Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Score	Zero	VT	Player
46876	2024-08-10 12:32	rutua.dll ff432e4003e9d7135a97bd4dc0445dc3 Generic Malware PE File DLL PE32 VirusTotal Malware Checks debugger unpack itself crashed				2.2	M	24	ZeroCERT

46877	2024-08-10 12:34	files1.exe 4cdc75abeab5351f2abc572869d70592 Malicious Library Malicious Packer .NET framework(MSIL) UPX PE File .NET EXE PE32 OS Processor Check VirusTotal Malware Check memory Checks debugger unpack itself ComputerName				2.4	M	24	ZeroCERT

46878	2024-08-10 12:34	CW.exe d3a4c97bab4c5dc62e4144f68f11b6ef Lumma Stealer UPX PE File PE32 VirusTotal Malware				1.2	M	59	ZeroCERT

46879	2024-08-10 12:37	66b4f6893d3c3_shapr3D.exe 7b873ae5a7cd923a0cc5ac12107da0f2 Generic Malware Malicious Library Malicious Packer Antivirus UPX Anti_VM DllRegisterServer dll PE File PE64 OS Processor Check VirusTotal Malware				0.8	M	22	ZeroCERT

46880	2024-08-10 12:37	Operation6572.exe 913bdfccaaed0a1ed80d2c52e5f5d7c3 RedLine stealer ILProtector Packer Malicious Library .NET framework(MSIL) UPX PE File .NET EXE PE32 OS Processor Check VirusTotal Malware suspicious privilege Check memory Checks debugger unpack itself Windows Cryptographic key				2.6	M	61	ZeroCERT

46881	2024-08-10 12:39	66b11f4cc8fbf_MarriageWriters.... 9347630d9d6b626d7fefbbdea5d20fe9 Generic Malware Downloader Malicious Library UPX Create Service Socket DGA Http API ScreenShot Escalate priviledges Steal credential PWS Hijack Network Sniff Audio HTTP DNS Code injection Internet API persistence FTP KeyLogger P2P AntiDebug AntiVM PE File VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger WMI Creates executable files unpack itself Windows utilities suspicious process AppData folder malicious URLs WriteConsoleW Windows ComputerName				6.4	M	7	ZeroCERT

46882	2024-08-10 12:39	TY.exe 647e8e43c97dc66c0049f96a0b7d7e21 Generic Malware Malicious Library ScreenShot AntiDebug AntiVM PE File .NET EXE PE32 VirusTotal Malware PDB suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted unpack itself Check virtual network interfaces Windows DNS	1 Keyword trend analysis	1	5 Info ET DROP Spamhaus DROP Listed Traffic Inbound group 23 ET INFO Executable Download from dotted-quad Host ET POLICY PE EXE or DLL Windows file download HTTP ET INFO Executable Retrieved With Minimal HTTP Headers - Potential Second Stage Download ET HUNTING SUSPICIOUS Dotted Quad Host MZ Response	11.4	M	47	ZeroCERT

46883	2024-08-10 12:41	crt.exe 407a2a4a7a9136842729bfa95ac73238 Emotet Gen1 Malicious Library UPX PE File PE32 MZP Format PE64 DLL DllRegisterServer dll OS Processor Check VirusTotal Malware Check memory Checks debugger Creates executable files unpack itself AppData folder				2.2	M	8	ZeroCERT

46884	2024-08-10 12:42	runtime.exe 7adfc6a2e7a5daa59d291b6e434a59f3 Generic Malware Malicious Library UPX PE File PE32 OS Processor Check suspicious privilege Code Injection Check memory Checks debugger WMI Creates executable files Windows utilities suspicious process AppData folder sandbox evasion WriteConsoleW Windows ComputerName				5.2	M		ZeroCERT

46885	2024-08-10 12:43	WC.exe 5d02e21a087c56c1678ebc116ddaeec0 Generic Malware Malicious Library Antivirus AntiDebug AntiVM PE File .NET EXE PE32 VirusTotal Malware powershell PDB suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted Creates shortcut unpack itself powershell.exe wrote Check virtual network interfaces suspicious process WriteConsoleW Windows ComputerName DNS Cryptographic key	1 Keyword trend analysis	2	5 Info ET DROP Spamhaus DROP Listed Traffic Inbound group 23 ET INFO Executable Download from dotted-quad Host ET POLICY PE EXE or DLL Windows file download HTTP ET INFO Executable Retrieved With Minimal HTTP Headers - Potential Second Stage Download ET HUNTING SUSPICIOUS Dotted Quad Host MZ Response	13.0	M	36	ZeroCERT

46886	2024-08-10 12:44	Installer.exe 772fe24df16e39503662dae6a21f3ddb Generic Malware Antivirus PE File .NET EXE PE32 VirusTotal Malware suspicious privilege MachineGuid Check memory Checks debugger Creates shortcut unpack itself Check virtual network interfaces suspicious process Windows ComputerName DNS Cryptographic key		1		6.0	M	38	ZeroCERT

46887	2024-08-10 12:45	sahost.exe 5eb52fbf91e71fa3bf26da56915db7d9 NSIS Generic Malware Malicious Library UPX Antivirus PE File PE32 DLL PE64 PNG Format VirusTotal Malware powershell suspicious privilege Check memory Checks debugger WMI Creates shortcut Creates executable files unpack itself powershell.exe wrote suspicious process WriteConsoleW Windows ComputerName Cryptographic key				6.2	M	13	ZeroCERT

46888	2024-08-10 12:46	66b6233d1594d_output_32.exe 9da747c6ceb04d35517c628b52078780 Generic Malware Malicious Library .NET framework(MSIL) Antivirus Socket Escalate priviledges DNS Internet API AntiDebug AntiVM PE File .NET EXE PE32 VirusTotal Malware Buffer PE PDB suspicious privilege Code Injection Check memory Checks debugger buffers extracted Creates shortcut unpack itself suspicious process Windows ComputerName Cryptographic key				9.6	M	18	ZeroCERT

46889	2024-08-10 12:48	66b5ac957cc65_crypta.exe 6faf304cc49ec71e06409e5965296025 Generic Malware Malicious Library .NET framework(MSIL) UPX ScreenShot AntiDebug AntiVM PE File .NET EXE PE32 OS Processor Check VirusTotal Malware PDB suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself				7.4	M	18	ZeroCERT

46890	2024-08-10 12:48	L.exe 4ff433f0799c034ab1a01866254ce759 UPX PE File PE32 VirusTotal Malware				1.2	M	53	ZeroCERT