Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Rule	Score	Zero	VT	Player
47986	2024-09-12 15:48	lfnsda.exe c54262d9605b19cd8d417ad7bc075c11 Antivirus ScreenShot AntiDebug AntiVM PE File .NET EXE PE32 VirusTotal Malware PDB Code Injection Check memory Checks debugger buffers extracted unpack itself					7.0		22	ZeroCERT

47987	2024-09-12 15:53	pictureisthebestwaytogetmeback... cb792a6d691eccb32ae444ae0aba5cfa Generic Malware Antivirus Hide_URL PowerShell powershell suspicious privilege Check memory Checks debugger Creates shortcut unpack itself Check virtual network interfaces suspicious process WriteConsoleW Tofsee Windows ComputerName Cryptographic key	1 Keyword trend analysis	2	1		7.2			ZeroCERT

47988	2024-09-12 17:43	[자문]북한 신형 자폭드론.msc 391fa4e57f91e3422ef5d32523d4dfc7 ScreenShot KeyLogger AntiDebug AntiVM VirusTotal Malware MachineGuid Code Injection Check memory RWX flags setting unpack itself					2.8		12	ZeroCERT

47989	2024-09-12 18:10	v.exe 9b8cbe00ee318c8784892a5211f3d3b0 RedLine stealer Malicious Library PE File .NET EXE PE32 VirusTotal Malware suspicious privilege MachineGuid Check memory Checks debugger buffers extracted unpack itself Windows ComputerName Cryptographic key					3.8	M	59	ZeroCERT

47990	2024-09-12 18:10	new_image.jpg.exe 15a1d8603a7cfb0b8d6015955a9f5f6f Malicious Library Malicious Packer UPX PE File DLL PE32 .NET DLL OS Processor Check VirusTotal Malware PDB					1.0		27	ZeroCERT

47991	2024-09-12 18:22	66e29b86a36a0_file.exe#xin 7d5c425aafcc98b28917c5853b12a86e RedLine stealer Antivirus PWS AntiDebug AntiVM PE File .NET EXE PE32 VirusTotal Malware PDB Code Injection Check memory Checks debugger buffers extracted unpack itself DNS		1			8.4	M	31	ZeroCERT

47992	2024-09-12 18:23	66e27cc59b93f_111.exe 24fbb160ccad6b035b0ed7e1070f820f RedLine stealer RedLine Infostealer Generic Malware UltraVNC Malicious Library UPX Antivirus ScreenShot PWS AntiDebug AntiVM PE File PE32 OS Processor Check .NET EXE Browser Info Stealer FTP Client Info Stealer VirusTotal Malware PDB suspicious privilege Code Injection Check memory Checks debugger buffers extracted WMI Creates executable files unpack itself Collect installed applications installed browsers check Windows Browser ComputerName Remote Code Execution DNS Cryptographic key Software crashed		2			14.4	M	44	ZeroCERT

47993	2024-09-12 18:32	66e27cc59b93f_111.exe 24fbb160ccad6b035b0ed7e1070f820f RedLine stealer RedLine Infostealer Generic Malware UltraVNC Malicious Library UPX Antivirus ScreenShot PWS AntiDebug AntiVM PE File PE32 OS Processor Check .NET EXE Browser Info Stealer RedLine Malware download FTP Client Info Stealer VirusTotal Malware Microsoft PDB suspicious privilege Code Injection Check memory Checks debugger buffers extracted WMI Creates executable files unpack itself Collect installed applications installed browsers check Stealer Windows Browser ComputerName Remote Code Execution DNS Cryptographic key Software crashed		2	5 Info ET INFO Microsoft net.tcp Connection Initialization Activity ET MALWARE Redline Stealer TCP CnC Activity ET MALWARE [ANY.RUN] RedLine Stealer/MetaStealer Family Related (MC-NMF Authorization) ET MALWARE Redline Stealer TCP CnC - Id1Response ET MALWARE Redline Stealer/MetaStealer Family Activity (Response)		14.4	M	44	ZeroCERT

47994	2024-09-13 09:12	66e34827a9d4e_driver.exe 32ae51ec5c2a5b248bafe9cbd3db5d85 Generic Malware Malicious Library Malicious Packer UPX PE File DllRegisterServer dll PE32 OS Processor Check VirusTotal Malware					1.0		21	ZeroCERT

47995	2024-09-13 09:13	file.exe 81ab6efc7f70bfccf8669c4be6b8098c Malicious Library UPX PE File PE32 OS Processor Check VirusTotal Malware Checks debugger					1.0		12	ZeroCERT

47996	2024-09-13 09:14	vgwg12.exe 50f3f2766c704399745f68056e6d19e3 Stealc Client SW User Data Stealer LokiBot ftp Client info stealer Antivirus Malicious Library Http API PWS HTTP Code injection Internet API AntiDebug AntiVM PE File .NET EXE PE32 FTP Client Info Stealer VirusTotal Malware Telegram PDB MachineGuid Code Injection Malicious Traffic Check memory Checks debugger buffers extracted WMI unpack itself Windows utilities Collect installed applications suspicious process malicious URLs sandbox evasion WriteConsoleW anti-virtualization installed browsers check Tofsee Windows Browser ComputerName DNS Software	1 Keyword trend analysis	5	3	1	16.2	M	33	ZeroCERT

47997	2024-09-13 09:16	test.docx 02820a3acfff189e96d8016cba9adb88 Word 2007 file format(docx) ZIP Format VirusTotal Malware MachineGuid Check memory RWX flags setting exploit crash unpack itself Tofsee GameoverP2P Zeus Exploit ComputerName Trojan Banking crashed		2	2		5.0		2	ZeroCERT

47998	2024-09-13 09:16	66e3391fc33b4_Setup11.exe 1d9867f060ccc14263204c633b36968f Generic Malware Malicious Library Malicious Packer Antivirus UPX PE File PE64 VirusTotal Malware					0.4		7	ZeroCERT

47999	2024-09-13 09:18	vreg15.exe 7676e9e26e9d68ed4333b48962e246df Stealc Client SW User Data Stealer LokiBot ftp Client info stealer Antivirus Malicious Library Http API PWS HTTP Code injection Internet API AntiDebug AntiVM PE File .NET EXE PE32 FTP Client Info Stealer VirusTotal Malware Telegram PDB MachineGuid Code Injection Malicious Traffic Check memory Checks debugger buffers extracted WMI unpack itself Windows utilities Collect installed applications suspicious process malicious URLs sandbox evasion WriteConsoleW anti-virtualization installed browsers check Tofsee Windows Browser ComputerName DNS Software	1 Keyword trend analysis	5	3	1	15.2	M	33	ZeroCERT

48000	2024-09-13 09:19	qsKo.txt.ps1 668884aeb66c4d344622dcd0dc087b8c Generic Malware Antivirus VirusTotal Malware Check memory unpack itself WriteConsoleW Windows Cryptographic key					1.4		4	ZeroCERT