Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Score	Zero	VT	Player
45511	2024-06-21 07:43	Downaqzh.exe 6a7249eb490ea7acc9a151769b32ed70 Generic Malware UPX PE File PE32 VirusTotal Malware Checks debugger Windows	1 Keyword trend analysis	2	1	2.2		47	ZeroCERT

45512	2024-06-21 07:45	crt.exe 1474c5d842d1a4ba2c592930a42c3a80 Emotet Gen1 Generic Malware Malicious Library UPX PE File PE32 MZP Format DLL PE64 OS Processor Check DllRegisterServer dll ftp VirusTotal Malware Check memory Checks debugger Creates executable files unpack itself AppData folder ComputerName crashed				3.2		18	ZeroCERT

45513	2024-06-21 07:47	setup.exe 24f3dab39795bb7a131b8f685aad74bb Generic Malware Malicious Library Antivirus AntiDebug AntiVM PE File PE32 PowerShell VirusTotal Malware powershell suspicious privilege Code Injection Check memory Checks debugger WMI Creates shortcut Creates executable files RWX flags setting unpack itself Windows utilities Disables Windows Security Checks Bios powershell.exe wrote suspicious process WriteConsoleW anti-virtualization Windows ComputerName Cryptographic key				11.6		35	ZeroCERT

45514	2024-06-21 07:48	quickaccesspopup.exe 485f067cd96326fab6f9cd21e2f01ccb Generic Malware Malicious Library Malicious Packer UPX PE File PE64 DllRegisterServer dll OS Processor Check VirusTotal Malware				1.0		39	ZeroCERT

45515	2024-06-21 07:51	deep.exe 864d1a4e41a56c8f2e7e7eec89a47638 Generic Malware Themida Packer Malicious Library WinRAR UPX PE File PE32 OS Processor Check .NET EXE VirusTotal Malware PDB suspicious privilege Check memory Checks debugger Creates executable files unpack itself Checks Bios Detects VMWare AppData folder AntiVM_Disk VMware anti-virtualization VM Disk Size Check Windows ComputerName Remote Code Execution Firmware crashed				8.0		45	ZeroCERT

45516	2024-06-21 07:53	avg_secure_browser_setup.exe 13b3860a2827e505cb6de1418f640b16 HermeticWiper NSIS Generic Malware PhysicalDrive Malicious Library UPX Malicious Packer PE File PE32 DLL DllRegisterServer dll OS Processor Check MSOffice File CAB PE64 Browser Info Stealer VirusTotal Malware AutoRuns suspicious privilege Malicious Traffic Check memory Checks debugger buffers extracted Creates executable files RWX flags setting unpack itself Windows utilities Collect installed applications Auto service Check virtual network interfaces AppData folder sandbox evasion anti-virtualization installed browsers check Tofsee Ransomware Fortinet Windows Browser ComputerName Firmware crashed	4 Keyword trend analysis Info http://browser-update.avg.com/browser-avg/win/x64/109.0.24252.121/AVGBrowserInstaller.exe https://stats.securebrowser.com/?_=1718955853989&retry_tracking_count=0&last_request_error_code=0&last_request_error_message=&last_request_status=0&last_request_system_error=0&request_proxy=0 https://update.avgbrowser.com/service/update2 https://update.avgbrowser.com/service/update2?cup2key=9:2906594695&cup2hreq=1a77176c46ecf7b2954c2373054d5a3b455eb7a159f1b6ad23c4e5706d55a272	6	2	19.8		4	ZeroCERT

45517	2024-06-21 09:35	Downdd.exe f6be85b0254a308f77189fc96fa6f38e CoinMiner AutoIt Generic Malware UPX PE File PE32 VirusTotal Malware Check memory Checks debugger unpack itself				3.0	M	53	r0d

