popup

Submissions

No Date Request Urls Hosts IDS Rule Score Zero VT Player Etc
5686 2024-09-17 13:20 66e4638fb0392_otrrac.exe#kisot...  

a1b876e3a538a90e720d9b2ba7fbfd71


Malicious Library Http API ScreenShot PWS HTTP Internet API AntiDebug AntiVM PE File .NET EXE PE32 VirusTotal Malware PDB MachineGuid Code Injection Check memory Checks debugger buffers extracted unpack itself DNS 		1 9.2 52 ZeroCERT

5687 2024-09-17 13:18 vfdns12.exe  

95e56babf9f2cb4e5465bd164fd0e916


Stealc Client SW User Data Stealer LokiBot ftp Client info stealer Antivirus Malicious Library Http API PWS HTTP Code injection Internet API AntiDebug AntiVM PE File .NET EXE PE32 FTP Client Info Stealer VirusTotal Malware Telegram PDB MachineGuid Code Injection Malicious Traffic Check memory Checks debugger buffers extracted WMI unpack itself Windows utilities Collect installed applications suspicious process malicious URLs sandbox evasion WriteConsoleW anti-virtualization installed browsers check Tofsee Windows Browser ComputerName DNS Software 		1 5 3 1 14.8 M 51 ZeroCERT

5688 2024-09-17 13:18 me.exe  

b691fc64d3750b2f7fd2041064f7cbc4


ASPack UPX PE File PE32 MZP Format VirusTotal Malware Check memory Creates executable files unpack itself Windows utilities AppData folder WriteConsoleW Windows 		4.2 33 ZeroCERT

5689 2024-09-16 18:52 epp32.exe  

7440694cba7601b5c1cbf10e1a71bf5d


North Korea Malicious Library .NET framework(MSIL) UPX PE File .NET EXE PE32 VirusTotal Malware Check memory Checks debugger unpack itself 		1.8 15 ZeroCERT

5690 2024-09-16 18:52 epp64.exe  

ab71322204ed36a0791c3587b098f80e


North Korea Malicious Library UPX PE File PE64 VirusTotal Malware Check memory Checks debugger unpack itself 		1.8 10 ZeroCERT

5691 2024-09-16 00:32 com.apple.StreamingUnzipServic...  

d07742b02d523770d207b0bf47045b73


AntiDebug AntiVM Email Client Info Stealer suspicious privilege Checks debugger Creates shortcut unpack itself installed browsers check Browser Email ComputerName 		3.4 guest

5692 2024-09-16 00:30 com.apple.StreamingUnzipServic...  

d07742b02d523770d207b0bf47045b73


AntiDebug AntiVM Email Client Info Stealer suspicious privilege Checks debugger Creates shortcut unpack itself installed browsers check Browser Email ComputerName 		3.4 guest

5693 2024-09-15 00:22 SearcherBar.lnk  

9226ae2c94c666419fb8ec35ec248d08


Generic Malware AntiDebug AntiVM Lnk Format GIF Format VirusTotal Malware Code Injection Check memory Creates shortcut RWX flags setting unpack itself suspicious process 		3.2 1 guest

5694 2024-09-14 09:48 Setup.7z  

4d9ad7c00699115a773f8ad0f2df7a17


Generic Malware Browser Info Stealer MachineGuid Code Injection Checks debugger exploit crash installed browsers check Exploit Browser crashed 		3.2 guest

5695 2024-09-13 17:15 vdsn15.exe  

53ec7e5668474c14f4288fe3f21de5d6


Stealc Client SW User Data Stealer LokiBot ftp Client info stealer Antivirus Malicious Library Http API PWS HTTP Code injection Internet API AntiDebug AntiVM PE File .NET EXE PE32 FTP Client Info Stealer VirusTotal Malware Telegram PDB MachineGuid Code Injection Malicious Traffic Check memory Checks debugger buffers extracted WMI unpack itself Windows utilities Collect installed applications suspicious process malicious URLs sandbox evasion WriteConsoleW anti-virtualization installed browsers check Tofsee Windows Browser ComputerName DNS Software 		1 5 3 1 15.0 M 28 ZeroCERT

5696 2024-09-13 17:14 sgmfd.exe  

a991933b29e1203af5c3df1d62d0b247


Stealc Client SW User Data Stealer ftp Client info stealer Antivirus Http API PWS AntiDebug AntiVM PE File .NET EXE PE32 Browser Info Stealer Malware download Vidar VirusTotal Malware c&c PDB Code Injection Malicious Traffic Check memory Checks debugger buffers extracted Creates executable files unpack itself Collect installed applications sandbox evasion anti-virtualization installed browsers check Stealc Stealer Windows Browser ComputerName DNS plugin 		9 1 15 2 12.2 M 31 ZeroCERT

5697 2024-09-13 17:14 vfdnwe.exe  

257eb69581fd80827932ed434d32470f


Stealc Client SW User Data Stealer LokiBot ftp Client info stealer Antivirus Malicious Library Http API PWS HTTP Code injection Internet API AntiDebug AntiVM PE File .NET EXE PE32 FTP Client Info Stealer VirusTotal Malware Telegram PDB MachineGuid Code Injection Malicious Traffic Check memory Checks debugger buffers extracted WMI unpack itself Windows utilities Collect installed applications suspicious process malicious URLs sandbox evasion WriteConsoleW anti-virtualization installed browsers check Tofsee Windows Browser ComputerName DNS Software 		1 5 3 1 16.0 M 44 ZeroCERT

5698 2024-09-13 17:11 lfndsa.exe  

3b70f595f8cfd880ef64aff3d20a6bb2


Antivirus ScreenShot AntiDebug AntiVM PE File .NET EXE PE32 VirusTotal Malware PDB Code Injection Check memory Checks debugger buffers extracted unpack itself 		7.4 40 ZeroCERT

5699 2024-09-13 17:09 66e3d809bb461_lnfds.exe  

7481ff6db32ee36750c107dfa942550a


Antivirus ScreenShot AntiDebug AntiVM PE File .NET EXE PE32 VirusTotal Malware PDB Code Injection Check memory Checks debugger buffers extracted unpack itself 		7.2 31 ZeroCERT

5700 2024-09-13 17:09 66e3d964a96d8_lfndsa.exe  

b72fdd09e3b05fedfe301161ec109cec


Antivirus ScreenShot AntiDebug AntiVM PE File .NET EXE PE32 VirusTotal Malware PDB Code Injection Check memory Checks debugger buffers extracted unpack itself 		7.2 30 ZeroCERT

keyword