Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	Score	Zero	VT	Player
46606	2021-04-08 09:02	6jhu8yhd.exe 77be0dd6570301acac3634801676b5d7 Ficker Stealer VirusTotal Malware ICMP traffic IP Check	1 Keyword trend analysis	4	3.2	M	58	ZeroCERT

46607	2021-04-08 07:24	7GsbE2ABGiKVr6O.exe 85721567263e6e9c268437b429f85bbd Google Chrome User Data browser info stealer AsyncRAT backdoor VirusTotal Malware Buffer PE suspicious privilege Code Injection Check memory Checks debugger buffers extracted Creates executable files unpack itself Windows utilities suspicious process AppData folder WriteConsoleW Windows ComputerName DNS DDNS keylogger		3	13.8		27	ZeroCERT

46608	2021-04-07 18:12	moneybit.exe cf528b119445c4d25a90e05bba8900c6 Azorult .NET framework AsyncRAT backdoor VirusTotal Malware Buffer PE AutoRuns suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted unpack itself Windows utilities Check virtual network interfaces suspicious process Windows DNS keylogger	1 Keyword trend analysis	5	15.2	M	33	ZeroCERT

46609	2021-04-07 18:09	1234.exe 21e89e596c315bab4c83983433b445c1 Azorult .NET framework Process Kill FindFirstVolume CryptGenKey AsyncRAT backdoor VirusTotal Malware suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted WMI Creates executable files unpack itself Check virtual network interfaces IP Check ComputerName DNS crashed	1 Keyword trend analysis	2	11.8	M	50	ZeroCERT

46610	2021-04-07 17:42	sample.exe 7f8a15aca0965d3ef7f5e36245ee20fa Azorult .NET framework AsyncRAT backdoor VirusTotal Malware suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted unpack itself Check virtual network interfaces Windows DNS Cryptographic key	4 Keyword trend analysis Info http://192.168.56.103:2869/upnphost/udhisapi.dll?content=uuid:d96d86f3-ac35-41f2-9523-f4e50073f2f3 http://192.168.56.103:5357/da8ea474-550f-433d-b444-54d2081d1d24/ http://192.168.56.103:2869/upnphost/udhisapi.dll?content=uuid:2d284ad3-5648-4376-8360-b0559e35418f https://www.bing.com/	4	12.4	M	53	조광섭

46611	2021-04-07 17:41	china.png 6be41709f8bfbf06307cc56d04249801 AsyncRAT backdoor VirusTotal Malware AutoRuns PDB MachineGuid Malicious Traffic Check memory Checks debugger buffers extracted Creates executable files unpack itself Check virtual network interfaces AppData folder Windows DNS		11 Info gwenetha.info(104.21.12.27) - malware iplogger.org(88.99.66.31) - mailcious whatitis.website() - mailcious pastebin.com(104.23.98.190) - mailcious cdn.discordapp.com(162.159.130.233) - malware 162.159.129.233 - malware 162.159.130.233 - malware 88.99.66.31 - mailcious 142.250.66.36 172.67.131.232 104.23.98.190 - mailcious	6.4	M	53	조광섭

46612	2021-04-07 17:41	resk8.exe ac9e6b5f93ae7560c74176cd4ec2d129 VirusTotal Malware Code Injection unpack itself DNS crashed	3 Keyword trend analysis		4.2	M	15	조광섭

46613	2021-04-07 17:37	china.png 6be41709f8bfbf06307cc56d04249801 AsyncRAT backdoor VirusTotal Malware AutoRuns PDB Malicious Traffic Check memory Checks debugger buffers extracted Creates executable files ICMP traffic unpack itself Detects VirtualBox Check virtual network interfaces AppData folder Windows	2 Keyword trend analysis	10 Info gwenetha.info(172.67.131.232) - malware cdn.discordapp.com(162.159.135.233) - malware whatitis.website() - mailcious pastebin.com(104.23.99.190) - mailcious iplogger.org(88.99.66.31) - mailcious 162.159.134.233 - malware 162.159.133.233 - malware 88.99.66.31 - mailcious 104.23.99.190 - mailcious 104.21.12.27 - malware	8.6	M	53	조광섭

46614	2021-04-07 17:36	sample.exe 7f8a15aca0965d3ef7f5e36245ee20fa Azorult .NET framework AsyncRAT backdoor VirusTotal Malware suspicious privilege Malicious Traffic Check memory Checks debugger buffers extracted unpack itself Check virtual network interfaces Windows	1 Keyword trend analysis	2	6.2	M	53	조광섭

46615	2021-04-07 17:36	resk8.exe ac9e6b5f93ae7560c74176cd4ec2d129 VirusTotal Malware Code Injection unpack itself DNS crashed	2 Keyword trend analysis		4.2	M	15	조광섭

46616	2021-04-07 17:32	sample.exe 7f8a15aca0965d3ef7f5e36245ee20fa Azorult .NET framework AsyncRAT backdoor VirusTotal Malware suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted unpack itself Check virtual network interfaces Windows DNS Cryptographic key	1 Keyword trend analysis	4	12.4	M	53	조광섭

46617	2021-04-07 17:28	sample.exe 7f8a15aca0965d3ef7f5e36245ee20fa Azorult .NET framework AsyncRAT backdoor VirusTotal Malware suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted unpack itself Check virtual network interfaces Windows DNS Cryptographic key	1 Keyword trend analysis	3	12.4	M	53	조광섭

46618	2021-04-07 17:28	sample.exe 7f8a15aca0965d3ef7f5e36245ee20fa Azorult .NET framework AsyncRAT backdoor VirusTotal Malware suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted unpack itself Check virtual network interfaces Windows DNS Cryptographic key	1 Keyword trend analysis	3	12.4	M	53	조광섭

46619	2021-04-07 17:27	moneybit.exe cf528b119445c4d25a90e05bba8900c6 Azorult .NET framework AsyncRAT backdoor VirusTotal Malware Buffer PE AutoRuns suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted unpack itself Windows utilities Check virtual network interfaces suspicious process Windows DNS keylogger	1 Keyword trend analysis	5	15.0	M	26	ZeroCERT

46620	2021-04-07 17:24	sample.exe 7f8a15aca0965d3ef7f5e36245ee20fa Azorult .NET framework AsyncRAT backdoor VirusTotal Malware suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted unpack itself Check virtual network interfaces Windows DNS Cryptographic key	1 Keyword trend analysis	3	12.4	M	53	조광섭