45518	2024-06-21 09:45	Invoice.bat 4e93a25a919fdb46bd3155c66cb16c61 Generic Malware Downloader Antivirus Create Service Socket DGA Http API ScreenShot Escalate priviledges Steal credential PWS Sniff Audio HTTP DNS Code injection Internet API FTP KeyLogger P2P AntiDebug AntiVM VirusTotal Malware powershell suspicious privilege Code Injection Check memory Checks debugger Creates shortcut unpack itself Windows utilities powershell.exe wrote suspicious process WriteConsoleW Windows ComputerName Cryptographic key				5.6		4	ZeroCERT

45519	2024-06-21 09:45	Invoice.bat 45c581bf3caca47ff9f0515f42571935 Generic Malware Downloader Antivirus Create Service Socket DGA Http API ScreenShot Escalate priviledges Steal credential PWS Sniff Audio HTTP DNS Code injection Internet API FTP KeyLogger P2P AntiDebug AntiVM powershell suspicious privilege Code Injection Check memory Checks debugger Creates shortcut unpack itself Windows utilities powershell.exe wrote suspicious process WriteConsoleW Windows ComputerName Cryptographic key				5.2			ZeroCERT

45520	2024-06-21 09:45	slip5683.pdf.exe 2c7be29b02d725b0fd09b7f832d8d288 Gen1 Generic Malware Malicious Library WinRAR UPX Malicious Packer PE File PE64 OS Processor Check DLL PDB Creates executable files Remote Code Execution				2.6			ZeroCERT

45521	2024-06-21 09:48	see.exe 2b9dd031eeb129f66c079b1c59b5f9d9 Gen1 Generic Malware Malicious Library WinRAR UPX Malicious Packer PE File PE64 OS Processor Check DLL PDB Creates executable files unpack itself Remote Code Execution				3.0			ZeroCERT

45522	2024-06-21 09:49	79973772993.pdf.lnk e1e2e0cf2113a375950c57f87e265345 Generic Malware Antivirus AntiDebug AntiVM GIF Format Lnk Format VirusTotal Malware powershell suspicious privilege Code Injection Check memory Checks debugger Creates shortcut unpack itself powershell.exe wrote suspicious process WriteConsoleW Windows ComputerName Cryptographic key	1 Keyword trend analysis			5.0		23	ZeroCERT

45523	2024-06-21 09:49	vncDbnt.exe 3597cd93701c4505d035a34271e0b931 CoinMiner AutoIt Generic Malware UPX PE File PE32 VirusTotal Malware Check memory Checks debugger Windows utilities suspicious process sandbox evasion WriteConsoleW Windows				4.0		54	ZeroCERT

45524	2024-06-21 09:50	WezoAutoUP.exe 46748aff6fcab034d0affddc99c6d876 CoinMiner Emotet AutoIt Generic Malware Suspicious_Script_Bin UPX Malicious Library Malicious Packer MPRESS PE File PE32 DLL MSOffice File OS Processor Check PE64 VirusTotal Malware AutoRuns suspicious privilege Check memory Checks debugger Creates executable files Windows utilities Check virtual network interfaces suspicious process AppData folder sandbox evasion WriteConsoleW Windows crashed	13 Keyword trend analysis Info http://wieie.cn:8765/wzoptBmp.exe http://wieie.cn:8765/DelHosts.exe http://dl-cn.verysync.com/releases/ http://wieie.cn:8765/changezuhaolnk.exe http://wieie.cn:8765/dbzclientUpdate.exe http://wieie.cn:8765/WezoEventUP.exe http://wieie.cn:8765/sysup.exe http://wieie.cn:8765/wzoptup.exe http://wieie.cn:8765/arpwriteIni.exe http://wieie.cn:8765/storyhosts.exe http://wieie.cn:8765/Config.ini http://dl-cn.verysync.com/releases/v2.15.0/verysync-windows-amd64-v2.15.0.zip http://wieie.cn:8765/DownVerySync.exe	4	4	9.4		51	ZeroCERT

45525	2024-06-21 15:17	RobloxPlayerInstaller.exe c484a17ffc8468f2815c0798a53427b8 Gen1 Generic Malware Malicious Library Malicious Packer UPX PE File ftp PE32 OS Processor Check VirusTotal Malware PDB Remote Code Execution crashed				2.0		12	ZeroCERT