Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Score	Zero	VT	Player
45571	2024-06-25 07:53	chromedriver.exe 7e9e5a3bb475784e3fd62cd8ec68901b Malicious Library .NET framework(MSIL) PE File .NET EXE PE32 VirusTotal Malware Check memory Checks debugger unpack itself ComputerName				2.6	M	53	ZeroCERT

45572	2024-06-25 07:55	288c47bbc1871b439df19ff4df68f0... ba354d029f0e09cb6b02a4c196524da4 Generic Malware Malicious Library UPX PE File .NET EXE PE32 OS Processor Check VirusTotal Malware Check memory Checks debugger Creates executable files unpack itself AppData folder				3.6		57	ZeroCERT

45573	2024-06-25 07:55	pic2.exe 5f9be6e22310cc089a32fac1d037ced4 UPX PE File PE32 VirusTotal Malware				1.6		18	ZeroCERT

45574	2024-06-25 07:57	Main.exe 9ec7f08c85bfa1b267761f225b68ab0b Malicious Library Antivirus UPX PE File PE32 OS Processor Check VirusTotal Malware Telegram MachineGuid Malicious Traffic WMI Tofsee ComputerName DNS crashed	2 Keyword trend analysis	5	3	6.2	M	61	ZeroCERT

45575	2024-06-25 07:57	googleads.exe 7226b083a46c85f292f6dbfae79b431e RedLine stealer ILProtector Packer Malicious Library .NET framework(MSIL) UPX PE File .NET EXE PE32 OS Processor Check VirusTotal Malware suspicious privilege MachineGuid Check memory Checks debugger unpack itself Windows DNS Cryptographic key		1		4.4		54	ZeroCERT

45576	2024-06-25 07:59	TgFr.exe be49a59064751d54c9936b9b03854ad8 RedLine stealer RedlineStealer Malicious Library .NET framework(MSIL) UPX PE File .NET EXE PE32 OS Processor Check Browser Info Stealer RedLine Malware download FTP Client Info Stealer VirusTotal Malware Microsoft suspicious privilege Check memory Checks debugger buffers extracted unpack itself Collect installed applications installed browsers check Stealer Windows Browser ComputerName DNS Cryptographic key Software crashed		1	5 Info ET INFO Microsoft net.tcp Connection Initialization Activity ET MALWARE Redline Stealer TCP CnC Activity ET MALWARE [ANY.RUN] RedLine Stealer/MetaStealer Family Related (MC-NMF Authorization) ET MALWARE Redline Stealer TCP CnC - Id1Response ET MALWARE Redline Stealer/MetaStealer Family Activity (Response)	6.2		58	ZeroCERT

45577	2024-06-25 09:12	notorious.doc 2d1b096a33d1b673fd06db9f3e861761 MS_RTF_Obfuscation_Objects RTF File doc RedLine Malware download VirusTotal Malware RWX flags setting exploit crash suspicious TLD IP Check Tofsee Stealer Exploit Browser DNS crashed	3 Keyword trend analysis	10	9 Info ET INFO External IP Lookup Domain (ipify .org) in DNS Lookup SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) ET DNS Query to a *.top domain - Likely Hostile ET INFO External IP Address Lookup Domain (ipify .org) in TLS SNI ET MALWARE RedLine Stealer - CheckConnect Response ET MALWARE Win32/LeftHook Stealer Browser Extension Config Inbound ET MALWARE Redline Stealer/MetaStealer Family Activity (Response) ET POLICY Possible External IP Lookup Domain Observed in SNI (ipinfo. io) SURICATA HTTP unable to match response to request	4.8	M	27	ZeroCERT

45578	2024-06-26 07:32	rise2406.exe c6c9f27d335d4e47b5ea12653e806be6 Generic Malware Malicious Library UPX PE File PE32 OS Processor Check VirusTotal Malware unpack itself WriteConsoleW crashed				2.6		56	ZeroCERT

45579	2024-06-26 07:32	meta2406.exe b60d8d01724703616e7cbbd320a9bd75 Generic Malware Malicious Library UPX PE File PE32 OS Processor Check VirusTotal Malware unpack itself WriteConsoleW crashed				2.6		57	ZeroCERT

45580	2024-06-26 07:34	vidar2406.exe c64af626c4ed0784e010f5f2210e97f4 Generic Malware Malicious Library UPX PE File PE32 OS Processor Check VirusTotal Malware unpack itself WriteConsoleW crashed				2.6	M	59	ZeroCERT

45581	2024-06-26 07:48	PO580.exe 0815923728c22dbce41267fcc92aa214 Malicious Library PE File PE64 VirusTotal Malware MachineGuid Check memory Checks debugger unpack itself Windows Cryptographic key crashed				2.6		40	ZeroCERT

45582	2024-06-26 07:49	fXYe6uFLSHC8.exe edc1804284921cdf6149815c944cf35e Generic Malware Malicious Library Malicious Packer UPX PE File PE64 DllRegisterServer dll OS Processor Check VirusTotal Malware				1.2		28	ZeroCERT

45583	2024-06-26 07:52	1.exe 97175eb8e852354cefb670f6863bb703 Malicious Library UPX PE File PE32 OS Processor Check VirusTotal Malware				1.2		28	ZeroCERT

45584	2024-06-26 07:54	200.exe bd8816b95ee5ec22fc9782e15f45e11a Malicious Library PE File PE32 VirusTotal Malware				2.0		43	ZeroCERT

45585	2024-06-26 07:55	spain.exe 1ca5ad32b7aa3fec3d64a98b0933cfd0 Gen1 Generic Malware Malicious Library ASPack UPX Malicious Packer Anti_VM PE File PE64 OS Processor Check DLL ZIP Format VirusTotal Malware Check memory Creates executable files				1.8		43	ZeroCERT