Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Score	Zero	VT	Player
6421	2021-03-23 11:34	oko.exe c9ad6730dbd47a1900fe05b39dea810f VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself Windows Cryptographic key				9.4	M	23	ZeroCERT

6422	2021-03-23 11:34	xax.exe b2e53e9608f1c63829d280f66e638619 VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself Windows ComputerName DNS Cryptographic key crashed				10.2	M	34	ZeroCERT

6423	2021-03-23 11:35	svc.exe 3891f7dbf1513c0f9545a5425571a48f Azorult .NET framework AsyncRAT backdoor VirusTotal Malware suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted unpack itself Check virtual network interfaces Tofsee Windows	1 Keyword trend analysis	2	1	9.8	M	24	ZeroCERT

6424	2021-03-23 13:14	vmv.exe d4fc99799273a7091629bd0a87c8d820 VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself Windows ComputerName Cryptographic key crashed				9.6	M	37	ZeroCERT

6425	2021-03-23 13:15	razi.exe 457d4236836f28c4176e828ecfff8b05 VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself Windows ComputerName DNS Cryptographic key crashed				9.8	M	15	ZeroCERT

6426	2021-03-23 13:19	xax.exe b2e53e9608f1c63829d280f66e638619 VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself Windows ComputerName Cryptographic key crashed				9.6	M	34	ZeroCERT

6427	2021-03-23 13:20	oko.exe c9ad6730dbd47a1900fe05b39dea810f VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself Windows DNS Cryptographic key				9.0	M	23	ZeroCERT

6428	2021-03-23 17:55	vbc.exe 8254a0cdac6f08de88fb4ab5c2adc4d3 Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware suspicious privilege MachineGuid Check memory Creates executable files ICMP traffic unpack itself AppData folder AntiVM_Disk sandbox evasion VM Disk Size Check installed browsers check Browser Email ComputerName DNS Software	1 Keyword trend analysis	2		10.4		26	ZeroCERT

6429	2021-03-23 17:58	14111.txt 76ca2bd487ce34419aeb0707ab79c686 VirusTotal Malware				1.6		56	ZeroCERT

6430	2021-03-23 17:58	simx.exe d27e2e5039cc62ca865c8090548c1552 Azorult .NET framework AsyncRAT backdoor Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted unpack itself Windows utilities Check virtual network interfaces suspicious process WriteConsoleW IP Check Tofsee Windows Browser Email ComputerName DNS Cryptographic key DDNS Software crashed keylogger	2 Keyword trend analysis	4	4	16.8		29	ZeroCERT

6431	2021-03-23 17:59	VZR.exe fc7c1d93d598a03632552cb838f466e1 Google Chrome User Data browser info stealer VirusTotal Malware Buffer PE AutoRuns Code Injection Check memory Checks debugger buffers extracted Creates executable files unpack itself suspicious process Windows				10.6		17	ZeroCERT

6432	2021-03-23 18:01	mnas.exe 9a0b2f332389787f9b32103064ad63f5 Azorult .NET framework AsyncRAT backdoor Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted unpack itself Windows utilities Check virtual network interfaces suspicious process WriteConsoleW IP Check Tofsee Windows Browser Email ComputerName DNS Cryptographic key DDNS Software crashed keylogger	2 Keyword trend analysis	4	4	16.0		33	ZeroCERT

6433	2021-03-23 18:01	regasm.exe 0f07879a0585dfa4d1f77dbc07a70db8 Browser Info Stealer LokiBot Malware download FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware c&c suspicious privilege MachineGuid Malicious Traffic Check memory Creates executable files unpack itself AppData folder sandbox evasion installed browsers check Browser Email ComputerName Software	1 Keyword trend analysis	2	7 Info ET MALWARE LokiBot User-Agent (Charon/Inferno) ET MALWARE LokiBot Checkin ET MALWARE LokiBot Application/Credential Data Exfiltration Detected M1 ET MALWARE LokiBot Application/Credential Data Exfiltration Detected M2 ET MALWARE LokiBot Request for C2 Commands Detected M1 ET MALWARE LokiBot Request for C2 Commands Detected M2 ET MALWARE LokiBot Fake 404 Response	8.6		16	ZeroCERT

6434	2021-03-23 18:03	regasm.exe 13e0887c167c3cf36acde356b7a33eaa Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware suspicious privilege MachineGuid Check memory Creates executable files ICMP traffic unpack itself AppData folder AntiVM_Disk sandbox evasion VM Disk Size Check installed browsers check Browser Email ComputerName DNS Software	1 Keyword trend analysis	2		10.2	M	18	ZeroCERT

6435	2021-03-23 18:03	158.dll 022e2c948003e42124c97687fac72f3a Emotet Trickbot Gen VirusTotal Malware Checks debugger buffers extracted RWX flags setting unpack itself suspicious process Remote Code Execution				4.0	M	7	ZeroCERT