popup

Submissions

No Date Request Urls Hosts IDS Rule Score Zero VT Player Etc
6391 2024-01-09 08:02 2024.exe  

2c470494b6dc68b2346e42542d80a0fd


RedlineStealer RedLine stealer .NET framework(MSIL) UPX PE32 PE File .NET EXE OS Processor Check Browser Info Stealer RedLine Malware download FTP Client Info Stealer VirusTotal Malware Microsoft suspicious privilege Check memory Checks debugger buffers extracted unpack itself Collect installed applications installed browsers check Stealer Windows Browser ComputerName DNS Cryptographic key Software crashed 		1 5 6.6 45 ZeroCERT

6392 2024-01-09 08:02 ugopoundzx.exe  

5238fbf72ac6be4edfb03daaceca338c


.NET framework(MSIL) PE32 PE File .NET EXE VirusTotal Malware PDB Check memory Checks debugger unpack itself 		2.4 32 ZeroCERT

6393 2024-01-08 09:43 DECEMBER_2023_COMMISSION_PAYME...  

eba5412c896ac51f09604239e059e1e7


MS_RTF_Obfuscation_Objects RTF File doc VirusTotal Malware buffers extracted exploit crash unpack itself Exploit DNS crashed 		1 3.8 M 37 ZeroCERT

6394 2024-01-08 09:42 ablast.exe  

c0bd0765626bdb60acd2d0dbb25b8f2c


.NET framework(MSIL) AntiDebug AntiVM PE32 PE File .NET EXE Malware download VirusTotal Malware AutoRuns suspicious privilege Code Injection Check memory Checks debugger buffers extracted WMI unpack itself Collect installed applications Detects VirtualBox suspicious TLD sandbox evasion VMware anti-virtualization installed browsers check Windows Browser ComputerName Firmware DNS Cryptographic key 		6 2 4 17.4 M 24 ZeroCERT

6395 2024-01-08 09:40 ajajjajajaj.exe  

526a60e929f138a26e787599b03b11e3


Generic Malware Suspicious_Script_Bin Malicious Library .NET framework(MSIL) UPX Antivirus AntiDebug AntiVM PE32 PE File OS Processor Check .NET EXE VirusTotal Malware PDB suspicious privilege MachineGuid Code Injection Check memory Checks debugger buffers extracted Creates shortcut Creates executable files unpack itself suspicious process AntiVM_Disk WriteConsoleW VM Disk Size Check ComputerName Remote Code Execution 		9.2 53 ZeroCERT

6396 2024-01-08 09:38 newrock.exe  

3133d3642bfa4a27451dc4ba649d0c50


Generic Malware Malicious Packer UPX Malicious Library PE32 PE File .NET EXE PE64 VirusTotal Malware MachineGuid Check memory Checks debugger Creates executable files unpack itself Check virtual network interfaces AppData folder Tofsee crashed 		2 3 1 5.8 M 45 ZeroCERT

6397 2024-01-08 09:37 Winlog.exe  

f05c694a114f51a3ef0db7f93f777711


Generic Malware Antivirus PE File PE64 VirusTotal Malware AutoRuns PDB suspicious privilege MachineGuid Malicious Traffic Check memory Checks debugger buffers extracted Creates shortcut unpack itself Check virtual network interfaces suspicious process Windows ComputerName DNS Cryptographic key 		1 2 1 8.2 43 ZeroCERT

6398 2024-01-08 07:54 VoiceChangerAi.exe  

a95c886c9107dfc61f02274ec206f559


Gen1 Malicious Library UPX Malicious Packer Anti_VM PE File PE64 ftp OS Processor Check DLL PNG Format ZIP Format icon Malware Check memory Creates executable files Ransomware 		2.0 M ZeroCERT

6399 2024-01-08 07:50 Had.exe  

981fb98bb6fa845c67ed22349e91867d


Generic Malware Malicious Library Malicious Packer UPX PE32 PE File .NET EXE OS Processor Check PDB Check memory Checks debugger unpack itself ComputerName 		1.2 M ZeroCERT

6400 2024-01-08 07:46 birge_two.exe  

76c16fdbc68b7df3bc50ecc5a9492e77


Admin Tool (Sysinternals etc ...) .NET framework(MSIL) Malicious Library UPX ScreenShot AntiDebug AntiVM PE32 PE File .NET EXE DLL OS Processor Check Buffer PE PDB Code Injection Check memory Checks debugger buffers extracted Creates executable files unpack itself AppData folder Windows Cryptographic key 		7.8 ZeroCERT

6401 2024-01-08 07:46 legend.exe  

a73edc5e9a789f2819677cf53dee7bba


RedlineStealer RedLine stealer .NET framework(MSIL) UPX PE32 PE File .NET EXE OS Processor Check Browser Info Stealer RedLine Malware download FTP Client Info Stealer Malware Microsoft suspicious privilege Check memory Checks debugger buffers extracted unpack itself Collect installed applications installed browsers check Stealer Windows Browser ComputerName DNS Cryptographic key Software crashed 		1 5 5.0 ZeroCERT

6402 2024-01-08 07:44 bhgt79yuh.exe  

ca52c4d857e5c31ac83e0c81bc2b74b4


Emotet Suspicious_Script_Bin Downloader Malicious Library UPX Malicious Packer Create Service Socket DGA Http API ScreenShot Escalate priviledges Steal credential PWS Hijack Network Sniff Audio HTTP DNS Code injection Internet API persistence FTP KeyLogge suspicious privilege Code Injection Check memory Checks debugger Creates executable files Windows utilities malicious URLs AntiVM_Disk WriteConsoleW VM Disk Size Check Windows 		4.6 ZeroCERT

6403 2024-01-08 07:44 movie.exe  

bc7963a7d0a8b745e704d22bbc2c3e03


Malicious Library PE32 PE File unpack itself 		0.8 ZeroCERT

6404 2024-01-06 17:20 setup.exe  

b13686dff2f18689d5e340d107c7e45a


Gen1 Generic Malware Malicious Library UPX Malicious Packer Anti_VM PE File PE64 OS Processor Check DLL DllRegisterServer dll ftp wget VirusTotal Malware Check memory Creates executable files unpack itself Remote Code Execution 		4.0 54 guest

6405 2024-01-06 10:58 nocry.exe  

d51470d48757a38f3023a9d40a081056


EnigmaProtector Generic Malware UPX Antivirus PE32 PE File .NET EXE DLL OS Processor Check Lnk Format GIF Format Malware download VirusTotal Malware powershell AutoRuns suspicious privilege MachineGuid Check memory Checks debugger buffers extracted WMI Creates shortcut Creates executable files unpack itself Windows utilities Disables Windows Security powershell.exe wrote Check virtual network interfaces suspicious process AppData folder IP Check Windows RisePro ComputerName Remote Code Execution DNS Cryptographic key crashed 		2 3 12.2 M 34 ZeroCERT

keyword