Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Rule	Score	Zero	VT	Player
5956	2024-02-02 13:35	1.jpg.exe 98b480339c9a8c8316f5255f976fd575 Malicious Library UPX PE32 PE File OS Processor Check VirusTotal Malware unpack itself Remote Code Execution					2.2	M	52	ZeroCERT

5957	2024-02-02 13:34	clip64.dll 858c8921fd045dd5a185cd2135d30ee2 Amadey Malicious Library UPX PE32 PE File DLL OS Processor Check VirusTotal Malware Malicious Traffic Checks debugger unpack itself DNS	1 Keyword trend analysis	1			3.6	M	41	ZeroCERT

5958	2024-02-02 13:33	anydesk.exe 9ef6a54a3116f6333926e0af02567dfa RedLine Infostealer UltraVNC Malicious Library UPX PE32 PE File OS Processor Check VirusTotal Malware PDB Check memory Checks debugger unpack itself Windows Cryptographic key crashed					2.6	M	27	ZeroCERT

5959	2024-02-02 11:31	HentaiCapture.exe 953f4ba2f7832e5552379d19f3a95614 Malicious Library Downloader PE File PE64 VirusTotal Malware AutoRuns Malicious Traffic Windows	2 Keyword trend analysis	2			2.6	M	23	ZeroCERT

5960	2024-02-02 11:28	Dread498_protected.exe b7602315a23d46a720ad7cb8af62c118 Themida Packer UPX PE32 PE File .NET EXE VirusTotal Malware Check memory Checks debugger unpack itself Checks Bios Detects VMWare WriteConsoleW VMware anti-virtualization Windows Firmware Cryptographic key crashed					5.6	M	56	ZeroCERT

5961	2024-02-02 11:25	ytpzx.exe c64a593f62aeac6c4948e924e0f74351 Generic Malware Antivirus PWS AntiDebug AntiVM PE32 PE File .NET EXE VirusTotal Malware powershell PDB suspicious privilege Code Injection Check memory Checks debugger buffers extracted Creates shortcut unpack itself powershell.exe wrote Check virtual network interfaces suspicious process WriteConsoleW Tofsee Windows ComputerName Cryptographic key crashed		2	4		12.4	M	38	ZeroCERT

5962	2024-02-02 09:29	blackwindows.exe 737124517eb91dfa7a9485f48b8037df Malicious Library PE32 PE File VirusTotal Malware PDB unpack itself Remote Code Execution					2.2	M	36	ZeroCERT

5963	2024-02-02 09:27	build.exe 18d65d34eebb570d3fef21afc23f5806 Downloader .NET framework(MSIL) Create Service Socket DGA Http API ScreenShot Escalate priviledges Steal credential PWS Sniff Audio HTTP DNS Code injection Internet API FTP KeyLogger P2P AntiDebug AntiVM PE32 PE File .NET EXE ZIP Format Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware Cryptocurrency wallets Cryptocurrency AutoRuns suspicious privilege MachineGuid Code Injection Malicious Traffic Check memory Checks debugger buffers extracted unpack itself Windows utilities Check virtual network interfaces suspicious process AppData folder WriteConsoleW Tofsee Ransomware Windows Browser Email ComputerName Software	2 Keyword trend analysis Info https://github.com/matinrco/tor/releases/download/v0.4.5.10/tor-expert-bundle-v0.4.5.10.zip https://objects.githubusercontent.com/github-production-release-asset-2e65be/146779096/943f13f9-3eb9-4042-8722-d95f026c8b09?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAVCODYLSA53PQK4ZA%2F20240202%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20240202T002450Z&X-Amz-Expires=300&X-Amz-Signature=25629fc686e731f2da74696a17bd89460db08b69ab985875c95061d81aab75dd&X-Amz-SignedHeaders=host&actor_id=0&key_id=0&repo_id=146779096&response-content-disposition=attachment%3B%20filename%3Dtor-expert-bundle-v0.4.5.10.zip&response-content-type=application%2Foctet-stream	4	1		10.4	M	35	ZeroCERT

5964	2024-02-02 09:26	0.exe 5aaf84e27d4e4d7162be0b5d01aa2f98 Malicious Library PE32 PE File VirusTotal Malware PDB unpack itself Remote Code Execution					2.2	M	35	ZeroCERT

5965	2024-02-02 09:25	AquariumScreening.exe b74af6f8231cb0dd8dbaa270e215a7bb Emotet Suspicious_Script_Bin Downloader Malicious Library UPX Admin Tool (Sysinternals etc ...) DNS Create Service Socket DGA Http API ScreenShot Escalate priviledges Steal credential PWS Hijack Network Sniff Audio HTTP Code injection Internet API persist VirusTotal Malware Buffer PE AutoRuns suspicious privilege Code Injection Check memory Checks debugger buffers extracted WMI Creates executable files unpack itself Windows utilities suspicious process AppData folder malicious URLs AntiVM_Disk WriteConsoleW VM Disk Size Check Windows ComputerName Remote Code Execution		1			13.0	M	23	ZeroCERT

5966	2024-02-02 09:25	main.exe 50b53e2a4cc18fd97a0cc48313dd79b3 Gen1 Malicious Library ASPack UPX Anti_VM PE File PE64 OS Processor Check DLL ZIP Format VirusTotal Malware Check memory Creates executable files Ransomware crashed					2.6	M	18	ZeroCERT

5967	2024-02-02 09:24	Client4Cr.exe 6af08d4b1b9db23c9f2022bf73a69d01 RedLine Infostealer UltraVNC Malicious Library UPX PE32 PE File OS Processor Check VirusTotal Malware PDB DNS		1			4.0	M	47	ZeroCERT

5968	2024-02-02 09:23	Install.exe 97bbaccc9522b08df38561a6cfb186b0 UPX AntiDebug AntiVM PE32 PE File .NET EXE Browser Info Stealer RedLine Malware download FTP Client Info Stealer VirusTotal Malware Microsoft AutoRuns suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted WMI Creates executable files unpack itself Collect installed applications Check virtual network interfaces AppData folder installed browsers check Tofsee Stealer Windows Browser ComputerName DNS Cryptographic key Software crashed	1 Keyword trend analysis	3	3		16.6	M	32	ZeroCERT

5969	2024-02-02 09:22	dayroc.exe c67cb967230036816fd0cbbfd96959c6 NSIS Generic Malware Malicious Library UPX Antivirus Admin Tool (Sysinternals etc ...) Malicious Packer Anti_VM PE32 PE File .NET EXE PNG Format OS Processor Check ZIP Format MZP Format JPEG Format BMP Format CHM Format DLL icon PE64 CAB MSOffice File Wo VirusTotal Malware AutoRuns Malicious Traffic Check memory Checks debugger Creates executable files unpack itself Windows utilities suspicious process AppData folder AntiVM_Disk WriteConsoleW VM Disk Size Check Ransomware Windows ComputerName DNS	2 Keyword trend analysis	4	5	1	11.6	M	46	ZeroCERT

5970	2024-02-02 09:20	timeSync.exe 819620131b84d4bee6b9caa1c58fa839 Malicious Library UPX PE32 PE File OS Processor Check VirusTotal Malware PDB unpack itself Remote Code Execution					2.2	M	34	ZeroCERT