Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Score	Zero	VT	Player
6556	2021-03-26 16:46	jBByM2Igj1uNMgN.exe 8ce078cc06ef99b712183c5d2c20ec79 Azorult .NET framework VirusTotal Malware Check memory Checks debugger unpack itself Windows DNS Cryptographic key				2.8	M	24	ZeroCERT

6557	2021-03-26 16:48	sZy3eqU24YIz93A.exe f22b976c96fee6a26111cb068ad1107b Azorult .NET framework VirusTotal Malware Check memory Checks debugger unpack itself Windows DNS Cryptographic key				3.0	M	31	ZeroCERT

6558	2021-03-26 16:51	N4FruvUW3NcPbRy.exe ab0d165a949a18b9a3300baa642268c1 Azorult .NET framework VirusTotal Malware Check memory Checks debugger unpack itself Windows DNS Cryptographic key				2.8	M	25	ZeroCERT

6559	2021-03-26 16:53	5aj1ZFnleGKNcV5.exe 16fa42eea53658b1b71576bc7b3aed23 Azorult .NET framework VirusTotal Malware Check memory Checks debugger unpack itself Windows DNS Cryptographic key				3.0	M	30	ZeroCERT

6560	2021-03-26 16:55	mar24.exe 12c4834b861310c404ec5017b38ce2ab Azorult .NET framework VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself Windows utilities suspicious process WriteConsoleW Windows ComputerName DNS Cryptographic key crashed				11.6	M	23	ZeroCERT

6561	2021-03-27 11:08	activationeth.exe cd0540dae1c58573a8ddc05bc7ea20c2 AsyncRAT backdoor VirusTotal Malware AutoRuns suspicious privilege MachineGuid Check memory Checks debugger Creates executable files unpack itself Windows utilities AppData folder Windows ComputerName DNS				6.0	M	20	ZeroCERT

6562	2021-03-27 11:11	winlog.exe 3585ccb4ad76545b64d3f386147a8350 VirusTotal Malware Check memory Checks debugger Creates executable files unpack itself AppData folder sandbox evasion ComputerName DNS	2 Keyword trend analysis			4.4	M	29	ZeroCERT

6563	2021-03-27 11:11	vbc.exe 6325da6a12187d9beca1f8dcc7cc04ef Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware suspicious privilege MachineGuid Check memory Creates executable files AppData folder sandbox evasion installed browsers check Browser Email ComputerName Software	3 Keyword trend analysis	2		8.0		15	ZeroCERT

6564	2021-03-27 11:14	r210.dll fdabedcd2bbcaef317bc3fef55a23e0f VirusTotal Malware AutoRuns PDB Code Injection Check memory Checks debugger buffers extracted Creates executable files ICMP traffic RWX flags setting unpack itself Windows utilities sandbox evasion Windows ComputerName DNS		1		7.8		2	ZeroCERT

6565	2021-03-27 11:15	charli.exe e233541c1b164905c77e6641a1bf184d Azorult .NET framework AsyncRAT backdoor VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself Windows DNS Cryptographic key				9.2		39	ZeroCERT

6566	2021-03-27 11:16	r10.dll f3da2faeed91df74170149fc4420ef09 Emotet Gen VirusTotal Malware AutoRuns Code Injection Check memory Checks debugger buffers extracted Creates executable files ICMP traffic RWX flags setting unpack itself Windows utilities sandbox evasion Windows ComputerName Remote Code Execution DNS		1		7.8		3	ZeroCERT

6567	2021-03-27 11:18	regasm.exe 60bfb1d4d87864d15a5d376e8f9a5ee9 VirusTotal Malware unpack itself DNS				3.0		36	ZeroCERT

6568	2021-03-27 11:18	putty.exe f690fa242d8200f27e71e11d469b584d Glupteba Malicious Library VirusTotal Malware PDB unpack itself Windows Remote Code Execution crashed				3.2		49	ZeroCERT

6569	2021-03-27 11:20	csv_to_xml.exe 13192ace53c44630185ac602bdd9ad09 VirusTotal Malware Check memory Creates shortcut unpack itself AntiVM_Disk VM Disk Size Check ComputerName				2.2		14	ZeroCERT

6570	2021-03-27 11:22	vbc.exe cbd4dc2786842a4507d77e71b16c6129 AsyncRAT backdoor Browser Info Stealer LokiBot Malware download FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware c&c suspicious privilege MachineGuid Code Injection Malicious Traffic Check memory Checks debugger buffers extracted ICMP traffic unpack itself Check virtual network interfaces suspicious process malicious URLs WriteConsoleW installed browsers check Windows Browser Email ComputerName Cryptographic key Software	2 Keyword trend analysis	4	7 Info ET MALWARE LokiBot User-Agent (Charon/Inferno) ET MALWARE LokiBot Checkin ET MALWARE LokiBot Application/Credential Data Exfiltration Detected M1 ET MALWARE LokiBot Application/Credential Data Exfiltration Detected M2 ET MALWARE LokiBot Request for C2 Commands Detected M1 ET MALWARE LokiBot Request for C2 Commands Detected M2 ET MALWARE LokiBot Fake 404 Response	14.6	M	20	ZeroCERT