Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Rule	Score	Zero	VT	Player
5821	2024-09-10 10:08	66df1683e162e_12.exe#d12 317a685e8d63e4fa4d16876659095b82 Stealc Client SW User Data Stealer LokiBot ftp Client info stealer Antivirus Malicious Library Http API PWS HTTP Code injection Internet API AntiDebug AntiVM PE File .NET EXE PE32 FTP Client Info Stealer VirusTotal Malware Telegram PDB MachineGuid Code Injection Malicious Traffic Check memory Checks debugger buffers extracted WMI unpack itself Windows utilities Collect installed applications suspicious process malicious URLs sandbox evasion WriteConsoleW anti-virtualization installed browsers check Tofsee Windows Browser ComputerName DNS Software	1 Keyword trend analysis	5	3	1	16.2	M	31	ZeroCERT

5822	2024-09-10 09:51	66dd9bbd1c1b9_w2.exe#ww2metaki... 8643394f91138d207dda09b2c98ed18e RedLine stealer Malicious Library .NET framework(MSIL) PE File .NET EXE PE32 VirusTotal Malware MachineGuid Check memory Checks debugger unpack itself					2.2		45	ZeroCERT

5823	2024-09-09 10:46	vjgg.exe 3745160eac67b0511940bad6f7811903 Stealc Client SW User Data Stealer LokiBot ftp Client info stealer Antivirus Malicious Library Http API PWS HTTP Code injection Internet API AntiDebug AntiVM PE File .NET EXE PE32 FTP Client Info Stealer VirusTotal Malware Telegram PDB MachineGuid Code Injection Malicious Traffic Check memory Checks debugger buffers extracted WMI unpack itself Windows utilities Collect installed applications suspicious process malicious URLs sandbox evasion WriteConsoleW anti-virtualization installed browsers check Tofsee Windows Browser ComputerName DNS Software	2 Keyword trend analysis	5	3	1	15.4	M	41	ZeroCERT

5824	2024-09-09 10:45	lnef.exe 1c3de51950332122d75feeca0eef8afe Antivirus ScreenShot AntiDebug AntiVM PE File .NET EXE PE32 VirusTotal Malware PDB Code Injection Check memory Checks debugger buffers extracted unpack itself ComputerName					7.2	M	25	ZeroCERT

5825	2024-09-09 10:41	1.exe 556a8b2afef96f81acde6ca1a525650e Malicious Library .NET framework(MSIL) PE File .NET EXE PE32 VirusTotal Malware suspicious privilege Check memory Checks debugger unpack itself ComputerName					2.6		49	ZeroCERT

5826	2024-09-09 10:15	oclo.exe 0d14677324fb1f05953aff5dfc889965 Generic Malware Malicious Library UPX PE File PE64 OS Processor Check VirusTotal Malware crashed					0.8	M	15	ZeroCERT

5827	2024-09-09 10:12	pclient.exe 54d967f9eb61177beabd0c5c826fd4c6 Generic Malware Malicious Library UPX PE File PE64 OS Processor Check VirusTotal Malware crashed					0.8	M	12	ZeroCERT

5828	2024-09-09 10:10	lemon.exe 06316232a5c4476deffee5872b5a9c0f Generic Malware Malicious Library UPX PE File PE64 OS Processor Check VirusTotal Malware crashed					0.8	M	11	ZeroCERT

5829	2024-09-09 10:10	responsibilityleadpro.exe d1fd7bf0ef1ef17007005c4d86c27d03 Generic Malware Malicious Library UPX PE File PE64 OS Processor Check VirusTotal Malware crashed					0.8	M	17	ZeroCERT

5830	2024-09-09 09:56	Twitch x Loot Lab Event - 2025... 41c656c497d7ec24de57a9927c13e81c Antivirus ScreenShot KeyLogger AntiDebug AntiVM VirusTotal Malware MachineGuid Code Injection Check memory RWX flags setting unpack itself					3.0		22	ZeroCERT

5831	2024-09-09 09:50	66dcad8f5f33a_crypted.exe b8010780cbccba9ec2e20d7b3c17c6be RedLine stealer Antivirus ScreenShot PWS AntiDebug AntiVM PE File .NET EXE PE32 VirusTotal Malware PDB Code Injection Check memory Checks debugger buffers extracted unpack itself Windows DNS Cryptographic key		1			10.2	M	44	ZeroCERT

5832	2024-09-09 09:48	sgf.exe 7e860c83b7eadf2a7a29532989114348 Client SW User Data Stealer ftp Client info stealer Antivirus Http API PWS AntiDebug AntiVM PE File .NET EXE PE32 VirusTotal Malware PDB Code Injection Check memory Checks debugger buffers extracted unpack itself ComputerName					7.6	M	45	ZeroCERT

5833	2024-09-09 09:46	vrgeh.exe a8fef7b198fa122ead5bcf5b84f2737b Stealc Client SW User Data Stealer LokiBot ftp Client info stealer Antivirus Malicious Library Http API PWS HTTP Code injection Internet API AntiDebug AntiVM PE File .NET EXE PE32 FTP Client Info Stealer VirusTotal Malware Telegram PDB MachineGuid Code Injection Malicious Traffic Check memory Checks debugger buffers extracted WMI unpack itself Windows utilities Collect installed applications suspicious process malicious URLs sandbox evasion WriteConsoleW anti-virtualization installed browsers check Tofsee Windows Browser ComputerName DNS Software	2 Keyword trend analysis	5	3	1	16.0	M	47	ZeroCERT

5834	2024-09-09 09:46	66dcab0bcba58_crypted.exe 751e3d161454b4c4aa4cf9ff902ebe1c Antivirus PE File .NET EXE PE32 VirusTotal Malware PDB Check memory Checks debugger unpack itself					2.6	M	41	ZeroCERT

5835	2024-09-08 10:58	Channel4.exe 12bba7bf40ba77b0ab322d8626dab9aa Generic Malware Admin Tool (Sysinternals etc ...) UPX PE File PE32 DLL Malware download VirusTotal Malware Malicious Traffic AppData folder suspicious TLD CryptBot DNS	1 Keyword trend analysis	2	3		3.6	M	43	ZeroCERT