Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Rule	Score	Zero	VT	Player
466	2024-09-02 10:01	66d2b5c78630c_crypted.exe#1 ae9de1093d87672c550524299e8df649 RedLine stealer Malicious Library Antivirus ScreenShot PWS AntiDebug AntiVM PE File .NET EXE PE32 Browser Info Stealer RedLine Malware download FTP Client Info Stealer Malware Microsoft PDB suspicious privilege Code Injection Check memory Checks debugger buffers extracted WMI unpack itself Collect installed applications installed browsers check Stealer Windows Browser ComputerName DNS Cryptographic key Software crashed		1	6 Info ET DROP Spamhaus DROP Listed Traffic Inbound group 23 ET INFO Microsoft net.tcp Connection Initialization Activity ET MALWARE Redline Stealer TCP CnC Activity ET MALWARE [ANY.RUN] RedLine Stealer/MetaStealer Family Related (MC-NMF Authorization) ET MALWARE Redline Stealer TCP CnC - Id1Response ET MALWARE Redline Stealer/MetaStealer Family Activity (Response)		12.0	M		ZeroCERT

467	2024-09-02 09:59	goldenballonhourstokissherlips... cd3b14daed16ebb53330abb3b7f41797 MS_RTF_Obfuscation_Objects RTF File doc VirusTotal Malware Malicious Traffic exploit crash unpack itself Tofsee Exploit DNS crashed	1 Keyword trend analysis	3	1		4.8	M	40	ZeroCERT

468	2024-09-02 09:57	yr68.exe ea321922de9babb9a9b8e25bed931ff6 UPX PE File PE32 VirusTotal Malware					1.2	M	55	ZeroCERT

469	2024-09-02 09:56	66d2e6738866c_ShopAdminX_build... b64d253205ae75e684e0190d46228353 Malicious Library Antivirus ScreenShot AntiDebug AntiVM PE File .NET EXE PE32 VirusTotal Malware PDB Code Injection Check memory Checks debugger buffers extracted unpack itself					7.0	M	23	ZeroCERT

470	2024-09-02 09:55	Authenticator.exe b7aa705ae0273c87a7af8c79f47247d2 Generic Malware Malicious Library Malicious Packer UPX PE File DllRegisterServer dll PE32 OS Processor Check VirusTotal Malware					1.0	M	28	ZeroCERT

471	2024-09-02 09:54	inetmecangetbackwithentirethin... 1131d758c8208af277e943f04339e646 MS_RTF_Obfuscation_Objects RTF File doc VirusTotal Malware Malicious Traffic RWX flags setting exploit crash Tofsee Exploit DNS crashed	1 Keyword trend analysis	3	1		4.8	M	40	ZeroCERT

472	2024-08-30 23:31	6497a7b33252a782e523bebd280971... 3b83989d2f86d143dbdbb20cf0608a1f Generic Malware Malicious Library Malicious Packer UPX Anti_VM PE File DllRegisterServer dll PE32 OS Processor Check VirusTotal Malware					1.2		36	guest

473	2024-08-30 23:30	6497a7b33252a782e523bebd280971... 3b83989d2f86d143dbdbb20cf0608a1f Generic Malware Malicious Library Malicious Packer UPX Anti_VM PE File DllRegisterServer dll PE32 OS Processor Check VirusTotal Malware					1.2		36	guest

474	2024-08-30 18:18	66cf817beb3eb_vweji12.exe#d12 dd4bd9f1a4a23f3d04bee332b1c5a124 Stealc Client SW User Data Stealer LokiBot ftp Client info stealer Antivirus Malicious Library Http API PWS HTTP Code injection Internet API AntiDebug AntiVM PE File .NET EXE PE32 FTP Client Info Stealer VirusTotal Malware Telegram PDB MachineGuid Code Injection Malicious Traffic Check memory Checks debugger buffers extracted WMI unpack itself Windows utilities Collect installed applications suspicious process malicious URLs sandbox evasion WriteConsoleW anti-virtualization installed browsers check Tofsee Windows Browser ComputerName DNS Software	2 Keyword trend analysis	5	3	1	15.6	M	46	ZeroCERT

475	2024-08-30 18:18	IGCupdation.vbs 4a3d5b6a6676ea329386a7945756114b Generic Malware Antivirus AntiDebug AntiVM VirusTotal Malware powershell suspicious privilege Code Injection Check memory Checks debugger Creates shortcut unpack itself Windows utilities Check virtual network interfaces suspicious process WriteConsoleW Tofsee Windows ComputerName Cryptographic key		4	3		9.4	M	24	ZeroCERT

476	2024-08-30 18:16	StartPrime2.exe 8eb33cfbc3fccab789e6f96cd7b4553b Generic Malware Malicious Library Downloader Malicious Packer UPX PE File ftp PE64 OS Processor Check VirusTotal Malware					1.6	M	48	ZeroCERT

477	2024-08-30 18:15	1188%E7%83%88%E7%84%B0.exe 88783a57777926114b5c5c95af4c943c PE File PE32 PNG Format JPEG Format VirusTotal Malware Check memory RWX flags setting unpack itself Interception Remote Code Execution crashed		3			5.0		17	ZeroCERT

478	2024-08-30 18:14	wnbsqv3008.exe bc8cacd01aa943fbfbf9880d970c56ab Emotet Gen1 Malicious Library UPX PE File PE32 MZP Format OS Processor Check PE64 VirusTotal Malware Checks debugger unpack itself AppData folder					2.4	M	27	ZeroCERT

479	2024-08-30 18:13	vvware_v3.exe f277e1eea63502240b9c2183248fdfca Gen1 Generic Malware Malicious Library Malicious Packer UPX PE File ftp PE64 OS Processor Check VirusTotal Malware PDB					1.6		20	ZeroCERT

480	2024-08-30 18:13	QQHelper_1540.exe 5a39d66e2b925f7b7f9f39de2f9c5fa0 ASPack UPX PE File PE32 MZP Format URL Format DLL VirusTotal Malware Malicious Traffic ICMP traffic Windows Remote Code Execution	12 Keyword trend analysis Info http://images.qqfarmer.com.cn/504486-20170712112840415-1890262410.gif http://down.qqfarmer.com.cn/ssleay32_0626_e503921a6061251302cb45772cb75f42.xml?r=0.329597188392654 http://ad.qqfarmer.com.cn/login.php?id=n&r=0.480842764023691 http://ad.qqfarmer.com.cn/login.php?id=p&r=0.368447953602299 http://ad.qqfarmer.com.cn/login.php?id=l&r=0.560313974739984 http://images.qqfarmer.com.cn/504486-20162218235650745-1529273276.gif http://ad.qqfarmer.com.cn/xml/encrypt.js?r=0.952554038958624 http://ad.qqfarmer.com.cn/login.php?id=v&r=0.494936139322817 http://images.qqfarmer.com.cn/504486-20161218235650745-1529273276.gif http://ad.qqfarmer.com.cn/login.php?id=x&r=0.44646016205661 http://down.qqfarmer.com.cn/libeay32_0626_5f86d65a1686e6bb031048d04bb3fe04.xml?r=0.313291363418102 http://images.qqfarmer.com.cn/hongbao_nav.gif	8	1		4.0		13	ZeroCERT