popup

Submissions

No Date Request Urls Hosts IDS Rule Score Zero VT Player Etc
5986 2021-03-16 14:48 Cuckoo_AI.txt  

1dc6a2a22b299d80df8826ce6051260e


Check memory unpack itself 		1.0 guest

5987 2021-03-16 14:52 cdi.exe  

25be85a9de358519cde0817dfad40b23


Azorult .NET framework ftp Client info stealer email stealer browser Google Chrome User Data Win Trojan agentTesla Browser Info Stealer VirusTotal Email Client Info Stealer Malware suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted unpack itself Check virtual network interfaces malicious URLs IP Check Tofsee Windows Browser Email ComputerName DNS Cryptographic key DDNS crashed 		2 4 4 12.0 30 ZeroCERT

5988 2021-03-16 15:35 AEO.exe  

4c44df8bf80b796ebb3e979519e723c4

VirusTotal Malware RWX flags setting unpack itself 		1.8 16 r0d

5989 2021-03-16 16:03 AEO.exe  

4c44df8bf80b796ebb3e979519e723c4


Malicious Packer Generic Malware VirusTotal Malware RWX flags setting unpack itself 		1.8 16 r0d

5990 2021-03-16 17:37 cmca.jpg.exe  

2b15ebadf01c9267ef937601e214917d


Gen Antivirus VirusTotal Malware powershell suspicious privilege Malicious Traffic Check memory Checks debugger buffers extracted Creates shortcut unpack itself powershell.exe wrote Check virtual network interfaces suspicious process malicious URLs WriteConsoleW Tofsee Windows ComputerName Cryptographic key 		1 2 1 10.0 26 ZeroCERT

5991 2021-03-16 17:41 ddde.exe  

5d86b7e57a49db2cd1c597b02c3deae4


Azorult .NET framework Gen AsyncRAT backdoor Browser Info Stealer Malware download FTP Client Info Stealer Azorult VirusTotal Email Client Info Stealer Malware suspicious privilege MachineGuid Code Injection Malicious Traffic Check memory Checks debugger buffers extracted Creates executable files unpack itself Collect installed applications Check virtual network interfaces AppData folder malicious URLs sandbox evasion anti-virtualization installed browsers check Tofsee Windows Browser Email ComputerName DNS Software 		3 4 4 1 17.2 23 ZeroCERT

5992 2021-03-16 17:54 EUI.exe  

a1127592f60b591ab5a36184253b6692


Malicious Packer Generic Malware VirusTotal Malware RWX flags setting unpack itself anti-virtualization 		2.2 29 ZeroCERT

5993 2021-03-16 17:54 filename.exe  

6a8f187e4b309d76b56abf90ab52e094


Glupteba VirusTotal Malware PDB unpack itself Windows Remote Code Execution crashed 		2.8 24 ZeroCERT

5994 2021-03-16 18:04 HUE.exe  

a23c197b57d3769b7e309856624c1593


Malicious Packer Generic Malware VirusTotal Malware RWX flags setting unpack itself anti-virtualization 		2.0 M 15 ZeroCERT

5995 2021-03-16 18:15 GOD.exe  

7b87a720c281b063f64bf7767b75a6d8


Emotet Gen VirusTotal Malware AutoRuns suspicious privilege Code Injection Check memory Checks debugger buffers extracted Creates executable files unpack itself AppData folder malicious URLs installed browsers check Windows Browser 		9.6 M 26 ZeroCERT

5996 2021-03-16 18:23 IMG_20_Scanned_781.pdf  

4250a6a1436dd5a764282969464632e7


ftp Client info stealer email stealer browser Antivirus Google Chrome User Data Win Trojan agentTesla Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware powershell Buffer PE suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted Creates shortcut unpack itself powershell.exe wrote Check virtual network interfaces suspicious process malicious URLs IP Check Tofsee Windows Browser Email ComputerName DNS Cryptographic key DDNS Software crashed 		2 4 4 15.8 M 15 ZeroCERT

5997 2021-03-16 18:24 IMG_70_36_361.pdf  

39ad30ee42bfa03acd48190dcb8c068c


ftp Client info stealer email stealer Win Trojan agentTesla browser Antivirus Google Chrome User Data Download management Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware powershell Buffer PE suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted Creates shortcut unpack itself powershell.exe wrote suspicious process malicious URLs Tofsee Ransomware Windows Browser Tor Email ComputerName DNS Cryptographic key Software crashed 		2 2 1 18.0 M 20 ZeroCERT

5998 2021-03-16 18:35 IMG_601_Scanned_74.pdf  

1fcafacea14280595e3bf6531ebf2acd


Antivirus Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware powershell Buffer PE suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted Creates shortcut unpack itself powershell.exe wrote Check virtual network interfaces suspicious process malicious URLs IP Check Tofsee Windows Browser Email ComputerName DNS Cryptographic key DDNS Software crashed 		2 4 4 16.0 M 21 ZeroCERT

5999 2021-03-16 18:36 IMG_607_36_78.pdf  

1bc61ed8f8608cf8d99b713d9e16293e


Antivirus Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware powershell Buffer PE suspicious privilege Code Injection Check memory Checks debugger buffers extracted Creates shortcut unpack itself powershell.exe wrote suspicious process malicious URLs Windows Browser Email ComputerName DNS Cryptographic key Software crashed 		15.6 M 21 ZeroCERT

6000 2021-03-17 07:38 http://voland.link/XgHcsrfsm?c...  

6d7b056053ad11c6388f040dcdd575e6

Code Injection RWX flags setting exploit crash unpack itself Windows utilities malicious URLs Tofsee Windows Exploit DNS crashed 		4 6 2 4.2 ZeroCERT

keyword