Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Rule	Score	Zero	VT	Player
48976	2021-02-05 15:38	vbc2.exe c648b664714a5ed4ff15787735699904 Browser Info Stealer LokiBot Malware download FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware c&c suspicious privilege MachineGuid Code Injection Malicious Traffic Check memory Checks debugger buffers extracted unpack itself malicious URLs installed browsers check Browser Email ComputerName Software	1 Keyword trend analysis	2	7 Info ET MALWARE LokiBot User-Agent (Charon/Inferno) ET MALWARE LokiBot Checkin ET MALWARE LokiBot Request for C2 Commands Detected M1 ET MALWARE LokiBot Request for C2 Commands Detected M2 ET MALWARE LokiBot Fake 404 Response ET MALWARE LokiBot Application/Credential Data Exfiltration Detected M1 ET MALWARE LokiBot Application/Credential Data Exfiltration Detected M2		12.6		23	ZeroCERT

48977	2021-02-05 15:25	tuXudol8ITEEzKM.exe 04806987d77c4b3895645c0e295cbaa3 VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself Windows utilities suspicious process malicious URLs WriteConsoleW Windows ComputerName DNS crashed					12.2	M	28	ZeroCERT

48978	2021-02-05 15:25	vbc.exe e158497c2c47e0a53ea646e151f2e717 VirusTotal Malware suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted unpack itself malicious URLs Windows Cryptographic key	1 Keyword trend analysis	2			8.6	M	23	ZeroCERT

48979	2021-02-05 13:14	regasm2.exe a082a6183bb96ed8477ec8cebe2109e4 Browser Info Stealer LokiBot Malware download FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware MachineGuid Code Injection Malicious Traffic Check memory Checks debugger buffers extracted unpack itself malicious URLs AntiVM_Disk VM Disk Size Check installed browsers check Browser Email ComputerName DNS Software	1 Keyword trend analysis	2	4		13.2	M	42	ZeroCERT

48980	2021-02-05 13:14	regasm3.exe c506001817f048e7565ef7f41fd9321f Browser Info Stealer LokiBot Malware download FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware c&c suspicious privilege MachineGuid Code Injection Malicious Traffic Check memory Checks debugger buffers extracted unpack itself malicious URLs installed browsers check Browser Email ComputerName Software	1 Keyword trend analysis	2	7 Info ET MALWARE LokiBot User-Agent (Charon/Inferno) ET MALWARE LokiBot Checkin ET MALWARE LokiBot Request for C2 Commands Detected M1 ET MALWARE LokiBot Application/Credential Data Exfiltration Detected M1 ET MALWARE LokiBot Request for C2 Commands Detected M2 ET MALWARE LokiBot Application/Credential Data Exfiltration Detected M2 ET MALWARE LokiBot Fake 404 Response		12.8	M	31	ZeroCERT

48981	2021-02-05 13:08	regasm.exe f2b7d891f7236a980d743f5148a36ac8 Browser Info Stealer LokiBot Malware download FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware c&c suspicious privilege MachineGuid Code Injection Malicious Traffic Check memory Checks debugger buffers extracted unpack itself malicious URLs AntiVM_Disk VM Disk Size Check installed browsers check Windows Browser Email ComputerName DNS Cryptographic key Software	1 Keyword trend analysis	2	7 Info ET MALWARE LokiBot User-Agent (Charon/Inferno) ET MALWARE LokiBot Checkin ET MALWARE LokiBot Application/Credential Data Exfiltration Detected M1 ET MALWARE LokiBot Request for C2 Commands Detected M1 ET MALWARE LokiBot Application/Credential Data Exfiltration Detected M2 ET MALWARE LokiBot Request for C2 Commands Detected M2 ET MALWARE LokiBot Fake 404 Response	1	13.2	M	11	ZeroCERT

48982	2021-02-05 13:08	network.exe 8ffbc7ce72a203f52368833190990559 VirusTotal Malware Malicious Traffic Check memory Checks debugger unpack itself Check virtual network interfaces Tofsee	1 Keyword trend analysis	2	1		2.8	M	22	ZeroCERT

48983	2021-02-05 12:55	KlalU0GjxacVNEE.exe 17ff2ad2a2b117aae7c52b34141caef1 VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger unpack itself Windows utilities suspicious process malicious URLs WriteConsoleW Windows ComputerName DNS					8.0	M	20	ZeroCERT

48984	2021-02-05 12:55	LdzUdqM70Jd4Zjm.exe 9af1d31fc9da0af0b87fc098a86c187c VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself Windows utilities suspicious process malicious URLs WriteConsoleW Windows ComputerName crashed					11.4	M	42	ZeroCERT

48985	2021-02-05 12:34	g1OsYVWymzBgTTt.exe 75e7f84fc3fb447922b02a1289a4d827 VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself Windows utilities suspicious process malicious URLs WriteConsoleW Windows ComputerName DNS crashed					12.6	M	41	ZeroCERT

48986	2021-02-05 12:34	HuH1YrrSqa5tWDV.exe e235d3d84b9f4b69c3cf33356e9d16b7 VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger unpack itself Windows utilities suspicious process malicious URLs WriteConsoleW Windows ComputerName					8.0	M	20	ZeroCERT

48987	2021-02-05 11:30	E6RVLMWo0fz1jFA.exe aa1f1eebd208b4a2bc51cbd86c0e4fb0 VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself Windows utilities suspicious process malicious URLs WriteConsoleW Windows ComputerName DNS crashed					12.4	M	34	ZeroCERT

48988	2021-02-05 11:30	fBqZ0SFcHFfoBIY.exe 70fb94fa32138898c7558d643b53160d VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself Windows utilities suspicious process malicious URLs WriteConsoleW Windows ComputerName crashed					12.0	M	43	ZeroCERT

48989	2021-02-05 11:08	kristy.xls ff400ee36939874c5276ed1f45a9d9ef VirusTotal Malware AutoRuns Code Injection Check memory Checks debugger buffers extracted ICMP traffic unpack itself Windows utilities suspicious process malicious URLs sandbox evasion WriteConsoleW Windows ComputerName	5 Keyword trend analysis	10	3		10.4		12	r0d

48990	2021-02-05 10:43	dog.exe d49afad32bdc8fe0fe14a6501422665d VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself Windows utilities suspicious process malicious URLs WriteConsoleW Windows ComputerName DNS crashed					13.0	M	38	ZeroCERT

Submissions

c648b664714a5ed4ff15787735699904

04806987d77c4b3895645c0e295cbaa3

e158497c2c47e0a53ea646e151f2e717

a082a6183bb96ed8477ec8cebe2109e4

c506001817f048e7565ef7f41fd9321f

f2b7d891f7236a980d743f5148a36ac8

8ffbc7ce72a203f52368833190990559

17ff2ad2a2b117aae7c52b34141caef1

9af1d31fc9da0af0b87fc098a86c187c

75e7f84fc3fb447922b02a1289a4d827

e235d3d84b9f4b69c3cf33356e9d16b7

aa1f1eebd208b4a2bc51cbd86c0e4fb0

70fb94fa32138898c7558d643b53160d

ff400ee36939874c5276ed1f45a9d9ef

d49afad32bdc8fe0fe14a6501422665d

View

Insert

Alert