv55b3lqjXhJQckX.jpg.ps1 6ee03a2d6b4558fa09cdf1e33dcaa897 Antivirus GIF Format VirusTotal Malware powershell suspicious privilege Malicious Traffic Check memory Checks debugger Creates shortcut Creates executable files unpack itself Check virtual network interfaces suspicious process WriteConsoleW Tofsee Windows ComputerName DNS Cryptographic key	4 Keyword trend analysis Info https://cdn.discordapp.com/attachments/834258459628535898/846168516519657512/firefox.bat - rule_id: 1678 https://cdn.discordapp.com/attachments/834258459628535898/846168516519657512/firefox.bat https://cdn.discordapp.com/attachments/834258459628535898/844363329371897866/firefox.lnk - rule_id: 1677 https://cdn.discordapp.com/attachments/834258459628535898/844363329371897866/firefox.lnk	4	1	2	9.4		1	ZeroCERT

45034	2021-05-31 11:15	NmX.txt.html f69a35821e442a111ebbe08c7fc22060 VBScript PowerShell Obfuscated File VirusTotal Malware crashed					0.8	M	17	r0d

45035	2021-05-31 11:05	ao.exe b1d319888860b7a6400c5e5099d59e48 Amadey PWS Loki[b] Loki[m] Admin Tool Sysinternals Antivirus HTTP Code injection Http API Internet API AntiDebug AntiVM PE File .NET EXE PE32 DLL JPEG Format Malware download Amadey FTP Client Info Stealer ENERGETIC BEAR VirusTotal Email Client Info Stealer Malware powershell AutoRuns suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted Creates shortcut Creates executable files unpack itself Windows utilities Disables Windows Security powershell.exe wrote suspicious process AppData folder sandbox evasion WriteConsoleW Windows Email ComputerName DNS Cryptographic key Software crashed	3 Keyword trend analysis	1	5		20.2	M	45	r0d

45036	2021-05-31 09:37	Ls_Droid_v1.1.9.0.exe a1459b6cd648d10da05707b69166d2f6 Anti_VM .NET EXE PE File PE32 VirusTotal Malware Malicious Traffic Check memory Checks debugger buffers extracted ICMP traffic unpack itself Checks Bios Detects VMWare Check virtual network interfaces VMware anti-virtualization Tofsee Windows Firmware crashed	1 Keyword trend analysis	3	1		9.2	M	31	ZeroCERT

45037	2021-05-31 09:35	jaja.exe 54262706e573614d224fec09edb4f7cf Malicious Library Antivirus SMTP KeyLogger AntiDebug AntiVM .NET EXE PE File PE32 Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware powershell AutoRuns suspicious privilege Code Injection Check memory Checks debugger buffers extracted Creates shortcut unpack itself Disables Windows Security powershell.exe wrote suspicious process WriteConsoleW Windows Browser Email ComputerName Cryptographic key Software crashed keylogger					16.2		46	ZeroCERT

45038	2021-05-31 09:32	new.exe 03abf4527d2c88e4716e194e93c9b07b AsyncRAT backdoor PWS .NET framework AntiDebug AntiVM .NET EXE PE File PE32 VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself Windows Cryptographic key					7.8		40	ZeroCERT

45039	2021-05-31 09:32	ccsetup579.exe 195eecffa8cb3f26eb11eb4aa379eaf6 AsyncRAT backdoor Antivirus DNS Socket HTTP Code injection Http API Internet API ScreenShot Downloader AntiDebug AntiVM .NET EXE PE File PE32 VirusTotal Malware powershell suspicious privilege Code Injection Check memory Checks debugger buffers extracted Creates shortcut unpack itself powershell.exe wrote suspicious process AppData folder Windows ComputerName Cryptographic key crashed					10.4	M	42	ZeroCERT

45040	2021-05-31 09:31	NmX.txt.html f69a35821e442a111ebbe08c7fc22060 Antivirus AntiDebug AntiVM VirusTotal Malware powershell suspicious privilege MachineGuid Code Injection Check memory Checks debugger Creates shortcut unpack itself Windows utilities powershell.exe wrote suspicious process Windows ComputerName DNS Cryptographic key	4 Keyword trend analysis Info https://lavishcuisine.com/wp-content/uploads/2015/qv55b3lqjXhJQckX.jpg https://cdn.discordapp.com/attachments/834258459628535898/844363329371897866/firefox.lnk https://cdn.discordapp.com/attachments/834258459628535898/846168516519657512/firefox.bat https://lavishcuisine.com/wp-content/uploads/2015/v4ZH58inZ8qGCx2B.jpg	2			6.8		17	ZeroCERT

45041	2021-05-31 09:31	al.exe 52abd9b0522751f14763b92baf4afa37 NPKI Antivirus PE64 PE File VirusTotal Malware powershell suspicious privilege MachineGuid Check memory Checks debugger Creates shortcut Creates executable files unpack itself powershell.exe wrote suspicious process Windows ComputerName Cryptographic key					7.4		36	ZeroCERT

45042	2021-05-31 09:21	filename.exe 6196cc4ad4f0a19ace433c987b0fc94a Generic Malware Malicious Packer PE File OS Processor Check PE32 PDB unpack itself Windows RCE crashed					2.4			ZeroCERT

45043	2021-05-31 09:21	clip.exe 24b6fa846f9d1e068e55654ab7ab451b Malicious Library PE File PE32 OS Processor Check DLL VirusTotal Malware Check memory Creates executable files unpack itself Windows utilities suspicious process AppData folder WriteConsoleW Windows ComputerName DNS					5.4	M	56	ZeroCERT

45044	2021-05-31 09:19	ao.exe b1d319888860b7a6400c5e5099d59e48 .NET EXE PE File PE32 VirusTotal Malware Check memory Checks debugger unpack itself					2.0	M	45	ZeroCERT

45045	2021-05-31 09:19	drunk.exe 3b053dc6b2a1fd69b96cde6a7d320034 AsyncRAT backdoor PWS .NET framework .NET EXE PE File PE32 VirusTotal Malware PDB suspicious privilege MachineGuid Malicious Traffic Check memory Checks debugger unpack itself Check virtual network interfaces IP Check ComputerName DNS crashed	1 Keyword trend analysis	3	1		6.6	M	55	ZeroCERT