Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Score	Zero	VT	Player
5101	2024-09-22 17:44	CodeSpaces.exe 0ae64215fbc26410679e9f8e12248b60 PE File .NET EXE PE32 VirusTotal Malware Check memory Checks debugger unpack itself ComputerName				2.0	M	38	ZeroCERT

5102	2024-09-22 17:43	tyh.exe 9c4b68850249e708088728ef30466d0a AsyncRAT task schedule Downloader Malicious Packer .NET framework(MSIL) UPX Create Service Socket DGA Http API ScreenShot Escalate priviledges Steal credential PWS Sniff Audio HTTP DNS Code injection Internet API FTP KeyLogger P2P AntiDebug AntiVM PE File VirusTotal Malware AutoRuns Code Injection Windows utilities suspicious process AppData folder WriteConsoleW Windows ComputerName				5.2	M	59	ZeroCERT

5103	2024-09-22 17:43	KeyFormed.exe a823c6a042891f63236b8ae3d9c13ba3 Generic Malware Downloader Malicious Library UPX Create Service Socket DGA Http API ScreenShot Escalate priviledges Steal credential PWS Hijack Network Sniff Audio HTTP DNS Code injection Internet API persistence FTP KeyLogger P2P AntiDebug AntiVM PE File VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger WMI Creates executable files unpack itself Windows utilities suspicious process malicious URLs sandbox evasion WriteConsoleW Windows ComputerName				7.4	M	25	ZeroCERT

5104	2024-09-22 17:42	66ee79315857f_setup33333.exe#l... 2f59fbd6623872fbdc2f63d18023bfda Malicious Library UPX PE File PE32 OS Processor Check VirusTotal Malware unpack itself RCE				1.8	M	28	ZeroCERT

5105	2024-09-22 17:38	JavaX-Helper.exe dc2b184d9a0235002ea6626da9aa89ad Malicious Library Antivirus UPX PE File .NET EXE PE32 OS Processor Check VirusTotal Malware suspicious privilege MachineGuid Check memory Checks debugger unpack itself AntiVM_Disk VM Disk Size Check Windows ComputerName Cryptographic key				4.0	M	57	ZeroCERT

5106	2024-09-22 17:37	990.exe aace5ed77f7d47cad3e45e0ccdc5411c Generic Malware Malicious Library UPX PE File PE32 OS Processor Check VirusTotal Malware Tofsee		2	2	1.4	M	54	ZeroCERT

5107	2024-09-22 17:36	pqo7.exe 663d0436397ed16b1f6f665941676469 PE File .NET EXE PE32 VirusTotal Malware Check memory Checks debugger unpack itself ComputerName				2.0	M	34	ZeroCERT

5108	2024-09-22 17:35	weseethepicturewithnewthingswi... ff64b33fa40cc3a4224a944bb5eb0d0b MS_RTF_Obfuscation_Objects RTF File doc VirusTotal Malware Malicious Traffic exploit crash unpack itself Tofsee Exploit DNS crashed	1 Keyword trend analysis	3	1	4.6	M	39	ZeroCERT

5109	2024-09-22 17:34	svchost.exe c07546595e442004cc042bdccc7be9dd Generic Malware Antivirus PE File .NET EXE PE32 VirusTotal Malware powershell AutoRuns suspicious privilege MachineGuid Check memory Checks debugger Creates shortcut Creates executable files unpack itself Windows utilities suspicious process AppData folder AntiVM_Disk WriteConsoleW VM Disk Size Check Windows ComputerName Cryptographic key				8.0	M	20	ZeroCERT

5110	2024-09-22 17:33	weneednicepicturewithyousheisv... 248f534e473f9a51934121421533ecd9 MS_RTF_Obfuscation_Objects RTF File doc VirusTotal Malware Malicious Traffic exploit crash unpack itself Tofsee Exploit DNS crashed	1 Keyword trend analysis	3	1	4.6	M	38	ZeroCERT

5111	2024-09-22 17:32	nicetomeetyouthepersonwhowantt... 0d757ee344608da8c37c0615639f3cca MS_RTF_Obfuscation_Objects RTF File doc VirusTotal Malware Malicious Traffic RWX flags setting exploit crash Tofsee Exploit DNS crashed	1 Keyword trend analysis	3	1	4.6	M	36	ZeroCERT

5112	2024-09-22 17:31	66ef2d38305f6_crypted.exe#1 c61cc62b59b5959951d1158887b20b7b RedLine stealer Antivirus ScreenShot PWS AntiDebug AntiVM PE File .NET EXE PE32 Browser Info Stealer RedLine Malware download FTP Client Info Stealer VirusTotal Malware Microsoft PDB suspicious privilege Code Injection Check memory Checks debugger buffers extracted WMI unpack itself Collect installed applications installed browsers check Stealer Windows Browser ComputerName DNS Cryptographic key Software crashed		1	6 Info ET DROP Spamhaus DROP Listed Traffic Inbound group 37 ET INFO Microsoft net.tcp Connection Initialization Activity ET MALWARE Redline Stealer TCP CnC Activity ET MALWARE [ANY.RUN] RedLine Stealer/MetaStealer Family Related (MC-NMF Authorization) ET MALWARE Redline Stealer TCP CnC - Id1Response ET MALWARE Redline Stealer/MetaStealer Family Activity (Response)	12.8	M	28	ZeroCERT

5113	2024-09-22 17:29	66e8772555389_lsndfsg.exe a5098dee7d78acfb0294523855906aad Antivirus PE File .NET EXE PE32 VirusTotal Malware PDB Check memory Checks debugger unpack itself WriteConsoleW ComputerName				3.0	M	45	ZeroCERT

5114	2024-09-22 17:29	66eea6336b153_app1654040698346... e8e6cd9ec48fafccc174f7bf07d045e2 RedLine stealer Antivirus ScreenShot PWS AntiDebug AntiVM PE File .NET EXE PE32 VirusTotal Malware PDB Code Injection Check memory Checks debugger buffers extracted unpack itself Windows DNS Cryptographic key		1		10.8	M	42	ZeroCERT

5115	2024-09-22 17:27	weskineverythingtobeperfectwit... c496e9e3167af07c0c305a267d462140 MS_RTF_Obfuscation_Objects RTF File doc VirusTotal Malware Malicious Traffic RWX flags setting exploit crash Tofsee Exploit DNS crashed	1 Keyword trend analysis	3	1	4.8	M	40	ZeroCERT