Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Score	Zero	VT	Player
48091	2024-09-17 14:12	r.exe 109d640a259b145be1aebeab0fb2842a Generic Malware Malicious Library Malicious Packer PE File PE64 VirusTotal Malware Check memory Checks debugger unpack itself				2.0	M	51	ZeroCERT

48092	2024-09-17 14:13	Suselx1.exe 71517e1e407a8066e02ee4a1dd637cab ScreenShot AntiDebug AntiVM PE File .NET EXE PE32 Malware download VirusTotal Malware PDB Code Injection Malicious Traffic Check memory Checks debugger buffers extracted unpack itself Check virtual network interfaces Windows DNS Downloader	1 Keyword trend analysis	1	6 Info ET DROP Spamhaus DROP Listed Traffic Inbound group 23 ET INFO Executable Download from dotted-quad Host ET MALWARE Terse alphanumeric executable downloader high likelihood of being hostile ET POLICY PE EXE or DLL Windows file download HTTP ET INFO Executable Retrieved With Minimal HTTP Headers - Potential Second Stage Download ET HUNTING SUSPICIOUS Dotted Quad Host MZ Response	10.0	M	51	ZeroCERT

48093	2024-09-17 14:14	CnyvVl.exe c3555ffa261822a6b1d04314c5370151 Antivirus PE File .NET EXE PE32 VirusTotal Malware PDB Check memory Checks debugger unpack itself ComputerName crashed				3.0	M	53	ZeroCERT

48094	2024-09-17 14:15	hq9.exe 7057f6c2b0efa033b30385d6015c8f4a UPX PE File PE32 VirusTotal Malware				1.2	M	59	ZeroCERT

48095	2024-09-17 14:17	gretdence.exe 969c9a7bc2e46a078fac7c27ad79fc56 Generic Malware Malicious Library UPX PE File PE32 OS Processor Check ftp VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger WMI Creates executable files Windows utilities suspicious process AppData folder WriteConsoleW Windows ComputerName				6.0	M	48	ZeroCERT

48096	2024-09-17 14:18	8.11.9-Windows.exe 1c6b522d985b2e60890a098e3d5e78b8 Malicious Library Malicious Packer UPX PE File PE32 OS Processor Check VirusTotal Malware				1.6	M	39	ZeroCERT

48097	2024-09-17 14:18	66e3f637943fb_xin1.exe dc0d22b7133699183da35835f6dc4d1b RedLine stealer Antivirus PWS AntiDebug AntiVM PE File .NET EXE PE32 VirusTotal Malware PDB Code Injection Check memory Checks debugger buffers extracted unpack itself DNS		1		8.6	M	58	ZeroCERT

48098	2024-09-17 14:21	66ddda1c094df_crypted.exe e9deb7173dd4403cec8829bb1eb1705a RedLine stealer Antivirus ScreenShot PWS AntiDebug AntiVM PE File .NET EXE PE32 VirusTotal Malware PDB Code Injection Check memory Checks debugger buffers extracted unpack itself Windows DNS Cryptographic key		1		11.2	M	56	ZeroCERT

48099	2024-09-17 14:21	66c45b187f9fb_RobertsonGlory.e... 126fe36209cb4c46477e6d7aa4f3fe56 Generic Malware Suspicious_Script_Bin Downloader Malicious Library UPX Create Service Socket DGA Http API ScreenShot Escalate priviledges Steal credential PWS Hijack Network Sniff Audio HTTP DNS Code injection Internet API persistence FTP KeyLogger P2P An VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger WMI Creates executable files unpack itself Windows utilities suspicious process AppData folder malicious URLs WriteConsoleW Windows ComputerName				7.2	M	50	ZeroCERT

48100	2024-09-17 14:23	HVNC1.exe 2e1da3b03de67089bb9b8ffdf7e1c7a9 PE File PE64 VirusTotal Malware suspicious privilege MachineGuid Check memory Checks debugger buffers extracted unpack itself Windows Cryptographic key				3.6	M	52	ZeroCERT

48101	2024-09-17 14:23	66e6ea133c92f_crypted.exe#xin ba0dc71d562da0d40e7f409502daa9e0 RedLine stealer Antivirus PWS AntiDebug AntiVM PE File .NET EXE PE32 VirusTotal Malware PDB Code Injection Check memory Checks debugger buffers extracted unpack itself WriteConsoleW DNS		1		8.8	M	52	ZeroCERT

48102	2024-09-17 14:24	yqy2.exe 243060d6f56395aa66e64418b9d299b1 ScreenShot AntiDebug AntiVM PE File .NET EXE PE32 VirusTotal Malware PDB Code Injection Malicious Traffic Check memory Checks debugger buffers extracted unpack itself Check virtual network interfaces Windows DNS	1 Keyword trend analysis	1	5 Info ET DROP Spamhaus DROP Listed Traffic Inbound group 23 ET INFO Executable Download from dotted-quad Host ET POLICY PE EXE or DLL Windows file download HTTP ET INFO Executable Retrieved With Minimal HTTP Headers - Potential Second Stage Download ET HUNTING SUSPICIOUS Dotted Quad Host MZ Response	10.0	M	55	ZeroCERT

48103	2024-09-17 14:26	66df1acad4359_res_out.exe bee899073ade70f17b353c7f1f9e2748 Emotet Generic Malware Malicious Library Malicious Packer Antivirus UPX PE File PE32 OS Processor Check VirusTotal Malware Buffer PE AutoRuns PDB Code Injection Malicious Traffic buffers extracted Creates executable files unpack itself Windows DNS	3 Keyword trend analysis	1	3	8.8	M	46	ZeroCERT

48104	2024-09-17 14:26	hq8.exe 0c4ae706774936caeee5ac840f184717 UPX PE File PE32 VirusTotal Malware				1.2	M	58	ZeroCERT

48105	2024-09-17 14:27	install_lodop32.exe cee0d7092ec83373078d0045a0c74c40 PE File PE32 MZP Format DLL DllRegisterServer dll Browser Info Stealer VirusTotal Malware Creates executable files unpack itself sandbox evasion Browser Remote Code Execution DNS crashed		1		6.0	M	21	ZeroCERT