popup

Submissions

No Date Request Urls Hosts IDS Rule Score Zero VT Player Etc
6481 2023-12-22 08:27 ma.exe  

4737e1a615b8b7d377586394589844d4


PE File PE64 .NET EXE unpack itself Windows Remote Code Execution crashed 		2.0 M ZeroCERT

6482 2023-12-22 08:25 cp.exe  

8fc868f86ee50172a6135d3a58d3495f


Downloader Malicious Library VMProtect UPX Create Service Socket DGA Http API ScreenShot Escalate priviledges Steal credential PWS Sniff Audio HTTP DNS Code injection Internet API persistence FTP KeyLogger P2P AntiDebug AntiVM PE32 PE File AutoRuns Code Injection Check memory Creates executable files Windows utilities suspicious process WriteConsoleW Windows ComputerName Remote Code Execution 		5.4 M ZeroCERT

6483 2023-12-22 08:24 crypted.exe  

42464d83d6f8b2ce1a88cf6c7c721c09


RedLine stealer Malicious Library Admin Tool (Sysinternals etc ...) UPX ScreenShot PWS AntiDebug AntiVM PE32 PE File OS Processor Check Code Injection Check memory Checks debugger buffers extracted unpack itself Windows DNS Cryptographic key crashed 		1 8.6 M ZeroCERT

6484 2023-12-22 08:22 v1220-55000.exe  

04f93f610df4d1c941ec7f64679e3039


.NET framework(MSIL) UPX Malicious Library ScreenShot AntiDebug AntiVM PE32 PE File .NET EXE DLL OS Processor Check Buffer PE PDB Code Injection Check memory Checks debugger buffers extracted Creates executable files unpack itself AppData folder Windows Cryptographic key crashed 		8.2 ZeroCERT

6485 2023-12-22 08:22 Wzslollihv.exe  

1a9c1d237843ca776d5d1d2ef84fb493


Hide_EXE UPX PE File PE64 VirusTotal Malware Check memory Checks debugger unpack itself 		2.2 M 39 ZeroCERT

6486 2023-12-22 08:20 Minodeka.exe  

eb591336a1a8c61faf248e784166a19a


Malicious Library PE32 PE File VirusTotal Malware PDB unpack itself Remote Code Execution 		2.4 56 ZeroCERT

6487 2023-12-22 08:20 setup294.exe  

391487909449a0c19ea2a2ae599c8731


Malicious Library AntiDebug AntiVM PE32 PE File DLL Code Injection Check memory Checks debugger Creates executable files unpack itself AppData folder 		3.6 M ZeroCERT

6488 2023-12-22 08:18 againn.exe  

24d81523b3033dddc3bf6526d86f819d


Malicious Library Malicious Packer UPX PE32 PE File OS Processor Check VirusTotal Malware Check memory Checks debugger unpack itself Windows DNS Cryptographic key 		1 5.0 M 56 ZeroCERT

6489 2023-12-22 08:17 frreebeeie.exe  

2c8bf6e42f2195c8256d91f5007a1219


PE File PE64 VirusTotal Malware Malicious Traffic Check memory Checks debugger buffers extracted unpack itself Check virtual network interfaces DNS 		1 1 4.2 M 40 ZeroCERT

6490 2023-12-22 08:16 build_2023-12-19_21-29.exe  

19c47b81c5a0b6c2791c0ff91e21e87a


Malicious Library UPX PE32 PE File OS Processor Check VirusTotal Malware unpack itself Windows DNS crashed 		1 3.6 M 55 ZeroCERT

6491 2023-12-22 08:15 sl.exe  

a6f1e6b5775a94219b69a6261b36244a


Malicious Library Downloader Admin Tool (Sysinternals etc ...) UPX PE32 PE File Malware download VirusTotal Malware AutoRuns Malicious Traffic Windows DNS Downloader 		2 1 2 4.2 M 50 ZeroCERT

6492 2023-12-22 08:13 adobe.exe  

a056c3e2e3334be82cc40e2af20ef67b


Emotet Gen1 Generic Malware Malicious Library UPX Malicious Packer Admin Tool (Sysinternals etc ...) PE32 PE File MZP Format DLL OS Processor Check PE64 DllRegisterServer dll wget ZIP Format Check memory Checks debugger Creates executable files unpack itself AppData folder ComputerName crashed 		2.6 ZeroCERT

6493 2023-12-22 08:13 build2.exe  

e23c839edb489081120befe1e44b04db


Client SW User Data Stealer LokiBot ftp Client info stealer Malicious Library UPX Http API PWS Code injection AntiDebug AntiVM PE32 PE File OS Processor Check VirusTotal Malware Telegram PDB MachineGuid Code Injection Malicious Traffic Checks debugger buffers extracted WMI unpack itself malicious URLs Tofsee ComputerName Remote Code Execution DNS crashed 		1 5 3 11.0 58 ZeroCERT

6494 2023-12-22 08:13 brg.exe  

dff334fa8d2c701dba4139875f14c9ff


Malicious Library VMProtect UPX PE32 PE File VirusTotal Malware unpack itself Remote Code Execution DNS 		2 3.4 21 ZeroCERT

6495 2023-12-22 08:11 ww.exe  

ca582fafbbb257ccf1bf91dac47fcf4f


Malicious Library UPX PE32 PE File OS Processor Check VirusTotal Malware PDB unpack itself Remote Code Execution 		2.2 32 ZeroCERT

keyword