Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Rule	Score	Zero	VT	Player
6031	2024-01-30 09:17	build1234.exe 835241c48301a5dc36f99cf457841941 Generic Malware .NET framework(MSIL) UPX PE32 PE File .NET EXE OS Processor Check FTP Client Info Stealer VirusTotal Malware Cryptocurrency wallets Cryptocurrency suspicious privilege MachineGuid Check memory Checks debugger unpack itself Windows utilities suspicious process Ransomware Windows Software					5.6	M	54	ZeroCERT

6032	2024-01-30 08:19	tuc4.exe 98d294d23b5e02788a666ffbdf2d4f85 Emotet Gen1 Malicious Library UPX Anti_VM PE32 PE File MZP Format DllRegisterServer dll OS Processor Check PE64 DLL ftp Checks debugger Creates executable files unpack itself AppData folder Windows ComputerName crashed					3.6	M		ZeroCERT

6033	2024-01-30 08:15	Iiympojf.exe a72bbdcafba3b40c6f2e7d86844ac059 Hide_EXE UPX PE File PE64 OS Processor Check suspicious privilege Code Injection Check memory Checks debugger unpack itself Windows Cryptographic key					4.0	M		ZeroCERT

6034	2024-01-30 08:13	ugorichzx.exe 0b26f7b7a37aec280212b187c006f3b7 AgentTesla PWS KeyLogger AntiDebug AntiVM PE32 PE File .NET EXE Browser Info Stealer FTP Client Info Stealer Email Client Info Stealer Buffer PE AutoRuns suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself Check virtual network interfaces IP Check Tofsee Windows Browser Email ComputerName DNS Software crashed		2	4		11.0	M		ZeroCERT

6035	2024-01-30 08:11	bot.exe d566b5014a0e3985901a7dbd66664444 Malicious Library UPX PE32 PE File OS Processor Check unpack itself crashed					1.2	M		ZeroCERT

6036	2024-01-30 08:09	Kcqqn.exe 4637890c14f37ece8321cf079192acd2 Generic Malware Antivirus PE32 PE File .NET EXE AutoRuns suspicious privilege Check memory Checks debugger Creates shortcut unpack itself suspicious process WriteConsoleW Windows ComputerName DNS Cryptographic key		1			6.2	M		ZeroCERT

6037	2024-01-30 08:07	12028.exe e9511c52af792b25be4cc022154a8753 Generic Malware Malicious Library UPX Malicious Packer PE32 PE File OS Processor Check DLL Lnk Format GIF Format Check memory Checks debugger Creates shortcut Creates executable files RWX flags setting unpack itself AppData folder ComputerName Firmware					3.4	M		ZeroCERT

6038	2024-01-30 08:04	InstallSetup.exe d48e3a507c5bd1b62834f7f0439a47e0 Malicious Library UPX PE32 PE File OS Processor Check unpack itself Remote Code Execution					1.0	M		ZeroCERT

6039	2024-01-30 08:02	12027.exe a6fc2d8611cae0eda7fc1b53495a6b3b Generic Malware Malicious Library UPX Malicious Packer PE32 PE File DLL OS Processor Check Lnk Format GIF Format Check memory Checks debugger Creates shortcut Creates executable files RWX flags setting unpack itself AppData folder ComputerName Firmware					3.4	M		ZeroCERT

6040	2024-01-30 08:02	Vbsveuhnjb.exe 58d5a4054fb2b552c02250a2ba355421 Hide_EXE .NET framework(MSIL) UPX Socket Http API ScreenShot HTTP DNS Code injection Internet API AntiDebug AntiVM PE32 PE File .NET EXE OS Processor Check AutoRuns suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself AppData folder Windows Cryptographic key					7.6			ZeroCERT

6041	2024-01-30 08:02	workforroc.exe 6af4b8b8c8399fca6798e3f2d7df9af5 NPKI HermeticWiper Generic Malware Suspicious_Script NSIS Malicious Library UPX Antivirus Admin Tool (Sysinternals etc ...) Malicious Packer Anti_VM Javascript_Blob PE32 PE File .NET EXE PNG Format JPEG Format OS Processor Check ZIP Format MZP Format ic Malware AutoRuns MachineGuid Malicious Traffic Check memory Checks debugger Creates executable files unpack itself Windows utilities Check virtual network interfaces suspicious process AppData folder AntiVM_Disk WriteConsoleW VM Disk Size Check Tofsee Ransomware Windows ComputerName DNS crashed	3 Keyword trend analysis	6	5	2	12.2	M		ZeroCERT

6042	2024-01-30 08:00	ma.exe 9b3430f42a0fb00d014c2fa208662865 North Korea task schedule Downloader Malicious Packer UPX Create Service Socket DGA Http API ScreenShot Escalate priviledges Steal credential PWS Sniff Audio HTTP DNS Code injection Internet API persistence FTP KeyLogger P2P AntiDebug AntiVM PE File PE64 AutoRuns suspicious privilege MachineGuid Code Injection Check memory Checks debugger Creates executable files unpack itself Windows utilities suspicious process malicious URLs WriteConsoleW Windows ComputerName Remote Code Execution crashed					7.2	M		ZeroCERT

6043	2024-01-30 08:00	55555.exe 167c40ace009f5d5cda541008804c3b3 Malicious Library UPX PE32 PE File OS Processor Check unpack itself crashed					1.2	M		ZeroCERT

6044	2024-01-30 07:57	Setup11.exe e23d462d0311b34d4a025a7e594e9ed7 UPX PE32 PE File .NET EXE OS Processor Check PDB Check memory Checks debugger unpack itself ComputerName					1.6	M		ZeroCERT

6045	2024-01-30 07:57	build.exe 6e0c2cc2b89a9d054ebe5df5656c7113 Gen1 Generic Malware Malicious Library Malicious Packer UPX Antivirus Anti_VM PE File PE64 DLL OS Processor Check ftp wget Check memory Creates executable files unpack itself					2.0			ZeroCERT