popup

Submissions

No Date Request Urls Hosts IDS Rule Score Zero VT Player Etc
45121 2021-05-26 09:48 New%20Order.exe  

9686d7f5778397a1727d314553f126d4


Antivirus .NET EXE PE File PE32 VirusTotal Malware powershell suspicious privilege Check memory Checks debugger Creates shortcut Creates executable files unpack itself Windows utilities Disables Windows Security powershell.exe wrote suspicious process AppData folder sandbox evasion WriteConsoleW Ransomware Windows ComputerName Cryptographic key crashed 		8.6 M 19 ZeroCERT

45122 2021-05-26 09:45 y5.exe  

a923bf5fba472d85713560b15ccede99


PWS .NET framework Malicious Library AntiDebug AntiVM .NET EXE PE File PE32 VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself Windows Cryptographic key 		7.4 M 28 ZeroCERT

45123 2021-05-26 09:42 retretwork.exe  

0694273bf7ef4b376ea26ffc4434240e


PE File PE32 DLL Browser Info Stealer LokiBot Malware download FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware c&c suspicious privilege MachineGuid Malicious Traffic Check memory Creates executable files unpack itself AppData folder installed browsers check Browser Email ComputerName Software 		1 2 7 8.2 13 ZeroCERT

45124 2021-05-26 09:40 jexi_cry.exe  

6245b34a94512b3f2a8b753e7b8dd24f


AsyncRAT backdoor PWS .NET framework .NET EXE PE File PE32 VirusTotal Malware AutoRuns suspicious privilege Malicious Traffic Check memory Checks debugger buffers extracted unpack itself Windows utilities Check virtual network interfaces suspicious process Tofsee Windows DNS 		1 5 1 7.6 14 ZeroCERT

45125 2021-05-26 09:40 IMG_3615_763_8.exe  

87eb69c0cf08d284c76acc6666749a91


AsyncRAT backdoor AntiDebug AntiVM .NET EXE PE File PE32 FormBook Malware download VirusTotal Malware suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted unpack itself DNS crashed 		2 4 1 1 9.6 M 13 ZeroCERT

45126 2021-05-26 09:40 0551038.exe  

c43aa3df483f13d1690fa6d26b38c203


PWS Loki[b] Loki[m] AsyncRAT backdoor Gen1 Gen2 DNS Socket HTTP KeyLogger Http API Internet API ScreenShot AntiDebug AntiVM .NET EXE PE File PE32 DLL OS Processor Check Browser Info Stealer Malware download FTP Client Info Stealer Azorult VirusTotal Email Client Info Stealer Malware Cryptocurrency wallets Cryptocurrency MachineGuid Malicious Traffic Check memory Creates executable files unpack itself Collect installed applications AppData folder malicious URLs sandbox evasion anti-virtualization installed browsers check Ransomware Browser Email ComputerName Software 		1 2 1 10.4 M 10 ZeroCERT

45127 2021-05-26 09:39 gg5f2.exe  

2bb5676bd130e5516733682dc75da8df


AsyncRAT backdoor SMTP KeyLogger AntiDebug AntiVM .NET EXE PE File PE32 VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself Windows ComputerName DNS crashed 		9.4 M 28 ZeroCERT

45128 2021-05-26 09:37 tendsoleApp2.exe  

c7619cc4826449419e212b8bef448e4e


AsyncRAT backdoor AntiDebug AntiVM .NET EXE PE File PE32 VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger buffers extracted Creates executable files unpack itself AppData folder DNS crashed 		1 10.2 M 13 ZeroCERT

45129 2021-05-26 09:36 %E5%88%9B%E8%BE%89%E4%BC%81%E4...  

b002b1aef58889242163dba60b7d6a47


Gen2 Emotet PE File OS Processor Check PE32 VirusTotal Malware Check memory Creates executable files unpack itself AppData folder Tofsee Windows RCE crashed 		2 4 2 5.0 M 62 ZeroCERT

45130 2021-05-26 09:34 IMG_085_163_771.exe  

719fad1c99b366347fabab8b752a1826


AsyncRAT backdoor SMTP KeyLogger AntiDebug AntiVM .NET EXE PE File PE32 Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware suspicious privilege Malicious Traffic Check memory Checks debugger unpack itself Check virtual network interfaces VMware IP Check Tofsee Windows Browser Email ComputerName DNS Cryptographic key DDNS Software crashed 		2 4 4 9.2 M 15 ZeroCERT

45131 2021-05-26 09:34 ConsoleApp2.exe  

89c52df7d4bf97d0f9913dc89f6527b2


AsyncRAT backdoor SMTP KeyLogger AntiDebug AntiVM .NET EXE PE File PE32 VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself Windows ComputerName DNS crashed 		10.4 M 24 ZeroCERT

45132 2021-05-26 09:32 ahk.jpg  

4a5f8a1e40fb9eab2b8bd55efbe61a83


Gen2 Antivirus PE File OS Processor Check PE32 VirusTotal Malware powershell suspicious privilege Malicious Traffic Check memory Checks debugger Creates shortcut unpack itself powershell.exe wrote Check virtual network interfaces suspicious process WriteConsoleW Tofsee Windows ComputerName Cryptographic key 		2 2 1 7.2 M 26 ZeroCERT

45133 2021-05-26 09:31 %E6%9A%97%E5%B7%B7%E8%A7%86%E9...  

dab5d970f5261b346185007f25d3e5db


Gen1 Gen2 Emotet PE File PE32 OS Processor Check VirusTotal Malware Check memory buffers extracted unpack itself AppData folder sandbox evasion 		5.4 M 61 ZeroCERT

45134 2021-05-26 09:27 IMG_010436088.exe  

5551d898c7b1d405bec3f8bb14d9c87b


AsyncRAT backdoor SMTP KeyLogger AntiDebug AntiVM .NET EXE PE File PE32 VirusTotal Malware suspicious privilege Check memory Checks debugger unpack itself Windows ComputerName DNS crashed 		1 6.0 M 21 ZeroCERT

45135 2021-05-26 09:27 lv.exe  

8463e69ee4b0e16c4942d27175a00135


AgentTesla Gen1 Gen2 Malicious Library DGA DNS Socket Create Service Sniff Audio HTTP Escalate priviledges KeyLogger FTP Hijack Network Code injection Http API Internet API Steal credential ScreenShot Downloader P2P persistence AntiDebug AntiVM PE File PE VirusTotal Malware Code Injection Check memory Checks debugger Creates executable files unpack itself Windows utilities suspicious process AppData folder malicious URLs AntiVM_Disk WriteConsoleW VM Disk Size Check Windows DNS crashed 		2 7.8 M 29 ZeroCERT

keyword