Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Rule	Score	Zero	VT	Player
6991	2024-02-04 16:52	inte.exe 7a861d2a7d07c0efa9e429d6bbad1ffc Malicious Library UPX PE32 PE File OS Processor Check VirusTotal Malware unpack itself Remote Code Execution					2.2	M	34	ZeroCERT

6992	2024-02-04 16:50	discord.exe 6ba419bbf9727a5420ed6360f4857a70 PE File PE64 VirusTotal Malware Check memory Checks debugger unpack itself Windows DNS Cryptographic key		1			3.2	M	52	ZeroCERT

6993	2024-02-04 16:49	builden.exe db95cbd1fa1fc7983128cecf51a8795f Malicious Library UPX PE32 PE File OS Processor Check .NET EXE VirusTotal Malware PDB suspicious privilege Check memory Checks debugger Creates executable files unpack itself Remote Code Execution					3.6	M	36	ZeroCERT

6994	2024-02-04 16:47	inte.exe fa092cd96d9916f2e247067653cd1110 Malicious Library UPX PE32 PE File OS Processor Check Malware suspicious privilege Malicious Traffic WMI Windows utilities suspicious process AppData folder WriteConsoleW Windows ComputerName DNS	1 Keyword trend analysis	1		1	4.2	M		ZeroCERT

6995	2024-02-04 16:47	app1.exe 86443efb8ee2289340119b5e84aad4f1 UPX PE File PE64 Buffer PE suspicious privilege MachineGuid Check memory Checks debugger buffers extracted unpack itself AntiVM_Disk VM Disk Size Check ComputerName DNS		1			4.6	M		ZeroCERT

6996	2024-02-04 16:47	npp86Installerx64.exe d8b897481e51cfab29862e8f9d5a039d Emotet Gen1 Malicious Library UPX PE32 PE File CAB AutoRuns PDB MachineGuid Check memory Checks debugger Creates executable files unpack itself AntiVM_Disk VM Disk Size Check Windows ComputerName Remote Code Execution					3.4	M		ZeroCERT

6997	2024-02-04 16:45	conhost.exe ea1f082ea4f956a042ec414357eca36f Formbook Generic Malware .NET framework(MSIL) UPX Antivirus AntiDebug AntiVM PE32 PE File .NET EXE OS Processor Check FormBook Malware download Malware suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted Creates shortcut unpack itself suspicious process WriteConsoleW Windows ComputerName Cryptographic key	1 Keyword trend analysis	4	1		9.0	M		ZeroCERT

6998	2024-02-04 16:45	art22.exe 68bb10f285c0dbab62f5a8ad7c25ee7a PE File PE64 Cryptocurrency Miner Cryptocurrency DNS CoinMiner		4	2		0.8	M		ZeroCERT

6999	2024-02-04 16:43	V-14.exe 5bb552a7343723e6d81249cf19572f68 Generic Malware Antivirus PE32 PE File .NET EXE Malware download AsyncRAT NetWireRC Malware Cryptocurrency wallets Cryptocurrency powershell AutoRuns suspicious privilege Check memory Checks debugger Creates shortcut unpack itself powershell.exe wrote suspicious process WriteConsoleW Ransomware Windows ComputerName DNS Cryptographic key		1	4		8.6	M		ZeroCERT

7000	2024-02-04 16:43	ClamAV-0.103.4.exe 27caec389aed111fc91c3531b9a6dbe1 Emotet Gen1 Hide_EXE Malicious Library UPX .NET framework(MSIL) PE File PE64 CAB PE32 .NET EXE OS Processor Check AutoRuns PDB suspicious privilege Check memory Checks debugger Creates executable files unpack itself AppData folder Windows Remote Code Execution Cryptographic key					4.6	M		ZeroCERT

7001	2024-02-04 16:41	npp86Installerx64.exe d8b897481e51cfab29862e8f9d5a039d Emotet Gen1 Malicious Library UPX PE32 PE File CAB VirusTotal Malware AutoRuns PDB Check memory Checks debugger Creates executable files unpack itself AntiVM_Disk VM Disk Size Check Windows ComputerName Remote Code Execution					4.4	M	49	ZeroCERT

7002	2024-02-04 16:39	fsetrh.exe 6543dfd527080cd599e8905c90903b33 Generic Malware Malicious Library PE32 PE File PNG Format ZIP Format Browser Info Stealer Malware download FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware Cryptocurrency wallets Cryptocurrency MachineGuid Check memory buffers extracted unpack itself Disables Windows Security Collect installed applications AntiVM_Disk sandbox evasion anti-virtualization IP Check VM Disk Size Check installed browsers check Tofsee Ransomware Windows Browser RisePro Email ComputerName DNS Software crashed	1 Keyword trend analysis	5	8 Info ET MALWARE RisePro TCP Heartbeat Packet ET MALWARE [ANY.RUN] RisePro TCP (Token) ET MALWARE [ANY.RUN] RisePro TCP (External IP) SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) ET POLICY Possible External IP Lookup Domain Observed in SNI (ipinfo. io) ET MALWARE [ANY.RUN] RisePro TCP (Exfiltration) ET MALWARE RisePro CnC Activity (Inbound) ET MALWARE [ANY.RUN] RisePro TCP (Activity)		10.8	M	28	ZeroCERT

7003	2024-02-04 16:39	dffdfdf.exe 268cf16a004a6b7515bec416b64ee904 RedLine Infostealer UltraVNC Malicious Library UPX PE32 PE File OS Processor Check VirusTotal Malware PDB Check memory Checks debugger unpack itself Windows Cryptographic key crashed					2.8	M	32	ZeroCERT

7004	2024-02-04 16:38	logo3.jpg.exe a7dcdb8a4ecf815beac47a344d9b7259 RedLine Infostealer UltraVNC Malicious Library UPX PE32 PE File OS Processor Check VirusTotal Malware PDB Check memory Checks debugger unpack itself Windows Cryptographic key crashed					3.2	M	25	ZeroCERT

7005	2024-02-04 16:37	osminogs.exe 95e59305ad61119cf15ee95562bd05ba Gen1 Malicious Library UPX PE32 PE File VirusTotal Malware unpack itself Remote Code Execution crashed					2.2	M	29	ZeroCERT