popup

Submissions

No Date Request Urls Hosts IDS Rule Score Zero VT Player Etc
50161 2020-11-21 17:09 document.doc  

bdf4feb317e41d2c450e006e90836e88


VirusTotal Malware exploit crash unpack itself malicious URLs Windows Exploit DNS crashed 		4 2 5.2 M 27 guest

50162 2020-11-21 17:06 BQoFEXaNOEtJ9dC.exe  

cbd9b726eb72d78bfba34ae1a7719ef2


VirusTotal Malware suspicious privilege Malicious Traffic Check memory Checks debugger Creates executable files unpack itself Windows utilities Check virtual network interfaces suspicious process AppData folder malicious URLs WriteConsoleW Ransomware Windows Tor ComputerName DNS crashed 		1 2 11.4 M 44 guest

50163 2020-11-21 17:05 azchgftrq.exe  

b403152a9d1a6e02be9952ff3ea10214


VirusTotal Malware suspicious privilege MachineGuid Code Injection Malicious Traffic Check memory Checks debugger buffers extracted Creates executable files unpack itself Check virtual network interfaces AppData folder malicious URLs Windows ComputerName 		2 5 13.6 M 26 guest

50164 2020-11-20 18:47 azchgftrq.exe  

b403152a9d1a6e02be9952ff3ea10214


Browser Info Stealer Malware download Vidar VirusTotal Email Client Info Stealer Malware Cryptocurrency wallets Cryptocurrency suspicious privilege MachineGuid Code Injection Malicious Traffic Check memory Checks debugger buffers extracted WMI Creates executable files ICMP traffic unpack itself Windows utilities Collect installed applications Check virtual network interfaces suspicious process AppData folder malicious URLs WriteConsoleW anti-virtualization installed browsers check OskiStealer Stealer Windows Browser Email ComputerName DNS 		10 3 6 20.2 M 26 guest

50165 2020-11-20 18:46 ac.exe  

49ba8ccea19e418fd166e89e46e2897f


VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself malicious URLs 		3 9.8 M 48 guest

50166 2020-11-20 14:13 ac.exe  

49ba8ccea19e418fd166e89e46e2897f


VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger buffers extracted ICMP traffic unpack itself malicious URLs 		3 10.2 M 20 admin

50167 2020-11-20 14:10 ac.exe  

49ba8ccea19e418fd166e89e46e2897f


VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself malicious URLs 		3 9.4 M 20 guest

50168 2020-11-20 13:59 ac.exe  

49ba8ccea19e418fd166e89e46e2897f


VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger buffers extracted ICMP traffic unpack itself malicious URLs DNS 		3 11.2 M 20 guest

50169 2020-11-20 13:57 uwgi에러.txt  

099d5cbb5f4db4f3a73b3fa6ca869273


Check memory unpack itself 		1.0 admin

50170 2020-11-20 13:57 411.exe  

2398469593c9dec9561a556b30f6d63a


VirusTotal Malware Buffer PE AutoRuns suspicious privilege Code Injection Check memory Checks debugger buffers extracted Creates executable files unpack itself Windows utilities suspicious process AppData folder malicious URLs Ransomware Windows Tor ComputerName Cryptographic key crashed 		14.8 M 54 guest

50171 2020-11-20 13:56 8YAOuE8zfTpo1M9.exe  

7e305229b6f13f866e2cae249318c9e3


VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger buffers extracted Creates executable files unpack itself Windows utilities suspicious process AppData folder malicious URLs WriteConsoleW Ransomware Windows Tor ComputerName DNS crashed 		14.2 M 21 guest

50172 2020-11-20 13:56 8YAOuE8zfTpo1M9.exe  

7e305229b6f13f866e2cae249318c9e3


VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger buffers extracted Creates executable files unpack itself Windows utilities suspicious process AppData folder malicious URLs WriteConsoleW Ransomware Windows Tor ComputerName crashed 		13.6 M 21 guest

50173 2020-11-20 13:51 uwgi에러.txt  

099d5cbb5f4db4f3a73b3fa6ca869273


Check memory unpack itself 		1.0 admin

50174 2020-11-20 13:50 uwgi에러.txt  

099d5cbb5f4db4f3a73b3fa6ca869273


Check memory unpack itself 		1.0 admin

50175 2020-11-20 13:47 uwgi에러.txt  

099d5cbb5f4db4f3a73b3fa6ca869273


Check memory unpack itself 		1.0 admin

keyword