Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Rule	Score	Zero	VT	Player
5731	2024-09-13 09:16	66e3391fc33b4_Setup11.exe 1d9867f060ccc14263204c633b36968f Generic Malware Malicious Library Malicious Packer Antivirus UPX PE File PE64 VirusTotal Malware					0.4		7	ZeroCERT

5732	2024-09-13 09:16	test.docx 02820a3acfff189e96d8016cba9adb88 Word 2007 file format(docx) ZIP Format VirusTotal Malware MachineGuid Check memory RWX flags setting exploit crash unpack itself Tofsee GameoverP2P Zeus Exploit ComputerName Trojan Banking crashed		2	2		5.0		2	ZeroCERT

5733	2024-09-13 09:14	vgwg12.exe 50f3f2766c704399745f68056e6d19e3 Stealc Client SW User Data Stealer LokiBot ftp Client info stealer Antivirus Malicious Library Http API PWS HTTP Code injection Internet API AntiDebug AntiVM PE File .NET EXE PE32 FTP Client Info Stealer VirusTotal Malware Telegram PDB MachineGuid Code Injection Malicious Traffic Check memory Checks debugger buffers extracted WMI unpack itself Windows utilities Collect installed applications suspicious process malicious URLs sandbox evasion WriteConsoleW anti-virtualization installed browsers check Tofsee Windows Browser ComputerName DNS Software	1 Keyword trend analysis	5	3	1	16.2	M	33	ZeroCERT

5734	2024-09-13 09:13	file.exe 81ab6efc7f70bfccf8669c4be6b8098c Malicious Library UPX PE File PE32 OS Processor Check VirusTotal Malware Checks debugger					1.0		12	ZeroCERT

5735	2024-09-13 09:12	66e34827a9d4e_driver.exe 32ae51ec5c2a5b248bafe9cbd3db5d85 Generic Malware Malicious Library Malicious Packer UPX PE File DllRegisterServer dll PE32 OS Processor Check VirusTotal Malware					1.0		21	ZeroCERT

5736	2024-09-12 18:32	66e27cc59b93f_111.exe 24fbb160ccad6b035b0ed7e1070f820f RedLine stealer RedLine Infostealer Generic Malware UltraVNC Malicious Library UPX Antivirus ScreenShot PWS AntiDebug AntiVM PE File PE32 OS Processor Check .NET EXE Browser Info Stealer RedLine Malware download FTP Client Info Stealer VirusTotal Malware Microsoft PDB suspicious privilege Code Injection Check memory Checks debugger buffers extracted WMI Creates executable files unpack itself Collect installed applications installed browsers check Stealer Windows Browser ComputerName RCE DNS Cryptographic key Software crashed		2	5 Info ET INFO Microsoft net.tcp Connection Initialization Activity ET MALWARE Redline Stealer TCP CnC Activity ET MALWARE [ANY.RUN] RedLine Stealer/MetaStealer Family Related (MC-NMF Authorization) ET MALWARE Redline Stealer TCP CnC - Id1Response ET MALWARE Redline Stealer/MetaStealer Family Activity (Response)		14.4	M	44	ZeroCERT

5737	2024-09-12 18:23	66e27cc59b93f_111.exe 24fbb160ccad6b035b0ed7e1070f820f RedLine stealer RedLine Infostealer Generic Malware UltraVNC Malicious Library UPX Antivirus ScreenShot PWS AntiDebug AntiVM PE File PE32 OS Processor Check .NET EXE Browser Info Stealer FTP Client Info Stealer VirusTotal Malware PDB suspicious privilege Code Injection Check memory Checks debugger buffers extracted WMI Creates executable files unpack itself Collect installed applications installed browsers check Windows Browser ComputerName RCE DNS Cryptographic key Software crashed		2			14.4	M	44	ZeroCERT

5738	2024-09-12 18:22	66e29b86a36a0_file.exe#xin 7d5c425aafcc98b28917c5853b12a86e RedLine stealer Antivirus PWS AntiDebug AntiVM PE File .NET EXE PE32 VirusTotal Malware PDB Code Injection Check memory Checks debugger buffers extracted unpack itself DNS		1			8.4	M	31	ZeroCERT

5739	2024-09-12 18:10	new_image.jpg.exe 15a1d8603a7cfb0b8d6015955a9f5f6f Malicious Library Malicious Packer UPX PE File DLL PE32 .NET DLL OS Processor Check VirusTotal Malware PDB					1.0		27	ZeroCERT

5740	2024-09-12 18:10	v.exe 9b8cbe00ee318c8784892a5211f3d3b0 RedLine stealer Malicious Library PE File .NET EXE PE32 VirusTotal Malware suspicious privilege MachineGuid Check memory Checks debugger buffers extracted unpack itself Windows ComputerName Cryptographic key					3.8	M	59	ZeroCERT

5741	2024-09-12 17:43	[자문]북한 신형 자폭드론.msc 391fa4e57f91e3422ef5d32523d4dfc7 ScreenShot KeyLogger AntiDebug AntiVM VirusTotal Malware MachineGuid Code Injection Check memory RWX flags setting unpack itself					2.8		12	ZeroCERT

5742	2024-09-12 15:53	pictureisthebestwaytogetmeback... cb792a6d691eccb32ae444ae0aba5cfa Generic Malware Antivirus Hide_URL PowerShell powershell suspicious privilege Check memory Checks debugger Creates shortcut unpack itself Check virtual network interfaces suspicious process WriteConsoleW Tofsee Windows ComputerName Cryptographic key	1 Keyword trend analysis	2	1		7.2			ZeroCERT

5743	2024-09-12 15:48	lfnsda.exe c54262d9605b19cd8d417ad7bc075c11 Antivirus ScreenShot AntiDebug AntiVM PE File .NET EXE PE32 VirusTotal Malware PDB Code Injection Check memory Checks debugger buffers extracted unpack itself					7.0		22	ZeroCERT

5744	2024-09-12 13:15	vhtrw.exe e1001c8649ac77faeb446d8ff91f50d2 Stealc Client SW User Data Stealer LokiBot ftp Client info stealer Antivirus Malicious Library Http API PWS HTTP Code injection Internet API AntiDebug AntiVM PE File .NET EXE PE32 FTP Client Info Stealer VirusTotal Malware Telegram PDB MachineGuid Code Injection Malicious Traffic Check memory Checks debugger buffers extracted WMI unpack itself Windows utilities Collect installed applications suspicious process malicious URLs sandbox evasion WriteConsoleW anti-virtualization installed browsers check Tofsee Windows Browser ComputerName DNS Software	1 Keyword trend analysis	6	3	1	18.0	M	46	ZeroCERT

5745	2024-09-12 13:15	vhrt12.exe 6a6554a97cabd9a8c53fd82631dabc4d Stealc Client SW User Data Stealer LokiBot ftp Client info stealer Antivirus Malicious Library Http API PWS HTTP Code injection Internet API AntiDebug AntiVM PE File .NET EXE PE32 FTP Client Info Stealer VirusTotal Malware Telegram PDB MachineGuid Code Injection Malicious Traffic Check memory Checks debugger buffers extracted WMI unpack itself Windows utilities Collect installed applications suspicious process malicious URLs sandbox evasion WriteConsoleW anti-virtualization installed browsers check Tofsee Windows Browser ComputerName DNS Software	2 Keyword trend analysis	5	3	1	15.2	M	36	ZeroCERT