Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Score	Zero	VT	Player
6406	2024-08-19 15:19	66c1968718ae8_stealc_cry.exe#k... a2d030334c0e0775e213c5262b7ad1d9 Generic Malware Malicious Library UPX PE File PE32 Malware download VirusTotal Malware c&c Malicious Traffic Check memory unpack itself Stealc ComputerName DNS	2 Keyword trend analysis	1	1	4.8	M	43	ZeroCERT

6407	2024-08-19 15:17	CFPPF.exe 54c38790a4b6310fdc018d6ed97eed0f Generic Malware Malicious Library Downloader UPX PE File PE64 OS Processor Check VirusTotal Malware PDB Check memory Checks debugger Creates executable files unpack itself Tofsee	1 Keyword trend analysis	2	1	2.4	M	22	ZeroCERT

6408	2024-08-19 15:16	TestikBro.exe 7c0a5c2cde620549b93d8372960b63c1 Generic Malware Malicious Library Downloader UPX PE File PE64 OS Processor Check VirusTotal Malware Checks debugger Creates executable files Tofsee	1 Keyword trend analysis	2	1	1.4	M	18	ZeroCERT

6409	2024-08-19 15:15	PowerRun.exe 0a4a7f49dd88b8802db5aac1ac5f9483 Generic Malware Malicious Library UPX Antivirus PE File PE64 VirusTotal Malware suspicious privilege Check memory Checks debugger unpack itself sandbox evasion human activity check				2.6	M	10	ZeroCERT

6410	2024-08-19 15:14	POS_C156.exe 7c7382c5c39fb5cb7dffd9ca5dba25e5 Malicious Library UPX PE File DllRegisterServer dll PE32 MZP Format VirusTotal Malware unpack itself crashed				2.0	M	10	ZeroCERT

6411	2024-08-19 15:13	FSB.exe 04c2bd9282a55152d9e640b0780b8a69 Generic Malware Malicious Library Downloader UPX PE File PE64 OS Processor Check VirusTotal Malware PDB Check memory Checks debugger unpack itself				2.0	M	26	ZeroCERT

6412	2024-08-19 15:11	POS_C159.exe 3b8bb2df50ce9e36afc960a3b5bc463f Malicious Library Admin Tool (Sysinternals etc ...) UPX PE File DllRegisterServer dll PE32 MZP Format VirusTotal Malware unpack itself crashed				2.0	M	10	ZeroCERT

6413	2024-08-19 15:10	AddMemreduct.exe f013565b3f9e18d9ac83432b4f0c08f9 UPX PE File PE32 VirusTotal Malware Checks debugger				2.0	M	35	ZeroCERT

6414	2024-08-19 15:09	MPDW-constraints.vbs 5bd9d9462d41ac1feb8026654efe8bf9 Generic Malware Antivirus Hide_URL PowerShell VirusTotal Malware powershell suspicious privilege Check memory Checks debugger Creates shortcut unpack itself Check virtual network interfaces suspicious process WriteConsoleW Tofsee Windows ComputerName Cryptographic key	1 Keyword trend analysis	2	1	7.6	M	7	ZeroCERT

6415	2024-08-19 15:08	random.exe e77e058e126ae8b898308d7ae78847fc Client SW User Data Stealer RedLine stealer browser info stealer Generic Malware Downloader Google Chrome User Data Malicious Library Malicious Packer UPX Code injection Create Service Socket DGA Http API ScreenShot Escalate priviledges Steal credential P Browser Info Stealer VirusTotal Malware MachineGuid Code Injection Check memory Checks debugger buffers extracted Creates executable files RWX flags setting exploit crash unpack itself Windows utilities suspicious process malicious URLs installed browsers check Tofsee Ransomware Windows Exploit Browser ComputerName crashed		2	1	12.4	M	30	ZeroCERT

6416	2024-08-19 15:08	uuvipfix.exe 46be1d2a2de1c43b0169874d14503098 CoinMiner AutoIt Generic Malware UPX PE File PE32 VirusTotal Malware Check memory Checks debugger				2.6	M	60	ZeroCERT

6417	2024-08-19 15:06	98.exe 0c29f5f793bd9427f43f3e2a3ef38dcc UPX PE File PE32 VirusTotal Malware				1.2	M	55	ZeroCERT

6418	2024-08-19 15:06	POS_C079.exe e0172234f8bfbf6caab3256f36999589 Malicious Library Admin Tool (Sysinternals etc ...) UPX PE File DllRegisterServer dll PE32 MZP Format VirusTotal Malware unpack itself crashed				1.8	M	11	ZeroCERT

6419	2024-08-19 15:05	66bf353c38733_Grids.exe efd6377cf1f3e1efd885db9343a9a686 Generic Malware Malicious Library Malicious Packer UPX Anti_VM PE File PE64 DllRegisterServer dll OS Processor Check VirusTotal Malware crashed				1.4	M	25	ZeroCERT

6420	2024-08-19 15:03	76.exe 82f852580cbfab46cd01190bb37587f5 Generic Malware ScreenShot AntiDebug AntiVM PE File .NET EXE PE32 Malware download VirusTotal Malware PDB Code Injection Malicious Traffic Check memory Checks debugger buffers extracted unpack itself Check virtual network interfaces Windows DNS	1 Keyword trend analysis	1	7 Info ET DROP Spamhaus DROP Listed Traffic Inbound group 23 ET MALWARE JS/Nemucod requesting EXE payload 2016-02-01 ET INFO Executable Download from dotted-quad Host ET POLICY PE EXE or DLL Windows file download HTTP ET MALWARE JS/Nemucod.M.gen downloading EXE payload ET INFO Executable Retrieved With Minimal HTTP Headers - Potential Second Stage Download ET HUNTING SUSPICIOUS Dotted Quad Host MZ Response	10.0	M	49	ZeroCERT