Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	Rule	Score	Zero	VT	Player
7141	2021-04-12 08:04	chrome_elf.dll 98e44115d6f4faaa25524d66776c4eb7 VirusTotal Malware AutoRuns Check memory Checks debugger RWX flags setting unpack itself AntiVM_Disk sandbox evasion VM Disk Size Check Windows Browser Remote Code Execution DNS		1		5.6		18	ZeroCERT

7142	2021-04-12 10:11	1.dotm 33aaf4c68958e89ce690265369e151d6 VirusTotal Malware Code Injection unpack itself DNS	2 Keyword trend analysis	1		5.6	M	36	ZeroCERT

7143	2021-04-12 10:42	delete.exe fca72b6de6d5d9eeab811974eb6a1dbc Cryptocurrency Miner Cryptocurrency PDB suspicious privilege Code Injection Checks debugger WMI Creates executable files unpack itself Windows utilities suspicious process WriteConsoleW Windows ComputerName Remote Code Execution DNS crashed				8.0	M		ZeroCERT

7144	2021-04-12 10:44	delete.exe fca72b6de6d5d9eeab811974eb6a1dbc Cryptocurrency Miner Cryptocurrency PDB suspicious privilege Code Injection Checks debugger WMI Creates executable files unpack itself Windows utilities suspicious process WriteConsoleW Windows ComputerName Remote Code Execution DNS crashed		1		8.0	M		ZeroCERT

7145	2021-04-12 10:44	mazx.exe a7f014f4fe566e48e794b79661aef18e AsyncRAT backdoor VirusTotal Malware Malicious Traffic Check memory Checks debugger unpack itself Check virtual network interfaces ComputerName DNS	3 Keyword trend analysis Info http://asdcqwdwqx.gq/liverpool-fc-news/features/steven-gerrard-liverpool-future-dalglish--goal-2C22351F713CEE29DFD4FCCADD4D4364.html - rule_id: 680 http://asdcqwdwqx.gq/liverpool-fc-news/features/steven-gerrard-liverpool-future-dalglish--goal-A8DBD5B040DB5405A655876B8B321043.html - rule_id: 680 http://asdcqwdwqx.gq/liverpool-fc-news/features/steven-gerrard-liverpool-future-dalglish--goal-E605B6C9826FFAFDD6E622A660B7F5DA.html - rule_id: 680	2	3	4.0	M	55	ZeroCERT

7146	2021-04-12 10:47	aXSz3.exe 6f504e4d2887038775a8636d246f38a1 Antivirus Browser Info Stealer FTP Client Info Stealer Malware Cryptocurrency wallets Cryptocurrency powershell suspicious privilege MachineGuid Code Injection Malicious Traffic Check memory Checks debugger buffers extracted Creates shortcut Creates executable files unpack itself Windows utilities powershell.exe wrote Check virtual network interfaces suspicious process AppData folder sandbox evasion WriteConsoleW installed browsers check Interception Windows Browser ComputerName DNS Cryptographic key Software	2 Keyword trend analysis	3		17.0	M		ZeroCERT

7147	2021-04-12 10:48	yugox.exe 367efadcea9adefd0ac04eda7446736a AsyncRAT backdoor Malware Malicious Traffic Check memory Checks debugger unpack itself Check virtual network interfaces ComputerName	3 Keyword trend analysis Info http://asdcqwdwqx.gq/liverpool-fc-news/features/steven-gerrard-liverpool-future-dalglish--goal-B801112608DBB79D02282F43F064EA2C.html - rule_id: 680 http://asdcqwdwqx.gq/liverpool-fc-news/features/steven-gerrard-liverpool-future-dalglish--goal-D6CBA35C85D30C9F84051AB06A70D405.html - rule_id: 680 http://asdcqwdwqx.gq/liverpool-fc-news/features/steven-gerrard-liverpool-future-dalglish--goal-1CE101FF82FA78995C03665FD307D022.html - rule_id: 680	2	3	2.2	M		ZeroCERT

7148	2021-04-12 10:49	32a1.com ec052b150b112e80d0bfb4b8d0ff8eb9 AutoRuns PDB Check memory Creates executable files unpack itself Check virtual network interfaces WriteConsoleW Windows Remote Code Execution Firmware DNS		2		5.6	M		ZeroCERT

7149	2021-04-12 10:51	brasch.exe d035bf4abd2cebd5d851b425e02d9e83 Loki Azorult .NET framework AsyncRAT backdoor Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware suspicious privilege MachineGuid Code Injection Malicious Traffic Check memory Checks debugger buffers extracted unpack itself malicious URLs installed browsers check Windows Browser Email ComputerName Cryptographic key Software crashed	1 Keyword trend analysis	2	1	13.0	M	51	ZeroCERT

