Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Rule	Score	Zero	VT	Player
6781	2023-12-04 18:45	as.exe 12d26de76ef1e100a30a71c12507c8a7 Emotet Gen1 IAmTheKing Family Generic Malware task schedule Downloader Malicious Packer UPX Malicious Library Admin Tool (Sysinternals etc ...) Antivirus Create Service Socket DGA Http API ScreenShot Escalate priviledges Steal credential PWS Hijack Networ VirusTotal Malware PDB suspicious privilege Code Injection malicious URLs					3.8	M	41	ZeroCERT

6782	2023-12-04 18:39	ama.exe 283636033e6111ad957f7b40a2b78963 Amadey UPX PE32 PE File VirusTotal Malware AutoRuns Malicious Traffic Check memory RWX flags setting unpack itself Windows utilities suspicious process AppData folder WriteConsoleW Windows ComputerName DNS	1 Keyword trend analysis	1		1	8.6	M	40	ZeroCERT

6783	2023-12-04 18:37	WinUpdate.exe 31c4a3f16baa5e0437fdd4603987b812 Malicious Library Malicious Packer UPX Javascript_Blob Anti_VM PE File PE64 VirusTotal Malware					2.0	M	49	ZeroCERT

6784	2023-12-04 18:35	ca2.exe 64944a1f7d846006e04b6101d40a28b4 PE File PE64 VirusTotal Malware suspicious privilege MachineGuid Check memory Checks debugger unpack itself Windows ComputerName DNS Cryptographic key		1			4.0	M	47	ZeroCERT

6785	2023-12-04 18:33	autorun.exe dd2ac276240e8ad3deecc338acc8116d Malicious Library Malicious Packer PE32 PE File Browser Info Stealer RedLine Malware download FTP Client Info Stealer VirusTotal Malware Microsoft suspicious privilege Check memory Checks debugger buffers extracted WMI unpack itself Collect installed applications installed browsers check Stealer Windows Browser ComputerName DNS Cryptographic key Software crashed		1	5 Info ET INFO Microsoft net.tcp Connection Initialization Activity ET MALWARE Redline Stealer TCP CnC Activity ET MALWARE [ANY.RUN] RedLine Stealer Family Related (MC-NMF Authorization) ET MALWARE Redline Stealer TCP CnC - Id1Response ET MALWARE Redline Stealer Family Activity (Response)		7.2	M	30	ZeroCERT

6786	2023-12-04 18:32	VmManagedSetup.exe 7ee103ee99b95c07cc4a024e4d0fdc03 SystemBC Malicious Library Antivirus PE File PE64 VirusTotal Malware powershell AutoRuns Windows DNS		1			3.0	M	45	ZeroCERT

6787	2023-12-04 18:32	toolspub2.exe 11b1cc83dc32d2b8764c543b8619e7a9 Malicious Library UPX PE32 PE File OS Processor Check VirusTotal Malware unpack itself Windows crashed					3.2	M	55	ZeroCERT

6788	2023-12-04 18:31	cp.exe 67c91a40f9550dca6e0caf57325b9a10 Themida Packer Downloader UPX Create Service Socket DGA Http API ScreenShot Escalate priviledges Steal credential PWS Sniff Audio HTTP DNS Code injection Internet API persistence FTP KeyLogger P2P AntiDebug AntiVM PE32 PE File VirusTotal Malware AutoRuns Code Injection Check memory Creates executable files RWX flags setting unpack itself Windows utilities Checks Bios Detects VirtualBox Detects VMWare suspicious process WriteConsoleW VMware anti-virtualization Windows ComputerName Firmware crashed					10.6	M	33	ZeroCERT

6789	2023-12-04 18:29	Stealer%20Resou%E2%80%AEnls.sc... 87e782c7ef3f46a86d7df12b399d6fcb PE32 PE File .NET EXE VirusTotal Malware PDB Check memory Checks debugger unpack itself Check virtual network interfaces Tofsee		2	1		2.6	M	49	ZeroCERT

6790	2023-12-04 18:28	1701517543-Srnsa.exe ff92658bebd4081e2389e1c82490c745 PE File PE64 VirusTotal Malware suspicious privilege MachineGuid Check memory Checks debugger unpack itself Windows ComputerName Cryptographic key					3.8	M	49	ZeroCERT

6791	2023-12-04 18:27	good.exe 8ea7dc740a4d382a7dc9322b1649f6f2 Generic Malware Malicious Library Malicious Packer UPX PE32 PE File OS Processor Check Lnk Format GIF Format Malware download VirusTotal Malware AutoRuns suspicious privilege MachineGuid Creates shortcut Creates executable files Windows utilities Disables Windows Security suspicious process WriteConsoleW IP Check human activity check Tofsee Windows RisePro ComputerName DNS	1 Keyword trend analysis	5	4		9.2	M	50	ZeroCERT

6792	2023-12-04 18:26	Elbfyhag.exe 0f60f086665fd4d442821851c878c21b PE32 PE File .NET EXE VirusTotal Malware Check memory Checks debugger unpack itself Check virtual network interfaces DNS		1			4.0	M	54	ZeroCERT

6793	2023-12-04 18:25	xmrig.exe edbbe60d5fc43c859be7363de9eb5798 XMRig Miner Malicious Library Malicious Packer UPX PE File PE64 OS Processor Check VirusTotal Malware					1.4	M	41	ZeroCERT

6794	2023-12-04 18:24	miiyyjss.exe 78f61ca5653a07ec5b698e07d5642c0a UPX PE32 PE File VirusTotal Malware unpack itself Remote Code Execution DNS crashed		1			3.8	M	49	ZeroCERT

6795	2023-12-04 18:24	1701007523-Hzxlsavkq.exe 29620f5d86c39fa73939fdb10803f683 PE32 PE File .NET EXE VirusTotal Malware suspicious privilege Check memory Checks debugger unpack itself Windows ComputerName Cryptographic key crashed					3.4	M	57	ZeroCERT