Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Score	Zero	VT	Player
48301	2024-09-23 09:59	CovidPass.exe 4ff07dff62d31b141d2ff73725935c08 Malicious Library Malicious Packer UPX PE File PE32 VirusTotal Malware unpack itself DNS		1		4.2	M	64	ZeroCERT

48302	2024-09-23 10:00	66f064675abb3_lyla3.exe d56bea8714d3b0d71a4905b3e9103e03 Malicious Library UPX PE File PE32 OS Processor Check VirusTotal Malware unpack itself Remote Code Execution				2.2	M	23	ZeroCERT

48303	2024-09-23 10:52	66f01434b5b1a_crypted.exe#1 6423234685ca0046f61adac81f3b71d2 RedLine stealer ScreenShot PWS AntiDebug AntiVM PE File .NET EXE PE32 Browser Info Stealer RedLine Malware download FTP Client Info Stealer VirusTotal Malware Microsoft PDB suspicious privilege Code Injection Check memory Checks debugger buffers extracted WMI unpack itself Collect installed applications installed browsers check Stealer Windows Browser ComputerName DNS Cryptographic key Software crashed		1	5 Info ET INFO Microsoft net.tcp Connection Initialization Activity ET MALWARE Redline Stealer TCP CnC Activity ET MALWARE [ANY.RUN] RedLine Stealer/MetaStealer Family Related (MC-NMF Authorization) ET MALWARE Redline Stealer TCP CnC - Id1Response ET MALWARE Redline Stealer/MetaStealer Family Activity (Response)	13.2	M	43	ZeroCERT

48304	2024-09-23 10:52	2.jpg 26b5d97e8271c10f757b5eb6778270f6 Malicious Library UPX PE File PE32 OS Processor Check VirusTotal Malware unpack itself Windows Remote Code Execution				3.2	M	57	ZeroCERT

48305	2024-09-23 10:54	Prototype.exe f52a6c6e1c8be6ea65f385f16d2680b6 Malicious Library Malicious Packer UPX PE File PE32 VirusTotal Malware unpack itself DNS crashed	1 Keyword trend analysis	1	1	2.8	M	59	ZeroCERT

48306	2024-09-23 10:54	66f00ee5b1ba6_cry.exe#kiscrypt... 0ce7cf7cb9d41ae3d473c334443c7293 Client SW User Data Stealer LokiBot ftp Client info stealer Malicious Library .NET framework(MSIL) UPX ASPack Http API PWS HTTP Code injection Internet API AntiDebug AntiVM PE File .NET EXE PE32 OS Processor Check FTP Client Info Stealer VirusTotal Malware Telegram Buffer PE PDB suspicious privilege MachineGuid Code Injection Malicious Traffic Check memory Checks debugger buffers extracted WMI unpack itself Windows utilities Collect installed applications suspicious process malicious URLs sandbox evasion WriteConsoleW anti-virtualization installed browsers check Tofsee Windows Browser ComputerName DNS Software	1 Keyword trend analysis	5	3	17.0	M	16	ZeroCERT

48307	2024-09-23 10:56	TripVPN.txt.lnk aa1b883c7ec107178c37188f3fd55961 Generic Malware Antivirus AntiDebug AntiVM Lnk Format GIF Format VirusTotal Malware powershell suspicious privilege Code Injection Check memory Checks debugger Creates shortcut unpack itself powershell.exe wrote suspicious process WriteConsoleW Windows ComputerName Cryptographic key				5.0		29	ZeroCERT

48308	2024-09-23 10:57	Extension2.exe d1ba5271cc1825702119cfd7e0232f81 Malicious Library Malicious Packer UPX PE File PE32 VirusTotal Malware unpack itself DNS crashed	1 Keyword trend analysis Info http://89.197.154.116:7810/sAF-Hb95OwOLTYpM7ZXwsQgEsvql3Gx6MJHfuQr8QdwRJXB7q4FYyI56qJG8zalB7qPf9Y2DgF4HohAo9zZHz5J6zulBUXtWgnGnggNFcsQikjL-e4grXzBikSLYainJD3tOK89zCOd7pp_0QdfoIKV-SRaleGy4oAkHR88EUwiPE3f6RWY6sd_-jrWrlj6IYEPUIMX_HdfnJMl8JutjGmpCb_ZVWaaX-Cv_abnB6xtSAMLOAGeP3lCuVD	1	1	2.8	M	66	ZeroCERT

48309	2024-09-23 10:57	Trial.bat 17dc31326e9dae6a4544b1914a3dd176 Generic Malware Downloader Antivirus Create Service Socket DGA Http API ScreenShot Escalate priviledges Steal credential PWS Sniff Audio HTTP DNS Code injection Internet API FTP KeyLogger P2P Hide_URL AntiDebug AntiVM PowerShell VirusTotal Malware powershell suspicious privilege Check memory Checks debugger Creates shortcut unpack itself powershell.exe wrote Check virtual network interfaces suspicious process WriteConsoleW Windows ComputerName DNS Cryptographic key		1		8.6		29	ZeroCERT

48310	2024-09-23 10:58	Uploader.exe b6b77de46fac92727df6141f2699e398 Malicious Packer UPX PE File PE32 VirusTotal Malware unpack itself DNS		1		2.6	M	55	ZeroCERT

48311	2024-09-23 11:00	notebyx.exe e4df42ee6fd39d7ef3cb767571a3d9cf Generic Malware Malicious Library UPX PE File PE32 OS Processor Check Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware suspicious privilege Check memory Checks debugger unpack itself Browser Email ComputerName Software crashed				5.0	M	52	ZeroCERT

48312	2024-09-23 11:02	66f063cce5470_crypted.exe#xin 5c1793984b272d7b5f5099b6ae44e15f ScreenShot AntiDebug AntiVM PE File .NET EXE PE32 VirusTotal Malware PDB Code Injection Check memory Checks debugger buffers extracted unpack itself				7.0	M	24	ZeroCERT

48313	2024-09-23 11:04	66f011901da27_crypted.exe#111 4e97e36dd5e4fae769cb1ade01d9be99 RedLine stealer ScreenShot PWS AntiDebug AntiVM PE File .NET EXE PE32 VirusTotal Malware PDB Code Injection Check memory Checks debugger buffers extracted unpack itself Windows DNS Cryptographic key		1		9.8	M	28	ZeroCERT

48314	2024-09-23 11:06	PI No.1070034483.exe 5724752f0760c7698b2a4fd2c0d6ed8f Generic Malware Malicious Library UPX PE File PE32 OS Processor Check VirusTotal Malware Check memory Checks debugger buffers extracted unpack itself				4.0		49	ZeroCERT

48315	2024-09-23 11:06	Journal.exe 59fc81032d61afec30ba06c776f7f3cd Malicious Library PE File PE64 Malware download Cobalt Strike Cobalt VirusTotal Malware RWX flags setting unpack itself ComputerName DNS	1 Keyword trend analysis	1	2	3.6	M	62	ZeroCERT