7150	2021-04-12 10:52	64a1.com 829c8b46d2fcfbcb7f5c2e3545a4c4a3 Antivirus VirusTotal Malware AutoRuns PDB Check memory Creates executable files unpack itself Auto service Check virtual network interfaces sandbox evasion Windows Browser ComputerName Remote Code Execution Firmware DNS		2		8.2	M	40	ZeroCERT

7151	2021-04-12 10:53	aguerox.exe 99b84053fd2d502626a1f78394fbf8f2 AsyncRAT backdoor VirusTotal Malware		1		1.2	M	46	ZeroCERT

7152	2021-04-12 10:56	Echelon_protected.exe 4f96ba78b8078180158c591099449438 Browser Info Stealer FTP Client Info Stealer Email Client Info Stealer Malware Cryptocurrency wallets Cryptocurrency suspicious privilege MachineGuid Malicious Traffic Check memory Checks debugger buffers extracted unpack itself Checks Bios Collect installed applications Detects VMWare Check virtual network interfaces VMware anti-virtualization IP Check installed browsers check Windows Browser Email ComputerName Firmware Cryptographic key Software crashed	10 Keyword trend analysis Info http://ip-api.com/xml http://gfs270n073.userstorage.mega.co.nz/ul/xgaQneBEIRVzYwLED97KsQNhv0ditYBD6ozkZpk9FbMK1maOg8S-cDomTZW5nMP0Q9ErqqQDkJboBNWxgzPTDQ/0 https://g.api.mega.co.nz/cs?id=4201891159&ak=axhQiYyQ&sid=rYRikyRocb7u9afiHMeXJ2dseVJjSHBWUHlvBRXTQG5qA3UEnDh_YGMCFg https://g.api.mega.co.nz/cs?id=4201891154&ak=axhQiYyQ https://g.api.mega.co.nz/cs?id=4201891158&ak=axhQiYyQ&sid=rYRikyRocb7u9afiHMeXJ2dseVJjSHBWUHlvBRXTQG5qA3UEnDh_YGMCFg https://g.api.mega.co.nz/cs?id=4201891160&ak=axhQiYyQ&sid=rYRikyRocb7u9afiHMeXJ2dseVJjSHBWUHlvBRXTQG5qA3UEnDh_YGMCFg https://api.ipify.org/ https://g.api.mega.co.nz/cs?id=4201891157&ak=axhQiYyQ&sid=rYRikyRocb7u9afiHMeXJ2dseVJjSHBWUHlvBRXTQG5qA3UEnDh_YGMCFg https://g.api.mega.co.nz/cs?id=4201891156&ak=axhQiYyQ&sid=rYRikyRocb7u9afiHMeXJ2dseVJjSHBWUHlvBRXTQG5qA3UEnDh_YGMCFg https://g.api.mega.co.nz/cs?id=4201891155&ak=axhQiYyQ	8		12.0	M		ZeroCERT

7153	2021-04-12 10:57	mbachux.exe eb00c33045168dfd28843d22e8038269 AsyncRAT backdoor VirusTotal Malware Malicious Traffic Check memory Checks debugger unpack itself Check virtual network interfaces ComputerName	3 Keyword trend analysis Info http://asdcqwdwqx.gq/liverpool-fc-news/features/steven-gerrard-liverpool-future-dalglish--goal-4FE149FB71B79E461BA0B66A88E0406F.html - rule_id: 680 http://asdcqwdwqx.gq/liverpool-fc-news/features/steven-gerrard-liverpool-future-dalglish--goal-30AF486201209BF684C18BE21C14C2A0.html - rule_id: 680 http://asdcqwdwqx.gq/liverpool-fc-news/features/steven-gerrard-liverpool-future-dalglish--goal-60F4F2B25784255F951461B3B3336EB7.html - rule_id: 680	2	3	3.4	M	48	ZeroCERT

