Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Rule	Score	Zero	VT	Player
45361	2024-06-16 10:20	services64.exe c8a50a6f1f73df72de866f6131346e69 PE64 PE File VirusTotal Malware DNS		2			2.4	M	51	ZeroCERT

45362	2024-06-16 10:22	1019430.exe d235285e6e98fcda120673a5bd248341 Generic Malware Malicious Library PE File PE32 DNS		1			1.8	M		ZeroCERT

45363	2024-06-16 10:22	random.exe 483f8eb0fa59b79caed6c4906bc55e67 Browser Login Data Stealer Generic Malware Malicious Library UPX PE File PE32 OS Processor Check Browser Info Stealer VirusTotal Malware MachineGuid Code Injection Check memory Checks debugger exploit crash installed browsers check Exploit Browser crashed					4.2	M	29	ZeroCERT

45364	2024-06-16 10:23	WB.exe 2ca46e1c431bc4a3e5a01921e1e13a50 Emotet Generic Malware Downloader ASPack UPX Malicious Packer Malicious Library Anti_VM AntiDebug AntiVM PE File PE32 DllRegisterServer dll OS Processor Check JPEG Format DLL MZP Format VirusTotal Malware Buffer PE AutoRuns suspicious privilege Code Injection Check memory buffers extracted Creates executable files RWX flags setting unpack itself AppData folder sandbox evasion WriteConsoleW installed browsers check Tofsee Windows Browser Advertising Google ComputerName Remote Code Execution DNS DDNS crashed keylogger	3 Keyword trend analysis Info http://freedns.afraid.org/api/?action=getdyndns&sha=a30fa98efc092684e8d1c5cff797bcc613562978 https://drive.usercontent.google.com/download?id=0BxsMXGfPIZfSVlVsOGlEVGxuZVk&export=download https://drive.usercontent.google.com/download?id=0BxsMXGfPIZfSTmlVYkxhSDg5TzQ&export=download	13 Info www.dropbox.com(162.125.84.18) - mailcious drive.usercontent.google.com(142.250.206.193) - mailcious freedns.afraid.org(69.42.215.252) docs.google.com(172.217.25.174) - mailcious xred.mooo.com() - mailcious ddos.dnsnb8.net(44.221.84.105) - mailcious 142.250.66.129 44.221.84.105 51.15.193.130 216.58.203.78 38.147.172.248 69.42.215.252 162.125.84.18 - mailcious	2		17.0	M	32	ZeroCERT

45365	2024-06-16 10:25	hecto.scr 6f7f8c5a5e2ee030b2ad60fc83a84ecf AgentTesla Malicious Library .NET framework(MSIL) UPX PWS SMTP KeyLogger AntiDebug AntiVM PE File .NET EXE PE32 Browser Info Stealer FTP Client Info Stealer Email Client Info Stealer Buffer PE suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself malicious URLs Browser Email ComputerName Software crashed					9.4	M		ZeroCERT

45366	2024-06-16 10:26	jiali.exe 6c63f5db1f5beff0a1cb3af035ca3d4c Generic Malware Malicious Packer Malicious Library Downloader ASPack UPX Anti_VM DllRegisterServer dll PE File PE32 OS Processor Check VirusTotal Malware suspicious privilege Creates executable files unpack itself AppData folder sandbox evasion WriteConsoleW installed browsers check Browser Remote Code Execution DNS		4			6.4	M	45	ZeroCERT

45367	2024-06-16 10:26	svchost.exe ec53a8918d3a2994f8cba8169e20be0d Generic Malware Malicious Library UPX DllRegisterServer dll PE File PE32 OS Processor Check VirusTotal Malware unpack itself Remote Code Execution					2.4	M	50	ZeroCERT

45368	2024-06-16 10:26	x86_0729_1.exe 5fd66ba54fdd540072eeea86213c351b Generic Malware Malicious Packer Malicious Library Downloader UPX PE File PE32 OS Processor Check VirusTotal Malware AutoRuns PDB suspicious privilege sandbox evasion WriteConsoleW Windows Advertising Remote Code Execution Firmware DNS crashed		1			8.0	M	49	ZeroCERT

