popup

Submissions

No Date Request Urls Hosts IDS Rule Score Zero VT Player Etc
48136 2024-09-19 10:00 66e877203afd3_vfdsofa12.exe#d1...  

5c984dd83c65ae6b6f2d93a60ae40bfd


Stealc Client SW User Data Stealer LokiBot ftp Client info stealer Antivirus Malicious Library Http API PWS HTTP Code injection Internet API AntiDebug AntiVM PE File .NET EXE PE32 FTP Client Info Stealer VirusTotal Malware Telegram PDB MachineGuid Code Injection Malicious Traffic Check memory Checks debugger buffers extracted WMI unpack itself Windows utilities Collect installed applications suspicious process malicious URLs sandbox evasion WriteConsoleW anti-virtualization installed browsers check Tofsee Windows Browser ComputerName DNS Software 		1 5 3 1 16.0 M 54 ZeroCERT

48137 2024-09-19 10:02 zabardast-movie2024.mp3.exe  

cbef9bb615e2bd37d730ed30fde6ae03


UPX PE File PE64 OS Processor Check VirusTotal Malware Check memory unpack itself 		1.8 M 46 ZeroCERT

48138 2024-09-19 10:02 clip.exe  

6ca0b0717cfa0684963ff129abb8dce9


Generic Malware Malicious Library UPX PE File PE32 OS Processor Check VirusTotal Malware Malicious Traffic DNS 		1 1 2.8 M 57 ZeroCERT

48139 2024-09-19 10:04 66e877160911d_vnfdewk16.exe#d1...  

65ac3fe80ceced1ad72a4ab03dfd14f2


Antivirus PE File .NET EXE PE32 VirusTotal Malware PDB Check memory Checks debugger unpack itself WriteConsoleW ComputerName 		3.0 M 55 ZeroCERT

48140 2024-09-19 10:04 66e8771d4d239_vfdokdf15.exe#d1...  

3817c947e0d26bde329f7481b6d76709


Stealc Client SW User Data Stealer LokiBot ftp Client info stealer Antivirus Malicious Library Http API PWS HTTP Code injection Internet API AntiDebug AntiVM PE File .NET EXE PE32 FTP Client Info Stealer VirusTotal Malware Telegram PDB MachineGuid Code Injection Malicious Traffic Check memory Checks debugger buffers extracted WMI unpack itself Windows utilities Collect installed applications suspicious process malicious URLs sandbox evasion WriteConsoleW anti-virtualization installed browsers check Tofsee Windows Browser ComputerName DNS Software 		1 5 3 1 14.8 M 54 ZeroCERT

48141 2024-09-19 10:06 B.exe  

7778bbeacc8add7df3996267fc83ece5


AgentTesla Malicious Library Malicious Packer UPX PE File OS Memory Check .NET EXE PE32 OS Name Check OS Processor Check Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware suspicious privilege Malicious Traffic Check memory Checks debugger unpack itself Check virtual network interfaces IP Check Browser Email ComputerName DNS Software crashed 		1 4 3 6.6 M 55 ZeroCERT

48142 2024-09-19 10:09 univ.exe  

85737d1c7426259423c84f96719e82ea


Malicious Library Admin Tool (Sysinternals etc ...) UPX PE File PE32 OS Processor Check VirusTotal Malware unpack itself Windows Remote Code Execution 		3.2 M 59 ZeroCERT

48143 2024-09-19 10:10 66e87722b6018_sdfjen.exe#space  

38ae00650fbf32979ee3d6163e5c579e


Antivirus PE File .NET EXE PE32 VirusTotal Malware PDB Check memory Checks debugger unpack itself WriteConsoleW ComputerName 		3.0 M 50 ZeroCERT

48144 2024-09-19 10:12 66e9b62daa62d_xin.exe  

8e3fb69a56d807d7ef1c432ea1590496


RedLine stealer Antivirus PWS AntiDebug AntiVM PE File .NET EXE PE32 VirusTotal Malware PDB Code Injection Check memory Checks debugger buffers extracted unpack itself Windows DNS 		1 9.2 M 50 ZeroCERT

48145 2024-09-19 10:15 vfdaj15.exe  

ad31361e15557683381bfeafda7fc981


Stealc Client SW User Data Stealer LokiBot ftp Client info stealer Antivirus Malicious Library Http API PWS HTTP Code injection Internet API AntiDebug AntiVM PE File .NET EXE PE32 FTP Client Info Stealer VirusTotal Malware Telegram PDB MachineGuid Code Injection Malicious Traffic Check memory Checks debugger buffers extracted WMI unpack itself Windows utilities Collect installed applications suspicious process malicious URLs sandbox evasion WriteConsoleW anti-virtualization installed browsers check Tofsee Windows Browser ComputerName DNS Software 		1 5 3 1 17.0 M 51 ZeroCERT

48146 2024-09-19 10:17 87.exe  

8031214dd28074aecf6482fcff90565b


Malicious Library PE File PE64 VirusTotal Malware RWX flags setting unpack itself ComputerName DNS 		1 5.2 M 60 ZeroCERT

48147 2024-09-19 10:19 vhgwe12.exe  

b9e09917fbda00f390cf009dc958051d


Stealc Client SW User Data Stealer LokiBot ftp Client info stealer Antivirus Malicious Library Http API PWS HTTP Code injection Internet API AntiDebug AntiVM PE File .NET EXE PE32 FTP Client Info Stealer VirusTotal Malware Telegram PDB MachineGuid Code Injection Malicious Traffic Check memory Checks debugger buffers extracted WMI unpack itself Windows utilities Collect installed applications suspicious process malicious URLs sandbox evasion WriteConsoleW anti-virtualization installed browsers check Tofsee Windows Browser ComputerName DNS Software 		1 5 3 1 16.6 M 49 ZeroCERT

48148 2024-09-19 10:21 euro.exe  

e89f78e780b64eeb920d5dfebd033ffa


AgentTesla Malicious Library Malicious Packer UPX PE File OS Memory Check .NET EXE PE32 OS Name Check OS Processor Check Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware suspicious privilege Malicious Traffic Check memory Checks debugger unpack itself Check virtual network interfaces IP Check Browser Email ComputerName DNS Software crashed 		1 4 3 6.6 M 59 ZeroCERT

48149 2024-09-19 10:26 onePackage.exe  

6c2db0ef90b27f880a1566de7711e6c6


Generic Malware Malicious Library Malicious Packer UPX Anti_VM PE File DllRegisterServer dll PE32 OS Processor Check 		0.2 M ZeroCERT

48150 2024-09-19 10:27 66ea645129e6a_jacobs.exe  

d60d266e8fbdbd7794653ecf2aba26ed


PE File PE64 VirusTotal Cryptocurrency Miner Malware DNS CoinMiner 		2 1 1.6 M 33 ZeroCERT

keyword