popup

Submissions

No Date Request Urls Hosts IDS Rule Score Zero VT Player Etc
49246 2024-10-31 18:04 xnsjjxja.exe  

fca874fcb9f344ec26f3ae4d359e75d7


Generic Malware Malicious Library UPX ScreenShot AntiDebug AntiVM PE File PE32 OS Processor Check VirusTotal Malware PDB Code Injection buffers extracted unpack itself crashed 		7.2 52 ZeroCERT

49247 2024-10-31 18:04 XClient.exe  

5c48fe3471cf8db3c8c1cc1278566ec7


Antivirus UPX PE File .NET EXE PE32 OS Processor Check VirusTotal Malware Telegram AutoRuns suspicious privilege MachineGuid Check memory Checks debugger Creates shortcut Creates executable files unpack itself Windows utilities Check virtual network interfaces suspicious process AntiVM_Disk WriteConsoleW VM Disk Size Check Windows ComputerName DNS keylogger 		1 1 7.6 52 ZeroCERT

49248 2024-10-31 18:05 svchost.exe  

89cb569b09d6c8ee3173123f7b2a9014


Malicious Library .NET framework(MSIL) UPX PE File .NET EXE PE32 OS Processor Check VirusTotal Malware Check memory Checks debugger unpack itself ComputerName 		1.8 27 ZeroCERT

49249 2024-10-31 18:06 Loader_seyhhd.exe  

d51eb63974474a6e7547c8f3ee8f5c93


Downloader PE File PE64 VirusTotal Malware 		1.6 37 ZeroCERT

49250 2024-10-31 18:09 seniorcommunicatepro.exe  

485927fe0c19012f31f1ef565254b374


Emotet Gen1 Malicious Library UPX PE File PE64 CAB .NET EXE PE32 VirusTotal Malware AutoRuns PDB Check memory Checks debugger Creates executable files unpack itself Check virtual network interfaces AppData folder Windows Remote Code Execution DNS 		1 7.4 48 ZeroCERT

49251 2024-10-31 18:09 minecraft.exe  

09718d571b01cb93e6f983be7b99a4b2


Gen1 Generic Malware UPX Malicious Library Malicious Packer Antivirus AntiDebug AntiVM PE File PE64 DLL OS Processor Check ftp PE32 VirusTotal Malware suspicious privilege Code Injection Check memory WMI Creates executable files Windows utilities suspicious process WriteConsoleW Ransomware Windows ComputerName 		7.8 42 ZeroCERT

49252 2024-10-31 18:09 kling.bat  

7cdc721068ac95fac15070f34e863e9a


Downloader Create Service Socket DGA Http API ScreenShot Escalate priviledges Steal credential PWS Sniff Audio HTTP DNS Code injection Internet API FTP KeyLogger P2P AntiDebug AntiVM VirusTotal Malware Code Injection Check memory unpack itself Windows utilities suspicious process WriteConsoleW Windows 		3.8 4 ZeroCERT

49253 2024-10-31 18:09 sameconcentratepro.exe  

b4902df58bcac6bfe6a72a91ea30e051


Emotet Gen1 Malicious Library UPX PE File PE64 CAB VirusTotal Malware AutoRuns PDB MachineGuid Check memory Checks debugger Creates executable files unpack itself Check virtual network interfaces Windows Remote Code Execution DNS 		1 5.4 17 ZeroCERT

49254 2024-10-31 18:11 focustaskprobr.exe  

5bc2209e6ba6e6534b35494182d8cc66


Emotet Gen1 Malicious Library UPX PE File PE64 CAB .NET EXE PE32 VirusTotal Malware AutoRuns PDB Check memory Checks debugger Creates executable files unpack itself Check virtual network interfaces AppData folder Windows Remote Code Execution DNS 		1 7.2 34 ZeroCERT

49255 2024-10-31 18:13 Luma.exe  

998c59d4bf9c18e798a6db77f7ce10f9


Generic Malware Malicious Library UPX ScreenShot AntiDebug AntiVM PE File PE32 OS Processor Check VirusTotal Malware Code Injection buffers extracted unpack itself crashed 		8.2 41 ZeroCERT

49256 2024-10-31 18:15 4n.exe  

0680170d17b99321500944eb7deded51


Hide_EXE Generic Malware Malicious Library Malicious Packer UPX PE File DllRegisterServer dll PE32 OS Processor Check VirusTotal Malware 		1.4 45 ZeroCERT

49257 2024-11-01 08:41 WdBoot.sys  

13555e269374c1ccf866cfa351625852


Generic Malware PE File PE64 PDB Remote Code Execution 		0.6 guest

49258 2024-11-01 09:19 123321.exe  

a917b1d8182ab760220c1f9a59c5576c


Generic Malware Malicious Library Malicious Packer UPX PE File PE64 OS Processor Check VirusTotal Malware unpack itself crashed 		1.6 34 ZeroCERT

49259 2024-11-01 09:21 xnsjjxja.exe  

500904922500a6b286ebc7b6aa791e24


Generic Malware Malicious Library Malicious Packer UPX PE File .NET EXE PE32 DLL OS Processor Check VirusTotal Malware Check memory Checks debugger Creates executable files unpack itself AppData folder crashed 		3.2 30 ZeroCERT

49260 2024-11-01 09:22 cred64.dll  

609b797441d054c5b5585b6464ad31b6


Generic Malware Malicious Library UPX Antivirus PE File DLL PE64 OS Processor Check Browser Info Stealer FTP Client Info Stealer VirusTotal Malware Cryptocurrency wallets Cryptocurrency powershell PDB suspicious privilege MachineGuid Check memory Checks debugger Creates shortcut unpack itself Windows utilities powershell.exe wrote suspicious process sandbox evasion installed browsers check Windows Browser ComputerName DNS Cryptographic key Software 		1 9.6 54 ZeroCERT

keyword