popup

Submissions

No Date Request Urls Hosts IDS Rule Score Zero VT Player Etc
5341 2024-02-12 19:42 amert.exe  

bc5023306fc8985f32a0a9e78156e17e


UPX PE32 PE File AutoRuns Checks debugger unpack itself Checks Bios Detects VMWare AppData folder VMware anti-virtualization Windows crashed 		5.2 M ZeroCERT

5342 2024-02-12 19:42 joekr1234.exe  

8eee0f0bcbb9d63691ac5cda65dfc44c


PE File PE64 Cryptocurrency Miner Cryptocurrency DNS CoinMiner 		3 2 0.8 M ZeroCERT

5343 2024-02-12 19:41 FloydRouters.exe  

399445b6d3206ed89cba61889fc0ea28


Gen1 Suspicious_Script_Bin Hide_EXE Generic Malware Downloader Malicious Library UPX Http API ScreenShot Escalate priviledges HTTP Code injection Internet API KeyLogger Create Service Socket DGA Steal credential PWS Hijack Network Sniff Audio DNS persiste VirusTotal Cryptocurrency Miner Malware Cryptocurrency Buffer PE AutoRuns suspicious privilege Code Injection Checks debugger buffers extracted WMI Creates executable files unpack itself Windows utilities suspicious process malicious URLs AntiVM_Disk sandbox evasion WriteConsoleW VM Disk Size Check Windows Tor ComputerName DNS CoinMiner 		5 5 12.6 M 37 ZeroCERT

5344 2024-02-12 19:38 DeafSold.exe  

0db03266df49859c1f9c0ff26a5b8523


Gen1 Hide_EXE Generic Malware Suspicious_Script_Bin Downloader Malicious Library UPX Create Service Socket DGA Http API ScreenShot Escalate priviledges Steal credential PWS Hijack Network Sniff Audio HTTP DNS Code injection Internet API persistence FTP Ke VirusTotal Malware Telegram suspicious privilege MachineGuid Code Injection Malicious Traffic Check memory Checks debugger WMI Creates executable files unpack itself Windows utilities suspicious process AppData folder malicious URLs AntiVM_Disk sandbox evasion WriteConsoleW VM Disk Size Check Tofsee Windows ComputerName DNS 		2 6 3 10.2 M 35 ZeroCERT

5345 2024-02-12 19:37 payload_x64.ps1  

b30b86d1b5313f5858f660f4d965eb1f


Generic Malware Antivirus unpack itself DNS 		1 1.0 ZeroCERT

5346 2024-02-12 19:35 goldman1234.exe  

5f4f97f402bcd5935346a94e47299ec1


PE File PE64 VirusTotal Cryptocurrency Miner Malware Cryptocurrency DNS CoinMiner 		2 2 1.4 M 55 ZeroCERT

5347 2024-02-12 19:35 rust.exe  

115d6ee93e2f4cd90df77348227b4d7f


Generic Malware Malicious Library Malicious Packer UPX PE32 PE File OS Processor Check VirusTotal Malware 		0.6 M 17 ZeroCERT

5348 2024-02-12 19:33 kehu.exe  

14cf9b91b412d3ccda85fc99ac83e73c


RedlineStealer RedLine stealer .NET framework(MSIL) UPX PE32 PE File .NET EXE OS Processor Check Browser Info Stealer RedLine Malware download FTP Client Info Stealer VirusTotal Malware Microsoft suspicious privilege Check memory Checks debugger buffers extracted unpack itself Collect installed applications installed browsers check Stealer Windows Browser ComputerName DNS Cryptographic key Software crashed 		1 5 6.2 M 55 ZeroCERT

5349 2024-02-12 19:33 Secure_Vortex.exe  

81f7c882cbb9d5fc05e3fb7df0bd43a5


Malicious Packer UPX PE File PE64 OS Processor Check VirusTotal Malware PDB MachineGuid Malicious Traffic unpack itself Tofsee DNS 		2 3 2 3.4 M 14 ZeroCERT

5350 2024-02-12 17:44 beacon_wlan0.exe  

0be1135ad4c034fbe0f5437ae386cad2


Malicious Library PE32 PE File VirusTotal Malware RWX flags setting unpack itself ComputerName DNS 		2 4.6 M 63 ZeroCERT

5351 2024-02-12 17:43 async.wsf  

14ae0d6309130a8312353779fd2abf30


Generic Malware Antivirus PowerShell powershell suspicious privilege Check memory Checks debugger buffers extracted wscript.exe payload download Creates shortcut Creates executable files unpack itself Check virtual network interfaces suspicious process WriteConsoleW Windows ComputerName DNS Cryptographic key 		2 1 2 9.2 ZeroCERT

5352 2024-02-12 17:42 monetkamoya.exe  

e9adf3fcd6efd04ad2d9fcbb0c652a5d


PE File PE64 VirusTotal Cryptocurrency Miner Malware Cryptocurrency DNS CoinMiner 		2 2 1.4 M 51 ZeroCERT

5353 2024-02-12 17:40 beacon_test.exe  

399c8e3cde9997b61643f4271b749715


Malicious Library PE32 PE File VirusTotal Malware RWX flags setting unpack itself ComputerName 		3.6 M 64 ZeroCERT

5354 2024-02-12 17:38 RuntimeBroker.EXE  

7e0ec75c05e1ed3fca184fbb286c011c


Emotet Gen1 Generic Malware Malicious Library UPX Antivirus PE File PE64 CAB VirusTotal Malware AutoRuns PDB suspicious privilege Check memory Checks debugger Creates shortcut Creates executable files unpack itself Windows utilities WriteConsoleW Windows ComputerName Remote Code Execution Cryptographic key 		5.8 M 21 ZeroCERT

5355 2024-02-12 17:35 beacon_b64.hta  

391f23c790f169f5b5b9eed2613e1f38


Hide_EXE SUSP_Certificate_file VirusTotal Malware Check memory RWX flags setting 		1.4 22 ZeroCERT

keyword