Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Rule	Score	Zero	VT	Player
46981	2024-08-11 15:23	equitopxMPDW-constraints.vbs 02c2234746945a015ebee166b943b22e Generic Malware Antivirus Hide_URL PowerShell VirusTotal Malware powershell suspicious privilege Check memory Checks debugger Creates shortcut unpack itself Check virtual network interfaces suspicious process WriteConsoleW Tofsee Windows ComputerName Cryptographic key	1 Keyword trend analysis	2	1		7.6	M	5	ZeroCERT

46982	2024-08-11 15:23	ActiveMQ-RCE.exe 4ba8f3acf74baeaf5db40372f0c70e9d Malicious Library Malicious Packer UPX PE File PE64 VirusTotal Malware					1.0	M	5	ZeroCERT

46983	2024-08-11 15:25	beacon_x64.ps1 9dc0a907c4136946f8d3b0c42ebf677f Generic Malware Antivirus VirusTotal Malware Check memory unpack itself					1.6	M	38	ZeroCERT

46984	2024-08-11 15:25	66b09f01e0030_dozkey.exe e66c202fc9367708b37d5ed10975bfa8 Stealc Client SW User Data Stealer LokiBot ftp Client info stealer Malicious Library .NET framework(MSIL) UPX ASPack Http API PWS HTTP Code injection Internet API AntiDebug AntiVM PE File .NET EXE PE32 OS Processor Check FTP Client Info Stealer VirusTotal Malware Telegram PDB suspicious privilege MachineGuid Code Injection Malicious Traffic Check memory Checks debugger buffers extracted WMI unpack itself Windows utilities Collect installed applications suspicious process malicious URLs sandbox evasion WriteConsoleW anti-virtualization installed browsers check Tofsee Windows Browser ComputerName DNS Software	3 Keyword trend analysis	5	3	1	17.6	M	45	ZeroCERT

46985	2024-08-11 15:27	RingQ.exe 2c3beb9c17ad530a2b049b64ff2aae66 Malicious Packer UPX PE File PE64 OS Processor Check VirusTotal Malware					1.4	M	45	ZeroCERT

46986	2024-08-11 15:28	66b4b5e40dbf6_template832compo... d46a50db86b3fd08fcfee930731d63ed RedLine stealer Malicious Library UPX ScreenShot PWS AntiDebug AntiVM PE File .NET EXE PE32 OS Processor Check Browser Info Stealer RedLine Malware download FTP Client Info Stealer VirusTotal Malware Microsoft Buffer PE PDB suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself Collect installed applications installed browsers check Stealer Windows Browser ComputerName Remote Code Execution DNS Cryptographic key Software crashed		1	6 Info ET DROP Spamhaus DROP Listed Traffic Inbound group 33 ET INFO Microsoft net.tcp Connection Initialization Activity ET MALWARE Redline Stealer TCP CnC Activity ET MALWARE [ANY.RUN] RedLine Stealer/MetaStealer Family Related (MC-NMF Authorization) ET MALWARE Redline Stealer TCP CnC - Id1Response ET MALWARE Redline Stealer/MetaStealer Family Activity (Response)		12.2	M	40	ZeroCERT

46987	2024-08-11 15:30	client.exe 4fb681131f7ac7824c4f0afd337986d9 Malicious Library Malicious Packer Antivirus .NET framework(MSIL) UPX PE File .NET EXE PE32 OS Processor Check VirusTotal Malware Check memory Checks debugger unpack itself					2.0	M	62	ZeroCERT

46988	2024-08-11 15:30	test1.exe 756f6b548ebf6ba4b1c61392ce30fb9b Generic Malware Malicious Packer Antivirus UPX AntiDebug AntiVM PE File PE64 PowerShell VirusTotal Malware powershell suspicious privilege MachineGuid Code Injection Malicious Traffic Check memory Checks debugger Creates shortcut unpack itself Check virtual network interfaces suspicious process Windows ComputerName DNS Cryptographic key	1 Keyword trend analysis	1			10.0	M	13	ZeroCERT

46989	2024-08-11 15:32	66b2871b47a8b_uhigdbf.exe eeecdefa939b534bc8f774a15e05ab0f SystemBC Generic Malware Downloader Malicious Library UPX Malicious Packer Antivirus Create Service Socket DGA Http API ScreenShot Escalate priviledges Steal credential PWS Sniff Audio HTTP DNS Code injection Internet API FTP KeyLogger P2P AntiDebug AntiV VirusTotal Malware AutoRuns PDB Code Injection Creates executable files unpack itself AppData folder Windows Remote Code Execution					4.8	M	28	ZeroCERT

46990	2024-08-11 15:32	tt1.exe 7dff94df36e6e229ee7d60702dccf9a7 Malicious Library Antivirus UPX Anti_VM PE File PE64 OS Processor Check VirusTotal Malware					1.0	M	39	ZeroCERT

46991	2024-08-11 15:34	loaderred.exe a29a4be4bbb2a112d282606e9fc09ce0 Malicious Library Antivirus UPX Anti_VM PE File PE64 OS Processor Check VirusTotal Malware					1.6	M	42	ZeroCERT

46992	2024-08-11 15:35	66b28454586cd_monogamer.exe c0e00655472d8535d3b93162c9d5291c RedLine stealer Malicious Library Admin Tool (Sysinternals etc ...) UPX ScreenShot PWS AntiDebug AntiVM PE File .NET EXE PE32 Browser Info Stealer RedLine Malware download FTP Client Info Stealer VirusTotal Malware Microsoft PDB suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself Collect installed applications installed browsers check Stealer Windows Browser ComputerName DNS Cryptographic key Software crashed		1	6 Info ET DROP Spamhaus DROP Listed Traffic Inbound group 33 ET INFO Microsoft net.tcp Connection Initialization Activity ET MALWARE Redline Stealer TCP CnC Activity ET MALWARE [ANY.RUN] RedLine Stealer/MetaStealer Family Related (MC-NMF Authorization) ET MALWARE Redline Stealer TCP CnC - Id1Response ET MALWARE Redline Stealer/MetaStealer Family Activity (Response)		11.8	M	49	ZeroCERT

46993	2024-08-11 15:36	66b7a4a075311_AsianAsp.exe 4f92aec3cd981658d5311657bee27d9a Generic Malware Downloader Malicious Library UPX Create Service Socket DGA Http API ScreenShot Escalate priviledges Steal credential PWS Sniff Audio HTTP DNS Code injection Internet API persistence FTP KeyLogger P2P AntiDebug AntiVM PE File PE32 OS Proces VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger WMI Creates executable files unpack itself Windows utilities suspicious process AppData folder malicious URLs WriteConsoleW Windows ComputerName					6.6	M	13	ZeroCERT

46994	2024-08-11 15:37	66ae9b239854c_crypto.exe d6ef7693d2c323305a62db85c85f42cd Malicious Library .NET framework(MSIL) UPX ScreenShot AntiDebug AntiVM PE File .NET EXE PE32 VirusTotal Malware PDB suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself					8.0	M	47	ZeroCERT

46995	2024-08-11 15:39	loader.exe 6ba43d351a7eed2f20c7a2238729c512 Malicious Library Antivirus UPX Anti_VM PE File PE64 OS Processor Check VirusTotal Malware					1.2	M	41	ZeroCERT