Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Rule	Score	Zero	VT	Player
6946	2024-08-11 14:57	66b1b02a20b5a_cry.exe 675922f5041b15ce59929f38b1798b3c Malicious Library .NET framework(MSIL) UPX ScreenShot AntiDebug AntiVM PE File .NET EXE PE32 VirusTotal Malware PDB suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself					8.0	M	47	ZeroCERT

6947	2024-08-11 14:54	ezil.exe b1dccf5b761bfef51a4204d0c4542bf8 UPX PE File .NET EXE PE32 VirusTotal Malware Check memory Checks debugger unpack itself					2.0	M	47	ZeroCERT

6948	2024-08-11 14:54	tt222.exe ff081c6eebbd9fef49eb7e78ac566a78 Malicious Library Antivirus UPX PE File PE64 OS Processor Check VirusTotal Malware PDB					1.2	M	31	ZeroCERT

6949	2024-08-11 14:52	newbuildteamb.exe 8e7dc75f7c04882b9294d40c4eb67110 Malicious Library Antivirus UPX Anti_VM PE File PE64 OS Processor Check VirusTotal Malware					1.0	M	38	ZeroCERT

6950	2024-08-11 14:52	ax.exe 3697adfd0eaf4b7835607c271843605a Malicious Library Antivirus UPX Anti_VM PE File PE64 OS Processor Check VirusTotal Malware					1.2	M	41	ZeroCERT

6951	2024-08-11 14:51	66b7d12b3a8ea_5k.exe 4bead3a1a9683a320959d1f0704e5c62 RedLine Infostealer RedLine stealer RedlineStealer Malicious Library .NET framework(MSIL) UPX AntiDebug AntiVM PE File .NET EXE PE32 OS Processor Check Browser Info Stealer RedLine Malware download FTP Client Info Stealer VirusTotal Malware PDB suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted Creates executable files unpack itself Collect installed applications Check virtual network interfaces AppData folder installed browsers check Tofsee Ransomware Stealer Windows Browser ComputerName DNS Cryptographic key Software crashed	3 Keyword trend analysis	4	5 Info SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) ET MALWARE RedLine Stealer - CheckConnect Response ET MALWARE Win32/LeftHook Stealer Browser Extension Config Inbound ET MALWARE Redline Stealer/MetaStealer Family Activity (Response) SURICATA HTTP unable to match response to request		14.2	M	21	ZeroCERT

6952	2024-08-11 14:51	66b837290469c_vidar.exe#space dd9a8bbd0b8038552cb57b07a56f0ae2 Stealc Client SW User Data Stealer LokiBot ftp Client info stealer Generic Malware Malicious Library .NET framework(MSIL) UPX Socket Http API PWS HTTP DNS Code injection Internet API AntiDebug AntiVM PE File .NET EXE PE32 VirusTotal Malware Telegram PDB suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted unpack itself malicious URLs Tofsee DNS	1 Keyword trend analysis	5	3	1	9.2	M	12	ZeroCERT

6953	2024-08-11 14:50	equitosssfridayMPDW-constraint... a2f647c353cab5136d0b14bdc792ce7d Generic Malware Antivirus Hide_URL PowerShell powershell suspicious privilege Check memory Checks debugger Creates shortcut unpack itself Check virtual network interfaces suspicious process WriteConsoleW Tofsee Windows ComputerName Cryptographic key	1 Keyword trend analysis	2	1		7.2	M		ZeroCERT

6954	2024-08-11 14:50	evil.exe 9d21096674441d929c18fff44908a0e9 Generic Malware Malicious Packer Antivirus UPX AntiDebug AntiVM PE File PE64 PowerShell VirusTotal Malware powershell suspicious privilege MachineGuid Code Injection Malicious Traffic Check memory Checks debugger Creates shortcut unpack itself Check virtual network interfaces suspicious process Windows ComputerName DNS Cryptographic key	1 Keyword trend analysis	1			10.0	M	20	ZeroCERT

6955	2024-08-11 14:50	66b382f122c02_stk.exe f2908c73543719738bea99c02fdafe00 Generic Malware MPRESS Malicious Library UPX PE File PE32 Lnk Format GIF Format OS Processor Check Malware download VirusTotal Malware AutoRuns Check memory buffers extracted Creates shortcut Creates executable files RWX flags setting unpack itself Windows utilities Checks Bios Detects VirtualBox Detects VMWare suspicious process AppData folder WriteConsoleW VMware anti-virtualization Windows RisePro ComputerName Firmware DNS crashed		1	3		13.6	M	43	ZeroCERT

6956	2024-08-11 14:50	66ae96cb3d23b_crypted.exe 4587aa68e93674b5d4e35fff967b72b0 Generic Malware Malicious Library UPX PE File PE32 OS Processor Check PDB unpack itself crashed					1.2	M		ZeroCERT

6957	2024-08-11 14:50	ConsoleApp3.exe eb2e78bbb601facb768bd61a8e38b372 Malicious Packer PE File .NET EXE PE32 VirusTotal Malware PDB Malicious Traffic Check memory Checks debugger unpack itself Check virtual network interfaces Tofsee	1 Keyword trend analysis	2	1		3.0	M	24	ZeroCERT

6958	2024-08-11 14:49	tt22.exe 6814dfc0fa3a4df8128768115211e095 Malicious Library Antivirus UPX Anti_VM PE File PE64 OS Processor Check VirusTotal Malware					1.0	M	34	ZeroCERT

6959	2024-08-11 14:30	cred.dll e4b1979dd4d6f2bf3d6668506ffe80e6 Amadey Generic Malware Malicious Library UPX PE File DLL PE32 OS Processor Check Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware Cryptocurrency wallets Cryptocurrency Malicious Traffic Checks debugger unpack itself Windows utilities sandbox evasion installed browsers check Windows Browser Email DNS Software	1 Keyword trend analysis	1		1	7.4	M	60	ZeroCERT

6960	2024-08-11 14:29	66b211924622f_LummaC2.exe 6796c089b30aa2e34f560a27f7d230f3 UPX PE File PE32 VirusTotal Malware					1.2	M	59	ZeroCERT