Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Rule	Score	Zero	VT	Player
6406	2024-01-06 10:54	YT.exe b1087aa5a1a538d7ee3bd9c3b774bb38 Generic Malware Malicious Library Malicious Packer UPX PE File PE64 OS Processor Check VirusTotal Malware crashed					1.4	M	45	ZeroCERT

6407	2024-01-06 10:54	build.exe 0f789ef1e0dea753589a8611eb7754d6 Gen1 Generic Malware Malicious Library Malicious Packer UPX Antivirus Anti_VM PE File PE64 DLL OS Processor Check ftp wget VirusTotal Malware Check memory Creates executable files unpack itself					3.0	M	38	ZeroCERT

6408	2024-01-06 10:52	clip64.dll 85af6c99d918757171d2d280e5ac61ef Amadey Malicious Library UPX PE32 PE File DLL OS Processor Check VirusTotal Malware Malicious Traffic Checks debugger unpack itself DNS	1 Keyword trend analysis	1	1		3.6	M	55	ZeroCERT

6409	2024-01-06 10:51	kkm_fix_old.exe f12d41a888b7e3fd03c3c5347c6ee778 Malicious Library UPX .NET framework(MSIL) PE32 PE File DLL .NET DLL OS Processor Check PNG Format ftp .NET EXE Lnk Format GIF Format VirusTotal Malware AutoRuns Check memory Creates shortcut Creates executable files unpack itself AppData folder Windows ComputerName					3.8	M	34	ZeroCERT

6410	2024-01-06 10:51	tuc2.exe 38382a5999749f4371bc95b75fc375b4 Emotet Gen1 Generic Malware Malicious Library UPX Malicious Packer Admin Tool (Sysinternals etc ...) PE32 PE File MZP Format DLL OS Processor Check PE64 DllRegisterServer dll ZIP Format VirusTotal Malware Check memory Checks debugger Creates executable files unpack itself Windows utilities AppData folder WriteConsoleW Windows ComputerName crashed					4.6	M	29	ZeroCERT

6411	2024-01-06 10:50	pixelguy.exe 255e3b30fb239e20c9441ce9e89169fd RedlineStealer RedLine stealer .NET framework(MSIL) UPX PE32 PE File .NET EXE OS Processor Check Browser Info Stealer RedLine Malware download FTP Client Info Stealer VirusTotal Malware Microsoft suspicious privilege Check memory Checks debugger buffers extracted unpack itself Collect installed applications installed browsers check Stealer Windows Browser ComputerName DNS Cryptographic key Software crashed		1	5 Info ET INFO Microsoft net.tcp Connection Initialization Activity ET MALWARE Redline Stealer TCP CnC Activity ET MALWARE [ANY.RUN] RedLine Stealer Family Related (MC-NMF Authorization) ET MALWARE Redline Stealer TCP CnC - Id1Response ET MALWARE Redline Stealer Family Activity (Response)		6.2	M	55	ZeroCERT

6412	2024-01-06 10:48	tuc6.exe e0fa0f17c56c6ed4d29b3b6a69f99193 Emotet Gen1 Generic Malware Malicious Library UPX Malicious Packer Admin Tool (Sysinternals etc ...) PE32 PE File MZP Format DLL OS Processor Check DllRegisterServer dll PE64 ZIP Format VirusTotal Malware Checks debugger Creates executable files unpack itself AppData folder Windows ComputerName crashed					4.0	M	34	ZeroCERT

6413	2024-01-06 10:48	test2.doc 794004e79c07dbba60e1307549c04c3d VBA_macro Generic Malware AntiDebug AntiVM MSOffice File VirusTotal Malware Code Injection wscript.exe payload download RWX flags setting exploit crash unpack itself Tofsee Exploit crashed		2	2		7.0	M	30	ZeroCERT

6414	2024-01-06 10:45	Payload.exe 9f4a5ffa55c42cdc2b338b2988064a68 Malicious Library Malicious Packer PE32 PE File VirusTotal Malware unpack itself DNS		1			4.2	M	59	ZeroCERT

6415	2024-01-06 10:43	test1.exe 962824cca80e5383661a072b452812ef Malicious Library Malicious Packer UPX PE File PE64 OS Processor Check VirusTotal Malware crashed					1.6	M	25	ZeroCERT

6416	2024-01-06 10:43	baseline.exe ed144caebbc81b2914858fa9a59388fb Malicious Library Malicious Packer PE32 PE File VirusTotal Malware unpack itself DNS		1			4.2	M	61	ZeroCERT

6417	2024-01-06 10:43	288c47bbc187111b439df19ff4df68... 9dc46160b805b73634f4bd8507f11494 NPKI HermeticWiper Generic Malware Suspicious_Script NSIS Malicious Library UPX Antivirus Admin Tool (Sysinternals etc ...) Malicious Packer Anti_VM Javascript_Blob PE32 PE File .NET EXE PNG Format JPEG Format OS Processor Check MZP Format ZIP Format ico VirusTotal Malware Malicious Traffic Check memory Checks debugger Creates executable files unpack itself AppData folder AntiVM_Disk IP Check VM Disk Size Check Ransomware Windows DNS	2 Keyword trend analysis	4	7 Info ET INFO External IP Lookup Domain (ipify .org) in DNS Lookup ET USER_AGENTS Observed Suspicious UA (NSIS_Inetc (Mozilla)) ET POLICY External IP Lookup (ipify .org) ET INFO Executable Download from dotted-quad Host ET INFO Packed Executable Download ET POLICY PE EXE or DLL Windows file download HTTP ET HUNTING SUSPICIOUS Dotted Quad Host MZ Response	1	9.2	M	51	ZeroCERT

6418	2024-01-06 10:41	alex.exe d8337d7ca38eddace5472f7a274b3943 Malicious Library UPX PE32 PE File OS Processor Check .NET EXE Browser Info Stealer RedLine Malware download FTP Client Info Stealer VirusTotal Malware Microsoft AutoRuns suspicious privilege Check memory Checks debugger buffers extracted Creates executable files unpack itself Collect installed applications AppData folder WriteConsoleW installed browsers check Stealer Windows Browser ComputerName DNS Cryptographic key Software crashed		1	3		8.2	M	36	ZeroCERT

6419	2024-01-06 10:41	test3.doc 4333cf43659835679e5f6e9371611b46 VBA_macro Generic Malware AntiDebug AntiVM MSOffice File Vulnerability VirusTotal Malware Code Injection wscript.exe payload download unpack itself Tofsee		2	2		6.6	M	31	ZeroCERT

6420	2024-01-06 10:39	test3.exe 498dd4a3e6d42d89d2739d6956fd6eab Malicious Library PE32 PE File VirusTotal Malware unpack itself DNS		1			3.6	M	54	ZeroCERT