Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Score	Zero	VT	Player
6946	2023-11-27 09:30	axx.exe 37ef17ae6a134a55482b0d84126d2ab8 Malicious Library PE File PE64 VirusTotal Malware RWX flags setting DNS		1		3.2	M	52	ZeroCERT

6947	2023-11-27 09:27	64_6666.exe dbfe72085ba54253275429f078307fbd PE File PE64 VirusTotal Malware				2.4	M	59	ZeroCERT

6948	2023-11-27 09:26	demon.exe 73053ed899ed813b3113ad2a588b446d Generic Malware Malicious Packer PE File PE64 VirusTotal Malware unpack itself				2.6	M	48	ZeroCERT

6949	2023-11-27 09:25	build.exe 4ae6e509138d9525ca9d01c477958d4e Malicious Library UPX PE32 PE File OS Processor Check VirusTotal Malware PDB unpack itself				1.8	M	40	ZeroCERT

6950	2023-11-26 13:58	updates.exe 2b5eca0c8dcfd123b1790a137feb4146 Browser Login Data Stealer NetWire RAT Malicious Library Malicious Packer UPX PE File PE64 PE32 OS Processor Check Lnk Format GIF Format VirusTotal Malware AutoRuns Check memory Creates shortcut Creates executable files unpack itself AppData folder Windows ComputerName DNS DDNS		1	1	6.0	M	51	ZeroCERT

6951	2023-11-26 13:56	new.exe 0179eec24965822ea41af4447d767961 Generic Malware Antivirus UPX PE32 PE File .NET EXE OS Processor Check VirusTotal Malware powershell AutoRuns suspicious privilege MachineGuid Check memory Checks debugger Creates shortcut Creates executable files unpack itself Windows utilities suspicious process AppData folder AntiVM_Disk WriteConsoleW VM Disk Size Check Windows ComputerName Cryptographic key keylogger				8.4	M	55	ZeroCERT

6952	2023-11-26 13:52	devenvhost.exe 552fc1ab56ac48bebff7d6ddb8555045 Gen1 Malicious Library UPX AntiDebug AntiVM PE32 PE File OS Processor Check VirusTotal Malware PDB Code Injection Check memory Checks debugger Creates executable files unpack itself WriteConsoleW Remote Code Execution				5.8	M	54	ZeroCERT

6953	2023-11-26 13:50	timeSync.exe 1bdfbfdae4986adb79324930d7c9eaa3 Malicious Library UPX PE32 PE File OS Processor Check VirusTotal Malware PDB unpack itself				1.6	M	35	ZeroCERT

6954	2023-11-26 13:49	home.exe b5f964d3dbe27ea562d3a750af190bea Malicious Library Malicious Packer UPX PE32 PE File OS Processor Check ZIP Format Lnk Format GIF Format Browser Info Stealer Malware download FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware Cryptocurrency wallets Cryptocurrency AutoRuns MachineGuid Check memory Creates shortcut Creates executable files unpack itself Windows utilities Collect installed applications suspicious process AntiVM_Disk sandbox evasion WriteConsoleW anti-virtualization IP Check VM Disk Size Check installed browsers check Tofsee Ransomware Windows Browser RisePro Email ComputerName DNS Software crashed	1 Keyword trend analysis	5	7 Info ET MALWARE [ANY.RUN] RisePro TCP v.0.x (Token) ET POLICY Possible External IP Lookup Domain Observed in SNI (ipinfo. io) SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) ET MALWARE [ANY.RUN] RisePro TCP v.0.x (External IP) ET MALWARE Suspected RisePro TCP Heartbeat Packet ET MALWARE [ANY.RUN] RisePro TCP v.0.x (Activity) ET MALWARE [ANY.RUN] RisePro TCP v.0.x (Exfiltration)	13.2	M	43	ZeroCERT

6955	2023-11-26 13:47	toolspub2.exe 5f4839a45c6193363a21b784bf91e783 Malicious Library UPX AntiDebug AntiVM PE32 PE File OS Processor Check VirusTotal Malware PDB Code Injection Checks debugger buffers extracted unpack itself				6.6	M	30	ZeroCERT

6956	2023-11-26 13:45	update.exe 37035aa02a65b1b869898cb611d37686 Browser Login Data Stealer NetWire RAT Malicious Library UPX PE32 PE File OS Processor Check VirusTotal Malware AutoRuns Check memory Checks debugger Creates executable files AppData folder Windows DNS DDNS		1	1	4.8	M	60	ZeroCERT

6957	2023-11-26 13:45	winrar.exe 715d9e1786839981fc5aa6ec4c9df1a6 Antivirus UPX PE32 PE File .NET EXE OS Processor Check VirusTotal Malware suspicious privilege MachineGuid Check memory Checks debugger unpack itself AntiVM_Disk VM Disk Size Check Windows ComputerName Cryptographic key				4.4	M	58	ZeroCERT

6958	2023-11-26 13:43	setup.exe 13c54df3790dbde46fbe989793e21ce7 Malicious Library PE32 PE File VirusTotal Malware WMI Creates executable files RWX flags setting Checks Bios anti-virtualization ComputerName				3.8	M	28	ZeroCERT

6959	2023-11-26 13:42	Server.exe a92ef911215a303fc49de97c4c6d837f njRAT backdoor PE32 PE File .NET EXE VirusTotal Malware WriteConsoleW DNS DDNS		1	1	1.8	M	65	ZeroCERT

6960	2023-11-26 13:41	macindas2.1.exe 84682f07f2f1698e49b6a29573c5679d NSIS Malicious Library UPX PE32 PE File FormBook Malware download VirusTotal Malware suspicious privilege Malicious Traffic Check memory Creates executable files unpack itself	4 Keyword trend analysis Info http://www.salvanandcie.com/tb8i/?-ZeTi6B=UMOMUPRltOuIOavlOV9TAbzOI3NyPSxU0IiF98vYZIoJYysmNQovnALCNihIDsZ76SkBnDz1&2d=lnxh http://www.tron-pk.xyz/tb8i/?-ZeTi6B=5rJxyOnP1GB0ESD4ttWy9/4jFy42toRxagw3E+bnB/pmFdmTHJRzMwLMKKbb+ploXs+4W+sP&2d=lnxh http://www.texwwfrx.com/tb8i/?-ZeTi6B=zluqp2Qif7Juk0jSJTDTdhTVgLgB+eVfrKJdSE4Bz8PdBwx7LJWv3E/FDzXvfZ8eIpu6oPdn&2d=lnxh http://www.free-indeed.faith/tb8i/?-ZeTi6B=mjsfGumS0MCj+go/ckdO0h+daXKQjTCMjol4fCy+GQ9z9EIRohWOFaX9TAL/50qANRa4gnnD&2d=lnxh	9	2	4.2	M	48	ZeroCERT