7154	2021-04-12 10:57	DCRatBuild.exe 775b36643d8ded334c9411920713a711 AsyncRAT backdoor VirusTotal Malware AutoRuns PDB suspicious privilege MachineGuid Code Injection Malicious Traffic Check memory Checks debugger Creates executable files unpack itself Windows utilities Check virtual network interfaces suspicious process WriteConsoleW IP Check Windows ComputerName Remote Code Execution DNS crashed	5 Keyword trend analysis Info http://82.146.59.236/processorDefault.php?MlqRJsMa1QMYKi=JiLYs2Wrxn&Fz95wpigN=qS7WYrUCPZjp5FgbO&aabb8f74bac12735e9499cd9c6b8baf5=365da4edf7808b477a8d10cbf7405c61&f53d57fa5ca170272892cd3c6aa17be0=wY3AzM2ITM5YWNmljN3UDO4YDN5gjYjljMhZTO3M2YmZTOilTY2cjN&MlqRJsMa1QMYKi=JiLYs2Wrxn&Fz95wpigN=qS7WYrUCPZjp5FgbO http://82.146.59.236/processorDefault.php?MlqRJsMa1QMYKi=JiLYs2Wrxn&Fz95wpigN=qS7WYrUCPZjp5FgbO&8132fb67618ecd9be106ef9ba3717022=QM5EjZxU2YjdTZykDNwQjN3YzN2IDNjlTZ0UzYwYWY2YmMlRDN0MGM5cjNwcTN2gjM0QzNwkDN&f53d57fa5ca170272892cd3c6aa17be0=ANxYmZ0ETN3QzNhZ2MzQWZkRjM2UGOzU2N5I2YyEDZmNjZ0YjZ1kDZ&095b88682a67bcf69516cfbd401a51e6=u4iL5J3b0NWZylGZgcmbp5mbhN2U&c5c532831db1a7dab19172319a0ff14a=ANwMjZlBDM0MGMhJTOkVzNjlDOkRDZiRWO0MzM0EDMjNWZwQDNzEjN&c6dd1cba03876c3affd0f11b003ca4a6=QNwQDN2U2YiZGO2gTNyImZ5ITY4ATNiBjZ3kzYlJTYxATYwIzMzIjZ http://82.146.59.236/processorDefault.php?MlqRJsMa1QMYKi=JiLYs2Wrxn&Fz95wpigN=qS7WYrUCPZjp5FgbO&8132fb67618ecd9be106ef9ba3717022=QM5EjZxU2YjdTZykDNwQjN3YzN2IDNjlTZ0UzYwYWY2YmMlRDN0MGM5cjNwcTN2gjM0QzNwkDN&f53d57fa5ca170272892cd3c6aa17be0=ANxYmZ0ETN3QzNhZ2MzQWZkRjM2UGOzU2N5I2YyEDZmNjZ0YjZ1kDZ&daa9160ddf6ef6047103286e2afebca3=ANwMjZlBDM0MGMhJTOkVzNjlDOkRDZiRWO0MzM0EDMjNWZwQDNzEjN&10f2fa0bda69a6c3f898819a603f080d=wYhRjY4cjZ0M2M0IGO2EGMycTN1QDMiVWZiNDZ1YzMlV2N0U2N0MjZ&095b88682a67bcf69516cfbd401a51e6=9JicldWYuFWTg0WYyd2byBlI6IydvRmbpdFVDFkIsISWiojIulWbkF0cpJCLi4kI6ISbhNmYld1cpJCLiklI6ISZu9Gaw9mcjlWTzlmIsIiI6IyRBRlIsICdpJEI0YDIOtEIsFmbvl2czVmZvJHUgcDIzd3bk5WaXJiOiIXZW5WaXJCL9JCa0VXYn5WazNXat9CXvlmLvZmbpBXavw1LcpzcwRHdoJiOiUWbkFWZyJCLiwWdvV2UvwVYpNXQiojIl52b6VWbpRnIsIiN4EzMwIiOiwWY0N3bwJCLi02bjVGblRFIhVmcvtEI2YzN0MVQiojInJ3biwiI0gzN54iNyEDLwYjN14yNzIiOiM2bsJCLiI1SiojI5JHduV3bjJCLiwWdvV2UiojIu9WanVmciwiIsV3blNlI6ISe0l2YiwiIwUTMuQzMx4COwIjL1cTMiojIwlmI7pjIvZmbJBXSiwiIyIDdzVGdiojIl1WYOJXZzVlIsIyQQ1iMyQ1UFRlI6ISZtFmTDBlIsICOuAjL0IiOiIXZWJXZ2JXZTJCLiMyQiojIlBXeUJXZ2JXZTJye&c5c532831db1a7dab19172319a0ff14a=ANwMjZlBDM0MGMhJTOkVzNjlDOkRDZiRWO0MzM0EDMjNWZwQDNzEjN&c6dd1cba03876c3affd0f11b003ca4a6=QZ0gzYlVTY4YzN3QmMlRWNzQ2YxcjMhdTNmhDMkdTMlFTY5kjZ3gzM http://82.146.59.236/processorDefault.php?MlqRJsMa1QMYKi=JiLYs2Wrxn&Fz95wpigN=qS7WYrUCPZjp5FgbO&46203bcc475d4509a3a86d65325f8855=d0f20e2b176e1456ae89e4aa36cdd07d&MlqRJsMa1QMYKi=JiLYs2Wrxn&Fz95wpigN=qS7WYrUCPZjp5FgbO https://ipinfo.io/json	5		12.6	M	43	ZeroCERT

7155	2021-04-12 10:58	tai1.exe 83a82cacf8a42eb833b95c0985095457 Browser Info Stealer FTP Client Info Stealer VirusTotal Malware Cryptocurrency wallets Cryptocurrency Malicious Traffic unpack itself sandbox evasion installed browsers check Interception Browser DNS Software	1 Keyword trend analysis	2		6.8	M	49	ZeroCERT