Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Score	Zero	VT	Player
706	2024-08-23 20:12	lum_agent_online.exe d09a787b5982cf6eccd6e4bbe6290850 Emotet Generic Malware Malicious Library UPX Malicious Packer PE File PE32 OS Processor Check DLL PE64 DllRegisterServer dll Malware AutoRuns PDB suspicious privilege Malicious Traffic Check memory Checks debugger Creates executable files unpack itself Windows utilities Auto service Check virtual network interfaces Tofsee Ransomware Windows ComputerName Remote Code Execution	4 Keyword trend analysis Info http://client-updates.lumu.io/service/update2?cup2key=1:aiyktIlMWjC_YDIJkn6k3-6XqffwkP2DaBfamURTQIA&cup2hreq=a4125a8074c9af063159ba78027272f9671c42488dea9878a9c5f20b4b7c8dc7 http://x1.i.lencr.org/ http://client-updates.lumu.io/service/update2 https://lumu-updates.s3.amazonaws.com/build/Agent/win/2203318943744/desktop_single_agent-d47545d41d.exe	7	1	7.4			guest

707	2024-08-23 10:25	66c788707161f_len4n1d.exe 1ec595d061389ddf2349330280609a57 Antivirus ScreenShot AntiDebug AntiVM PE File .NET EXE PE32 VirusTotal Malware PDB Code Injection Check memory Checks debugger buffers extracted unpack itself				7.2		34	ZeroCERT

708	2024-08-23 10:00	sheisworthforbuttermilkwhichgi... 3d88ae1173dd6f3122d6936d7078982a MS_RTF_Obfuscation_Objects RTF File doc VirusTotal Malware Malicious Traffic RWX flags setting exploit crash Tofsee Exploit DNS crashed	1 Keyword trend analysis	3	1	4.6	M	33	ZeroCERT

709	2024-08-23 09:58	Vape.exe 7b60adfd3c8713955436035786b8ae2b Generic Malware Malicious Library Malicious Packer UPX PE File PE64 OS Processor Check VirusTotal Malware suspicious privilege Checks debugger Remote Code Execution DNS		1		2.8	M	9	ZeroCERT

710	2024-08-23 09:56	66c6fcb30b9dd_123p.exe 025ebe0a476fe1a27749e6da0eea724f PE File PE64 VirusTotal Cryptocurrency Miner Malware DNS CoinMiner		2	1	1.4	M	21	ZeroCERT

711	2024-08-23 09:56	Pollosappnuevo.bat 536ac91b5fe6a53fd85f5d7b609dc591 Generic Malware Downloader Antivirus Create Service Socket DGA Http API ScreenShot Escalate priviledges Steal credential PWS Sniff Audio HTTP DNS Code injection Internet API FTP KeyLogger P2P AntiDebug AntiVM PowerShell VirusTotal Malware powershell suspicious privilege Check memory Checks debugger Creates shortcut unpack itself Windows utilities powershell.exe wrote suspicious process WriteConsoleW Windows ComputerName Cryptographic key				5.4		9	ZeroCERT

712	2024-08-23 09:54	PollosAplicaccion.bat eae7aa8feff31887941d85efc8b29cb7 Generic Malware Downloader Antivirus Create Service Socket DGA Http API ScreenShot Escalate priviledges Steal credential PWS Sniff Audio HTTP DNS Code injection Internet API FTP KeyLogger P2P AntiDebug AntiVM PowerShell VirusTotal Malware powershell suspicious privilege Check memory Checks debugger Creates shortcut unpack itself Windows utilities powershell.exe wrote suspicious process WriteConsoleW Windows ComputerName Cryptographic key				5.6		13	ZeroCERT

713	2024-08-23 09:54	SequencesPassage.exe dadfa6f51c990b1b4f5520f3a8e2c824 Generic Malware Malicious Library UPX PE File PE32 OS Processor Check VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger WMI Creates executable files Windows utilities suspicious process AppData folder WriteConsoleW Windows ComputerName				5.4		15	ZeroCERT

