Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Rule	Score	Zero	VT	Player
47836	2024-09-05 08:49	66d897ad1752a_File.exe#xin f10161c3acde4b7dadcd1eeddcf937f1 RedLine stealer Antivirus PWS AntiDebug AntiVM PE File .NET EXE PE32 PDB Code Injection Check memory Checks debugger buffers extracted unpack itself DNS		1			7.8	M		ZeroCERT

47837	2024-09-05 08:49	66d897dfa580a_crypted.exe#1 49fbbdd3bd005ded23aeadf895b316ed RedLine stealer Antivirus ScreenShot PWS AntiDebug AntiVM PE File .NET EXE PE32 Browser Info Stealer RedLine Malware download FTP Client Info Stealer Malware Microsoft PDB suspicious privilege Code Injection Check memory Checks debugger buffers extracted WMI unpack itself Collect installed applications installed browsers check Stealer Windows Browser ComputerName DNS Cryptographic key Software crashed		1	6 Info ET DROP Spamhaus DROP Listed Traffic Inbound group 23 ET INFO Microsoft net.tcp Connection Initialization Activity ET MALWARE Redline Stealer TCP CnC Activity ET MALWARE [ANY.RUN] RedLine Stealer/MetaStealer Family Related (MC-NMF Authorization) ET MALWARE Redline Stealer TCP CnC - Id1Response ET MALWARE Redline Stealer/MetaStealer Family Activity (Response)		12.0	M		ZeroCERT

47838	2024-09-05 08:51	66d89809e92e0_favorite.exe#rea... cba5724bc1281aa004c0d66fd8045d7b Malicious Library UPX PE File .NET EXE PE32 OS Processor Check PDB Check memory Checks debugger unpack itself ComputerName					1.8	M		ZeroCERT

47839	2024-09-05 08:51	66d8985a256af_installer.exe 4b0348bf0a8544b5c6b90c79bbeca054 Malicious Library UPX PE File PE64 Checks debugger Creates executable files unpack itself crashed					1.2			ZeroCERT

47840	2024-09-05 10:57	66d59ef9d4404_premium.exe#upus 68ebcc4ad727c077aeb5cc60b868e304 Malicious Library .NET framework(MSIL) UPX PE File .NET EXE PE32 OS Processor Check VirusTotal Malware PDB Check memory Checks debugger unpack itself ComputerName Remote Code Execution					3.2	M	46	ZeroCERT

47841	2024-09-05 10:57	66d60cd3ce002_SeparatelyDied.e... 1959ce1e98b798963f8b7d04bfb71e69 Generic Malware Malicious Library UPX PE File PE32 OS Processor Check VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger WMI Creates executable files Windows utilities suspicious process AppData folder sandbox evasion WriteConsoleW Windows ComputerName					6.6	M	31	ZeroCERT

47842	2024-09-05 10:59	gutweedtE.exe c194c15101c7b0b66550938d65b403db Generic Malware Malicious Library ASPack UPX PE File PE32 OS Processor Check VirusTotal Malware Cryptocurrency wallets Cryptocurrency Check memory unpack itself ComputerName					3.2	M	59	ZeroCERT

47843	2024-09-05 11:01	ywp.exe 6a9213568bc6a19895240ff14fd57329 UPX PE File PE32 VirusTotal Malware					1.2	M	57	ZeroCERT

47844	2024-09-05 11:04	castoridaezv.ps1 10b8b561e8cbd458966af621f7f8df7c Generic Malware Antivirus Check memory Checks debugger unpack itself WriteConsoleW Windows ComputerName Cryptographic key crashed					2.2	M		ZeroCERT

47845	2024-09-05 11:05	sd2.ps1 25d2ac4189bd84f9d88528ed3c26d6fe Generic Malware Antivirus Malware powershell Malicious Traffic Check memory unpack itself Check virtual network interfaces WriteConsoleW Windows ComputerName DNS Cryptographic key	2 Keyword trend analysis	1		1	4.4	M		ZeroCERT

47846	2024-09-05 11:07	XWORM-V5.4.exe 741b1f2ee5826897af2ba2ec765296e4 Formbook Generic Malware Malicious Library Admin Tool (Sysinternals etc ...) .NET framework(MSIL) UPX Antivirus Anti_VM PE File .NET EXE PE32 OS Processor Check DLL PE64 suspicious privilege MachineGuid Check memory Checks debugger Creates executable files unpack itself AppData folder AntiVM_Disk VM Disk Size Check Windows ComputerName Cryptographic key					5.4			ZeroCERT

47847	2024-09-05 11:08	R.exe fb3065fb8f756f9ccca0ef035ddb0f0d Gen1 Generic Malware Malicious Library UPX ASPack Antivirus Anti_VM PE File .NET EXE PE32 DLL PE64 OS Processor Check ZIP Format VirusTotal Malware suspicious privilege MachineGuid Check memory Checks debugger Creates executable files unpack itself AppData folder AntiVM_Disk VM Disk Size Check Windows ComputerName Cryptographic key					6.6		58	ZeroCERT

47848	2024-09-05 15:28	data64_6.exe 87953bdf18ba88061cf28ad17116b56f Generic Malware Malicious Library UPX Downloader AntiDebug AntiVM PE File PE32 OS Processor Check DLL MZP Format VirusTotal Malware PDB Code Injection unpack itself suspicious process AppData folder Remote Code Execution					4.4	M	42	guest

47849	2024-09-05 15:41	Accounts.exe ad29e0e7589772959ed632754b2d0ed5 Malicious Library PE File PE64 VirusTotal Malware RWX flags setting DNS crashed		1	3		2.4		59	ZeroCERT

47850	2024-09-05 15:41	raccountinfo.exe dcb295f480348248ee1ef163a5ba4df3 Gen1 Malicious Packer UPX AntiDebug AntiVM PE File ftp PE32 OS Processor Check VirusTotal Malware Code Injection Check memory Checks debugger unpack itself WriteConsoleW ComputerName crashed					5.4		16	ZeroCERT