Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Score	Zero	VT	Player
45781	2021-05-03 17:02	lYS9YwR5POvhiaO.exe 6eafc7f23e078fbef788d517dd2c0114 Malicious Library SMTP KeyLogger AntiDebug AntiVM .NET EXE PE File PE32 VirusTotal Malware PDB suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself Windows utilities suspicious process WriteConsoleW Windows ComputerName Cryptographic key crashed				10.4	M	12	ZeroCERT

45782	2021-05-03 17:02	CGOCsebqORMb3Bo.exe cc27a3a4c648f4a7f5e5449c1dacd802 Malicious Library SMTP KeyLogger AntiDebug AntiVM .NET EXE OS Processor Check PE File PE32 VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself Windows utilities suspicious process WriteConsoleW Windows ComputerName DNS Cryptographic key crashed				10.8	M	14	ZeroCERT

45783	2021-05-03 17:00	kdotx.exe c7ac2a1e30b01678d51973aa253ff546 .NET EXE PE File PE32 VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger unpack itself suspicious process WriteConsoleW Windows DNS Cryptographic key				6.4	M	20	ZeroCERT

45784	2021-05-03 17:00	GtHkNHOJptpVTx0.exe f88f2eddb129a1ca98655d76ed0524af Malicious Library SMTP KeyLogger AntiDebug AntiVM .NET EXE PE File PE32 VirusTotal Malware PDB suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself Windows utilities suspicious process WriteConsoleW Windows ComputerName Cryptographic key crashed				11.4	M	12	ZeroCERT

45785	2021-05-03 16:57	prosperx.exe aa6168d4e41ced2091baee9f5d59e11e PE File PE32 DLL OS Processor Check VirusTotal Malware suspicious privilege Malicious Traffic Check memory Creates executable files unpack itself AppData folder	3 Keyword trend analysis Info http://www.mamapacho.com/xcl/?mJExMd=rRF6wUI3ZhpfbZgF2Y+3InukcIVyWBz1vsPJWbFlIMo0SBfoPh+8CYvjkPbPIFulITKe8rBE&_joT_=Zfdl70hxJB http://www.crystalwiththecrystalz.com/xcl/?mJExMd=22pQot5QhP0reu3QutJgiv1bb8fa3vwFu9urOUpD05nkspV5DBFZiUUJP7Fmb0DNUG1du7Kn&_joT_=Zfdl70hxJB http://www.print12580.com/xcl/?mJExMd=5aEa/bF6qdarcChzQR50qpWbd544aitgDS9a2klJHHN/Qgk1YZlctc871lRMm/sbN3yYYw6h&_joT_=Zfdl70hxJB	7		4.0	M	13	ZeroCERT

45786	2021-05-03 16:57	vbc.exe 3f1ef1dd98cc11a613f80bfbc728adfe Malicious Library SMTP KeyLogger AntiDebug AntiVM .NET EXE PE File PE32 VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself Windows ComputerName DNS Cryptographic key crashed		1		9.6	M	22	ZeroCERT

45787	2021-05-03 16:56	calc.txt 59e1199f32a8f13b0efbdd092b02b165 AgentTesla AsyncRAT backdoor PWS .NET framework email stealer browser info stealer Google Chrome User Data DNS Socket KeyLogger ScreenShot AntiDebug AntiVM .NET EXE PE File PE32 VirusTotal Malware suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted RWX flags setting unpack itself Check virtual network interfaces Tofsee Windows ComputerName DNS crashed	1 Keyword trend analysis	3	1	11.0		16	ZeroCERT

45788	2021-05-03 16:55	shedyx.exe eef95dc191a017e573233a95dc280409 Malicious Library Antivirus .NET EXE PE File PE32 VirusTotal Malware powershell suspicious privilege Code Injection Check memory Checks debugger Creates shortcut unpack itself Windows utilities powershell.exe wrote suspicious process WriteConsoleW Windows ComputerName Cryptographic key				7.6		14	ZeroCERT

45789	2021-05-03 16:52	Naokyle.exe 9b807ec7d5c9fa755cd95453f9a7c0d0 AsyncRAT backdoor AgentTesla AntiDebug AntiVM .NET EXE PE File PE32 VirusTotal Malware Malicious Traffic malicious URLs ComputerName DNS	1 Keyword trend analysis	3		4.6	M	21	ZeroCERT

45790	2021-05-03 16:52	5bXw21jauyHi85L.exe 9da5129864c291e4a906fb6c7f39c2e7 Malicious Library SMTP KeyLogger AntiDebug AntiVM .NET EXE PE File PE32 VirusTotal Malware AutoRuns PDB suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself Windows ComputerName DNS Cryptographic key crashed				10.8		15	ZeroCERT

45791	2021-05-03 16:50	Pcsyh.exe 2b4a1bcc464360c350c05bf9fbb18ce3 AsyncRAT backdoor AgentTesla AntiDebug AntiVM .NET EXE PE File PE32 VirusTotal Malware Malicious Traffic malicious URLs ComputerName DNS	1 Keyword trend analysis	3		4.6	M	20	ZeroCERT

45792	2021-05-03 16:50	yMfDYTbuXFGA7nz.exe d5eacb59bb0a82c6c21951eaacceb5ee Malicious Library .NET EXE PE File PE32 VirusTotal Malware Check memory Checks debugger unpack itself Windows DNS Cryptographic key				2.6		17	ZeroCERT

45793	2021-05-03 16:48	po.exe ece4ddb9aaa8891aad47530a0b576454 AsyncRAT backdoor PWS .NET framework Malicious Packer SMTP KeyLogger AntiDebug AntiVM .NET EXE PE File PE32 VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger buffers extracted Creates executable files unpack itself Windows utilities suspicious process AppData folder WriteConsoleW Windows ComputerName crashed				11.4		16	ZeroCERT

45794	2021-05-03 16:48	cred.dll 985f9c4d8bf231ca08046bcd44d558eb PWS Loki DLL PE File PE32 FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware Malicious Traffic Check memory Checks debugger unpack itself Email DNS Software	1 Keyword trend analysis	1	1	5.6		38	ZeroCERT

45795	2021-05-03 09:10	retrieveit2.cgi c6a6b73319e0691f9c2098d004a9da5c AsyncRAT backdoor .NET EXE PE File PE32 GIF Format Malware download njRAT NetWireRC VirusTotal Malware AutoRuns suspicious privilege Check memory Checks debugger Creates shortcut Creates executable files unpack itself Windows utilities Windows ComputerName DNS crashed		1	1	6.6		46	ZeroCERT