Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Rule	Score	Zero	VT	Player
6211	2021-03-19 15:16	melo.txt.exe 800b215d94cf536173c4debc0ea1e3a0 VirusTotal Malware					2.0	M	57	ZeroCERT

6212	2021-03-19 15:17	jesus.exe 878fb607d4e0bd3f7da637f2707d6f82 AsyncRAT backdoor Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself malicious URLs Windows Browser Email ComputerName DNS Cryptographic key Software crashed					12.4	M	27	ZeroCERT

6213	2021-03-19 15:43	ooo.exe ecf3b5822fe3d32fb5ab317cce2a580a AsyncRAT backdoor VirusTotal Malware AutoRuns suspicious privilege Code Injection Check memory Checks debugger buffers extracted Creates executable files unpack itself Windows utilities suspicious process AppData folder malicious URLs WriteConsoleW Windows ComputerName crashed					14.2	M	34	ZeroCERT

6214	2021-03-19 15:43	PUX.exe 37ed0db1564735f943923670e9879682 VirusTotal Malware Buffer PE AutoRuns suspicious privilege MachineGuid Code Injection Check memory Checks debugger buffers extracted unpack itself Windows utilities suspicious process malicious URLs WriteConsoleW human activity check Windows ComputerName DNS		2			14.4	M	26	ZeroCERT

6215	2021-03-19 15:59	shedyx.exe c52a0b91b883588349d5921a91f4fb73 AsyncRAT backdoor VirusTotal Malware Malicious Traffic Check memory Checks debugger unpack itself Check virtual network interfaces malicious URLs Windows ComputerName Cryptographic key	3 Keyword trend analysis Info http://liverpooldabestteamoftheworld.com/liverpool-fc-news/features/steven-gerrard-liverpool-future-dalglish--goal-5CD44309EDBA3436FED51B07125F8DC8.html - rule_id: 419 http://liverpooldabestteamoftheworld.com/liverpool-fc-news/features/steven-gerrard-liverpool-future-dalglish--goal-6AA7B3D5FF273ECD014B27AC7AC3722C.html - rule_id: 419 http://liverpooldabestteamoftheworld.com/liverpool-fc-news/features/steven-gerrard-liverpool-future-dalglish--goal-B33360BCD002EB708A8C55587B2F378A.html - rule_id: 419	2		3	4.0	M	28	ZeroCERT

6216	2021-03-19 15:59	scan.exe 2a2790604ae0958c5652bb32d01c0219 Azorult .NET framework VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself malicious URLs Windows ComputerName DNS Cryptographic key crashed					10.4	M	22	ZeroCERT

6217	2021-03-19 16:01	5.exe 212b12e2686111514455c97b689c8457 Raccoon Stealer VirusTotal Malware PDB unpack itself Windows crashed					3.0	M	56	ZeroCERT

6218	2021-03-19 16:03	vbc.exe 965bfe87539532f79067a9fdf7b67a61 AsyncRAT backdoor VirusTotal Malware Malicious Traffic Check memory Checks debugger unpack itself Check virtual network interfaces malicious URLs Windows ComputerName Cryptographic key	1 Keyword trend analysis	2		1	4.0	M	26	ZeroCERT

6219	2021-03-19 16:59	cred.dll b25b103bda8c4650e1fac20e43fc3755 FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware Malicious Traffic Check memory Checks debugger unpack itself Email DNS Software	1 Keyword trend analysis	1	1		6.2	M	49	ZeroCERT

6220	2021-03-19 17:01	abnol.exe c4b7965e03a154956c35e3f1a2486e7d Azorult .NET framework VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself malicious URLs Windows ComputerName Cryptographic key crashed					9.6	M	18	ZeroCERT

6221	2021-03-19 17:11	dubi.exe c2f2834b216ef788b6c0568d0267223c Glupteba Malicious Library VirusTotal Malware PDB unpack itself Windows Remote Code Execution crashed					3.2	M	45	ZeroCERT

6222	2021-03-19 17:11	doglox.exe c47b1974b73196909a2e1647b2c73000 Azorult .NET framework VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself malicious URLs Windows ComputerName DNS Cryptographic key crashed					10.2	M	17	ZeroCERT

6223	2021-03-19 17:40	winlog.exe adbc8e8beb3f5318a520ba139e547b8a PSW Bot LokiBot ZeusBot Browser Info Stealer LokiBot Malware download FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware c&c suspicious privilege MachineGuid Malicious Traffic Check memory Creates executable files unpack itself AppData folder malicious URLs sandbox evasion installed browsers check Browser Email ComputerName Software	1 Keyword trend analysis	2	7 Info ET MALWARE LokiBot User-Agent (Charon/Inferno) ET MALWARE LokiBot Checkin ET MALWARE LokiBot Request for C2 Commands Detected M1 ET MALWARE LokiBot Application/Credential Data Exfiltration Detected M1 ET MALWARE LokiBot Request for C2 Commands Detected M2 ET MALWARE LokiBot Application/Credential Data Exfiltration Detected M2 ET MALWARE LokiBot Fake 404 Response		9.6	M	29	Kim.GS

6224	2021-03-19 17:56	dubi2.exe 12e66476395f8c1d0c457a7c13ae71df Raccoon Stealer Malicious Library VirusTotal Malware PDB unpack itself Windows Remote Code Execution crashed					3.4	M	58	ZeroCERT

6225	2021-03-19 17:58	gregmannyx.exe f9112cf09e219af23b3e7a3aab0014b9 Antivirus AsyncRAT backdoor VirusTotal Malware powershell suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted Creates shortcut unpack itself Disables Windows Security powershell.exe wrote Check virtual network interfaces suspicious process malicious URLs WriteConsoleW Tofsee Windows ComputerName DNS Cryptographic key crashed	4 Keyword trend analysis Info http://jejendjcjfhh.com/liverpool-fc-news/features/steven-gerrard-liverpool-future-dalglish--goal-3DF638D47EA8FECED716C8025134CFA6.html http://jejendjcjfhh.com/liverpool-fc-news/features/steven-gerrard-liverpool-future-dalglish--goal-0785550D6A958EA61B3CFD2011BE9F59.html https://jejendjcjfhh.com/liverpool-fc-news/features/steven-gerrard-liverpool-future-dalglish--goal-3DF638D47EA8FECED716C8025134CFA6.html https://jejendjcjfhh.com/liverpool-fc-news/features/steven-gerrard-liverpool-future-dalglish--goal-0785550D6A958EA61B3CFD2011BE9F59.html	2	1		13.0	M	17	ZeroCERT