popup

Submissions

No Date Request Urls Hosts IDS Rule Score Zero VT Player Etc
6166 2024-01-24 08:11 pixelcloudnew2.exe  

afa4b5293faaade81fdcfb074a0f68f8


RedlineStealer RedLine stealer .NET framework(MSIL) UPX PE32 PE File .NET EXE OS Processor Check Check memory Checks debugger unpack itself Windows DNS Cryptographic key 		1 2.6 ZeroCERT

6167 2024-01-24 08:09 23.exe  

91ab5914b61a0250cffa61c6f35776b9


Malicious Library UPX PE32 PE File OS Processor Check PDB unpack itself Remote Code Execution 		1.2 M ZeroCERT

6168 2024-01-24 08:05 check.exe  

bdfe4d6a63e6367f4cba94b395860a02


Downloader Malicious Library UPX Create Service Socket DGA Http API ScreenShot Escalate priviledges Steal credential PWS Sniff Audio HTTP DNS Code injection Internet API persistence FTP KeyLogger P2P AntiDebug AntiVM PE32 PE File OS Processor Check PDB Code Injection Creates executable files unpack itself AppData folder malicious URLs ComputerName Remote Code Execution crashed 		4.6 M ZeroCERT

6169 2024-01-24 08:04 rty37.exe  

5403c7f25701c2f3880998784e78b2f9


Malicious Library UPX PE File PE64 OS Processor Check PDB MachineGuid unpack itself Check virtual network interfaces Tofsee Remote Code Execution 		2 3 1 1.8 M ZeroCERT

6170 2024-01-24 08:02 TrumTrum.exe  

dd00d5501f388f4422cce9bd559394e0


PE File PE64 VirusTotal Malware crashed 		2.2 M 50 ZeroCERT

6171 2024-01-24 08:02 gookcom.exe  

c6fea3621cca858371f2d596c9723891


Generic Malware Antivirus PE32 PE File .NET EXE PowerShell VirusTotal Malware powershell suspicious privilege Check memory Checks debugger Creates shortcut unpack itself powershell.exe wrote suspicious process WriteConsoleW Windows ComputerName DNS Cryptographic key 		1 6.4 M 52 ZeroCERT

6172 2024-01-24 08:00 StealerClient_Cpp_1_4.exe  

43cfdf73b4175c4eb9611116f46ecaf5


Malicious Library Malicious Packer UPX PE32 PE File OS Processor Check VirusTotal Malware 		1.2 48 ZeroCERT

6173 2024-01-24 08:00 setup_wm.exe  

57f791f7477b1f7a1b3605465d054db8


Gen1 Generic Malware Malicious Library UPX PE32 PE File DllRegisterServer dll VirusTotal Malware PDB Remote Code Execution 		1.6 45 ZeroCERT

6174 2024-01-24 07:58 dd.exe  

cce53392d805e6fbfdbccf4527d53c26


AgentTesla Generic Malware .NET framework(MSIL) Antivirus PWS SMTP KeyLogger AntiDebug AntiVM PE32 PE File .NET EXE Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware PDB suspicious privilege Code Injection Check memory Checks debugger buffers extracted Creates shortcut unpack itself Windows utilities Check virtual network interfaces suspicious process WriteConsoleW IP Check Tofsee Windows Browser Email ComputerName DNS Cryptographic key Software crashed keylogger 		2 4 13.6 38 ZeroCERT

6175 2024-01-24 07:57 kskskfsf.exe  

d75a38987ba68363fb67861537749274


Malicious Library PE32 PE File VirusTotal Malware unpack itself crashed 		2.4 40 ZeroCERT

6176 2024-01-24 07:56 num.exe  

b65204b855a9031d3a1e8480899ed0ce


Emotet Suspicious_Script_Bin Downloader Malicious Library UPX Malicious Packer Create Service Socket DGA Http API ScreenShot Escalate priviledges Steal credential PWS Hijack Network Sniff Audio HTTP DNS Code injection Internet API persistence FTP KeyLogge VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger Creates executable files Windows utilities malicious URLs AntiVM_Disk WriteConsoleW VM Disk Size Check Windows 		5.2 17 ZeroCERT

6177 2024-01-24 07:55 red.exe  

5878d2c316a84469a950dabb79c668cd


RedLine Infostealer UltraVNC Malicious Library UPX PE32 PE File OS Processor Check VirusTotal Malware PDB Check memory Checks debugger unpack itself Windows Cryptographic key crashed 		2.8 M 33 ZeroCERT

6178 2024-01-24 07:50 Install.exe  

16c5332ffa5a8fbb4403570ef5de191d


Admin Tool (Sysinternals etc ...) UPX AntiDebug AntiVM PE32 PE File .NET EXE VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself Windows DNS Cryptographic key 		1 11.4 20 ZeroCERT

6179 2024-01-23 14:50 http://www.amazon.ca  

f0d918f20a6893435e7ed9012fffbce2


Downloader Create Service Socket DGA Http API ScreenShot Escalate priviledges Steal credential PWS Hijack Network Sniff Audio HTTP DNS Code injection Internet API persistence FTP KeyLogger P2P AntiDebug AntiVM icon MSOffice File Code Injection RWX flags setting exploit crash unpack itself Windows utilities malicious URLs Tofsee Windows Exploit DNS crashed 		4 6 2 4.2 guest

6180 2024-01-23 14:19 IEbrowserUpdates.vbs  

b188e3740962ca8e83f9a86ab3889c9f

VirusTotal Malware wscript.exe payload download Tofsee 		2 2 2 2.6 M 3 ZeroCERT

keyword