714	2024-08-23 09:54	launcher.jpg.exe e56934b31bd60c42cbb9b44313666c0c Malicious Library Malicious Packer Antivirus UPX PE File PE64 DNS		1		1.2			ZeroCERT

715	2024-08-23 09:52	Update.exe 679c3af5f25af03f0703263673e1bb15 Themida Packer Downloader Malicious Library UPX Create Service Socket DGA Http API ScreenShot Escalate priviledges Steal credential PWS Sniff Audio HTTP DNS Code injection Internet API persistence FTP KeyLogger P2P AntiDebug AntiVM PE File PE32 VirusTotal Malware AutoRuns Code Injection Check memory Creates executable files RWX flags setting unpack itself Windows utilities Checks Bios Detects VirtualBox Detects VMWare suspicious process WriteConsoleW VMware anti-virtualization Windows ComputerName Remote Code Execution Firmware crashed				11.0	M	53	ZeroCERT

716	2024-08-23 09:49	Updater.exe dd3aa70adbe7894d6705ddb398155628 Generic Malware Malicious Library VMProtect PE File PE64 VirusTotal Cryptocurrency Miner Malware DNS CoinMiner		5	2	2.2	M	60	ZeroCERT

717	2024-08-23 09:49	mewantyouraregetmebackwithenti... 55f8f4d3e0a9c939c28da10340f86c3d MS_RTF_Obfuscation_Objects RTF File doc VirusTotal Malware Malicious Traffic RWX flags setting exploit crash Tofsee Exploit DNS crashed	1 Keyword trend analysis	3	1	4.6	M	32	ZeroCERT

718	2024-08-23 09:45	Client.exe 754aa1e8baa350cb36b05ddf8feb5bbe Malicious Library Antivirus UPX PE File PE32 MZP Format OS Processor Check .NET EXE DLL JPEG Format Lnk Format GIF Format VirusTotal Malware AutoRuns suspicious privilege MachineGuid Check memory Checks debugger Creates shortcut Creates executable files unpack itself Windows utilities suspicious process AppData folder AntiVM_Disk WriteConsoleW VM Disk Size Check Tofsee Windows Advertising Google ComputerName DNS DDNS crashed keylogger	3 Keyword trend analysis Info http://freedns.afraid.org/api/?action=getdyndns&sha=a30fa98efc092684e8d1c5cff797bcc613562978 https://drive.usercontent.google.com/download?id=0BxsMXGfPIZfSVlVsOGlEVGxuZVk&export=download https://drive.usercontent.google.com/download?id=0BxsMXGfPIZfSTmlVYkxhSDg5TzQ&export=download	9	2	12.8	M	61	ZeroCERT

719	2024-08-23 09:43	Pollos.exe 6640aedcf559295e30a2e01bdd54e488 Malicious Library Antivirus UPX PE File .NET EXE PE32 OS Processor Check VirusTotal Malware suspicious privilege MachineGuid Check memory Checks debugger unpack itself AntiVM_Disk VM Disk Size Check Windows ComputerName Cryptographic key				4.0	M	61	ZeroCERT

720	2024-08-23 09:40	66c62b9bd2f1c_doz.exe c8d1a38262b49ff7cc32f3e784bd55bc Client SW User Data Stealer LokiBot ftp Client info stealer Malicious Library ASPack UPX Http API PWS HTTP Code injection Internet API AntiDebug AntiVM PE File .NET EXE PE32 OS Processor Check FTP Client Info Stealer VirusTotal Malware Telegram PDB suspicious privilege MachineGuid Code Injection Malicious Traffic Check memory Checks debugger buffers extracted WMI unpack itself Windows utilities Collect installed applications suspicious process malicious URLs sandbox evasion WriteConsoleW anti-virtualization installed browsers check Tofsee Windows Browser ComputerName DNS Software	2 Keyword trend analysis	5	3	18.2	M	47	ZeroCERT