Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Score	Zero	VT	Player
5926	2024-02-04 16:43	ClamAV-0.103.4.exe 27caec389aed111fc91c3531b9a6dbe1 Emotet Gen1 Hide_EXE Malicious Library UPX .NET framework(MSIL) PE File PE64 CAB PE32 .NET EXE OS Processor Check AutoRuns PDB suspicious privilege Check memory Checks debugger Creates executable files unpack itself AppData folder Windows Remote Code Execution Cryptographic key				4.6	M		ZeroCERT

5927	2024-02-04 16:41	npp86Installerx64.exe d8b897481e51cfab29862e8f9d5a039d Emotet Gen1 Malicious Library UPX PE32 PE File CAB VirusTotal Malware AutoRuns PDB Check memory Checks debugger Creates executable files unpack itself AntiVM_Disk VM Disk Size Check Windows ComputerName Remote Code Execution				4.4	M	49	ZeroCERT

5928	2024-02-04 16:39	fsetrh.exe 6543dfd527080cd599e8905c90903b33 Generic Malware Malicious Library PE32 PE File PNG Format ZIP Format Browser Info Stealer Malware download FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware Cryptocurrency wallets Cryptocurrency MachineGuid Check memory buffers extracted unpack itself Disables Windows Security Collect installed applications AntiVM_Disk sandbox evasion anti-virtualization IP Check VM Disk Size Check installed browsers check Tofsee Ransomware Windows Browser RisePro Email ComputerName DNS Software crashed	1 Keyword trend analysis	5	8 Info ET MALWARE RisePro TCP Heartbeat Packet ET MALWARE [ANY.RUN] RisePro TCP (Token) ET MALWARE [ANY.RUN] RisePro TCP (External IP) SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) ET POLICY Possible External IP Lookup Domain Observed in SNI (ipinfo. io) ET MALWARE [ANY.RUN] RisePro TCP (Exfiltration) ET MALWARE RisePro CnC Activity (Inbound) ET MALWARE [ANY.RUN] RisePro TCP (Activity)	10.8	M	28	ZeroCERT

5929	2024-02-04 16:39	dffdfdf.exe 268cf16a004a6b7515bec416b64ee904 RedLine Infostealer UltraVNC Malicious Library UPX PE32 PE File OS Processor Check VirusTotal Malware PDB Check memory Checks debugger unpack itself Windows Cryptographic key crashed				2.8	M	32	ZeroCERT

5930	2024-02-04 16:38	logo3.jpg.exe a7dcdb8a4ecf815beac47a344d9b7259 RedLine Infostealer UltraVNC Malicious Library UPX PE32 PE File OS Processor Check VirusTotal Malware PDB Check memory Checks debugger unpack itself Windows Cryptographic key crashed				3.2	M	25	ZeroCERT

5931	2024-02-04 16:37	osminogs.exe 95e59305ad61119cf15ee95562bd05ba Gen1 Malicious Library UPX PE32 PE File VirusTotal Malware unpack itself Remote Code Execution crashed				2.2	M	29	ZeroCERT

5932	2024-02-04 16:36	Amadey.exe d467222c3bd563cb72fa49302f80b079 Malicious Library Malicious Packer UPX PE32 PE File OS Processor Check VirusTotal Malware AutoRuns unpack itself AppData folder Windows				2.6		54	ZeroCERT

5933	2024-02-03 02:59	Editur.exe f358ff5fff072388704988a169fa321e EnigmaProtector Malicious Library Malicious Packer UPX Admin Tool (Sysinternals etc ...) PE32 PE File OS Processor Check .NET EXE VirusTotal Malware Check memory Checks debugger Creates executable files unpack itself AppData folder DNS		1		5.2		45	guest

5934	2024-02-03 02:38	Joey.king-videos.exe fd757131ebee36c55d5415294d598538 Gen1 Emotet Generic Malware Downloader Malicious Library UPX Admin Tool (Sysinternals etc ...) Create Service Socket DGA Http API ScreenShot Escalate priviledges Steal credential PWS Sniff Audio HTTP DNS Code injection Internet API FTP KeyLogger P2P persi Check memory Checks debugger Creates executable files unpack itself malicious URLs				2.2		38	guest

5935	2024-02-03 02:28	Users:.fileloc 02f9eb892f91b57ac1ed5422bda6b113							guest

5936	2024-02-03 02:22	IMG_20220120_045433.jpg b1d0372bb5d56a9903c0245e059084b2 JPEG Format							guest

5937	2024-02-03 01:48	55555.exe 167c40ace009f5d5cda541008804c3b3 Malicious Library UPX PE32 PE File OS Processor Check VirusTotal Malware unpack itself crashed				2.4	M	59	guest

5938	2024-02-03 01:24	malady.docx 58eab4449b00f3da1bdfa09aa1f724f1				0.8			guest

5939	2024-02-02 20:43	malady.docx 58eab4449b00f3da1bdfa09aa1f724f1				0.8			guest

5940	2024-02-02 18:35	20f4f338c78dba994beaf4415365b0... 20f4f338c78dba994beaf4415365b06d Gen1 Malicious Library Malicious Packer UPX Anti_VM PE File PE64 DllRegisterServer dll OS Processor Check VirusTotal Malware crashed				1.8		30	ZeroCERT