popup

Submissions

No Date Request Urls Hosts IDS Rule Score Zero VT Player Etc
46921 2020-07-31 16:51 YHPWdVwlVtkMUjgmSB.exe  

ef29b6e43ff7f544c1444f0d22842eed


VirusTotal Malware Malicious Traffic unpack itself malicious URLs sandbox evasion Windows Advertising ComputerName Remote Code Execution DNS Cryptographic key 		1 1 5.2 7

46922 2020-07-31 16:46 own.exe  

8f75b3a9c0849a64e5d7767709e52169


VirusTotal Email Client Info Stealer Malware AutoRuns suspicious privilege Check memory Checks debugger unpack itself Windows utilities suspicious process malicious URLs WriteConsoleW human activity check installed browsers check Windows Browser Email DNS Cryptographic key 		2 1 8.6 27

46923 2020-07-31 16:43 explore.exe  

35264093b0e50ccbc2d54082f55d22f5


VirusTotal Malware Check memory Checks debugger unpack itself 		2.8 43

46924 2020-07-31 16:42 silverlight5.exe  

4f7317ce40e4c8d911746cc79a4c6228


Emotet VirusTotal Malware AutoRuns suspicious privilege Code Injection Check memory Checks debugger buffers extracted Creates shortcut Creates executable files unpack itself Disables Windows Security AppData folder malicious URLs AntiVM_Disk sandbox evasion WriteConsoleW Creates autorun.inf VM Disk Size Check human activity check installed browsers check Windows Browser ComputerName DNS Cryptographic key crashed 		6 4 16.2 61

46925 2020-07-31 16:39 aG7u8kaVGsbct6d.exe  

4c47449732d4a12867f22d318c049591


VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself malicious URLs ComputerName crashed 		9.4 M 41

46926 2020-07-31 16:28 python-2.7.18.amd64.msi  

a425c758d38f8e28b56f4724b499239a


VirusTotal Malware suspicious privilege Check memory Checks debugger Creates shortcut unpack itself AntiVM_Disk VM Disk Size Check installed browsers check Ransomware Browser ComputerName 		3.4 1

46927 2020-07-31 16:27 2xp2t9649.exe  

dedaa6e9be869d05d710493436323d42


VirusTotal Malware Malicious Traffic unpack itself malicious URLs sandbox evasion Windows Advertising ComputerName DNS Cryptographic key 		1 1 6.4 14

46928 2020-07-31 16:20 2xp2t9649.exe  

dedaa6e9be869d05d710493436323d42


VirusTotal Malware Malicious Traffic unpack itself malicious URLs sandbox evasion Windows Advertising ComputerName DNS Cryptographic key 		1 1 5.8 14

46929 2020-07-31 16:19 http://www.nalara1220.o-r.kr  

c032bb944d6fba21799bd5a4df5b6122


Code Injection Creates executable files RWX flags setting unpack itself Windows utilities Windows DNS 		6 2 3.6

46930 2020-07-31 16:12 2xp2t9649.exe  

dedaa6e9be869d05d710493436323d42


VirusTotal Malware Malicious Traffic unpack itself malicious URLs sandbox evasion Windows Advertising ComputerName DNS Cryptographic key 		1 1 6.4 14

46931 2020-07-31 16:11 http://www.nalara1220.o-r.kr  

c032bb944d6fba21799bd5a4df5b6122


Code Injection Creates executable files unpack itself Windows utilities Windows DNS 		6 2 3.2

46932 2020-07-31 16:09 http://www.nalara1220.o-r.kr  

c032bb944d6fba21799bd5a4df5b6122


Code Injection Creates executable files unpack itself Windows utilities Windows DNS 		6 2 3.2

46933 2020-07-31 16:02 2xp2t9649.exe  

dedaa6e9be869d05d710493436323d42


VirusTotal Malware Malicious Traffic unpack itself malicious URLs sandbox evasion Windows Advertising ComputerName DNS Cryptographic key 		1 1 5.8 14

46934 2020-07-31 16:00 http://www.nalara1220.o-r.kr  

c032bb944d6fba21799bd5a4df5b6122


Code Injection Creates executable files RWX flags setting unpack itself Windows utilities Windows DNS 		6 2 3.6

46935 2020-07-31 15:58 http://www.nalara1220.o-r.kr  

c032bb944d6fba21799bd5a4df5b6122


Code Injection Creates executable files unpack itself Windows utilities Windows DNS 		6 2 3.2

keyword