45369	2024-06-16 10:27	3-1.exe 0c52be0ed6803e36100228e2b0671b4a Generic Malware Malicious Library ASPack UPX Malicious Packer AntiDebug AntiVM DllRegisterServer dll PE File PE32 OS Processor Check JPEG Format DLL MZP Format VirusTotal Malware Buffer PE AutoRuns suspicious privilege Code Injection Check memory buffers extracted Creates executable files RWX flags setting unpack itself Windows utilities AppData folder sandbox evasion Tofsee Windows Browser Advertising Google ComputerName Remote Code Execution DNS DDNS crashed keylogger	3 Keyword trend analysis Info http://freedns.afraid.org/api/?action=getdyndns&sha=a30fa98efc092684e8d1c5cff797bcc613562978 https://drive.usercontent.google.com/download?id=0BxsMXGfPIZfSVlVsOGlEVGxuZVk&export=download https://drive.usercontent.google.com/download?id=0BxsMXGfPIZfSTmlVYkxhSDg5TzQ&export=download	12 Info www.dropbox.com(162.125.84.18) - mailcious drive.usercontent.google.com(142.250.207.97) - mailcious freedns.afraid.org(69.42.215.252) docs.google.com(172.217.25.174) - mailcious xred.mooo.com() - mailcious smtp.163.com(103.129.252.45) 103.129.252.45 142.250.66.129 142.251.222.206 38.147.172.248 69.42.215.252 162.125.84.18 - mailcious	3		15.8	M	63	ZeroCERT

45370	2024-06-16 10:29	2.exe 1046a5b7a54fe184ab79e8925f1bfafe Generic Malware Malicious Packer Malicious Library ASPack UPX DllRegisterServer dll PE File PE32 OS Processor Check VirusTotal Malware Check memory Creates shortcut unpack itself Remote Code Execution DNS	1 Keyword trend analysis	3			4.0	M	48	ZeroCERT

45371	2024-06-16 10:30	12121212121.exe 777396c8d1529dad186a2e954ab9a40c Emotet Generic Malware Malicious Library Downloader ASPack UPX Malicious Packer Anti_VM DllRegisterServer dll PE File PE32 OS Processor Check VirusTotal Malware suspicious privilege Creates executable files Windows utilities AppData folder WriteConsoleW installed browsers check Windows Browser Remote Code Execution	1 Keyword trend analysis	4	1		5.4	M	56	ZeroCERT

45372	2024-06-16 10:31	x86_0802_1.exe 02bb63e3838307c0a3f20c84089b2055 Generic Malware Malicious Packer Malicious Library Downloader UPX PE File PE32 OS Processor Check VirusTotal Malware PDB sandbox evasion WriteConsoleW Remote Code Execution DNS crashed		1			5.0	M	49	ZeroCERT

45373	2024-06-16 10:31	random.exe 11afad19e16fa87f34c05c8e61e78811 Amadey PE File PE32 VirusTotal Malware AutoRuns Malicious Traffic Checks debugger unpack itself Checks Bios Detects VMWare AppData folder VMware anti-virtualization Windows DNS crashed	1 Keyword trend analysis	2		1	10.0	M	41	ZeroCERT

45374	2024-06-16 10:33	output_64.exe 8018029cb32fd2517865b0145dea21e7 Generic Malware Malicious Library PE64 PE File VirusTotal Malware DNS		1			3.4	M	62	ZeroCERT

45375	2024-06-16 10:35	x86_0929_2.exe dbe26ec226d4e3830352693e0fbb5f56 Generic Malware Malicious Packer Malicious Library UPX PE File PE32 OS Processor Check VirusTotal Malware AutoRuns PDB suspicious privilege WriteConsoleW Windows Advertising Remote Code Execution Firmware DNS crashed		1			7.0	M	27	ZeroCERT