popup

Submissions

No Date Request Urls Hosts IDS Rule Score Zero VT Player Etc
7876 2021-05-05 10:24 Windows_Update.exe  

a3ba3e470d3da87be8632657a33869c6


.NET EXE PE File PE32 VirusTotal Malware AutoRuns suspicious privilege MachineGuid Check memory Checks debugger Creates executable files unpack itself Windows utilities suspicious process WriteConsoleW human activity check Windows ComputerName DNS 		1 8.8 M 40 ZeroCERT

7877 2021-05-05 10:26 44444.exe  

cce6c363c0ff7ac663cd71c5906069a6


AsyncRAT backdoor PWS .NET framework AgentTesla SMTP KeyLogger AntiDebug AntiVM .NET EXE PE File PE32 VirusTotal Malware suspicious privilege Check memory Checks debugger unpack itself malicious URLs Windows ComputerName DNS crashed 		1 5.2 M 19 ZeroCERT

7878 2021-05-05 10:26 so.exe  

5551346aa9f251895021b95a2a7cc390


AsyncRAT backdoor PWS .NET framework Malicious Library AntiDebug AntiVM .NET EXE PE File PE32 VirusTotal Malware Code Injection Malicious Traffic Check memory Checks debugger buffers extracted unpack itself Tofsee Windows DNS Cryptographic key crashed 		4 3 4 10.0 M 24 ZeroCERT

7879 2021-05-05 10:29 Sugvt.exe  

5753388fbfcde9e08d00ac9e2be5d881


AsyncRAT backdoor PWS .NET framework AgentTesla Gen1 AntiDebug AntiVM .NET EXE PE File PE32 DLL OS Processor Check JPEG Format Browser Info Stealer Malware download Vidar VirusTotal Email Client Info Stealer Malware Cryptocurrency wallets Cryptocurrency suspicious privilege MachineGuid Malicious Traffic Check memory WMI Creates executable files unpack itself Windows utilities Collect installed applications suspicious process AppData folder malicious URLs AntiVM_Disk WriteConsoleW anti-virtualization VM Disk Size Check installed browsers check OskiStealer Stealer Windows Browser Email ComputerName DNS Password 		9 1 6 12.6 M 28 ZeroCERT

7880 2021-05-05 10:30 Tpxgwea.exe  

02c68ade0e640be3bab30307f1326981


PWS Loki AsyncRAT backdoor .NET framework AgentTesla DNS AntiDebug AntiVM .NET EXE PE File PE32 Browser Info Stealer LokiBot Malware download FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware c&c suspicious privilege MachineGuid Malicious Traffic Check memory malicious URLs installed browsers check Browser Email ComputerName DNS Software 		1 1 7 8.2 M 21 ZeroCERT

7881 2021-05-05 20:17 MLY.exe  

322acea28d5d3b6a4172d4ff76350629


DNS AntiDebug AntiVM .NET EXE PE File PE32 VirusTotal Malware Buffer PE suspicious privilege MachineGuid Code Injection Check memory Checks debugger buffers extracted unpack itself Windows utilities suspicious process WriteConsoleW human activity check Windows ComputerName Cryptographic key crashed 		2 12.8 M 20 ZeroCERT

7882 2021-05-05 20:18 WSH.exe  

2c853d07d7708161ce87c0f32fd338d4


DNS AntiDebug AntiVM .NET EXE PE File PE32 VirusTotal Malware Buffer PE suspicious privilege MachineGuid Code Injection Check memory Checks debugger buffers extracted unpack itself Windows utilities suspicious process WriteConsoleW human activity check Windows ComputerName DNS Cryptographic key DDNS crashed 		3 1 15.0 M 23 ZeroCERT

7883 2021-05-05 20:18 XHG.exe  

56626bf21f8de8d051d744973cb2566c


.NET EXE PE File PE32 VirusTotal Malware Check memory Checks debugger unpack itself 		1.4 15 ZeroCERT

7884 2021-05-05 20:19 OSF.exe  

9583a703274b68a2fb524598b40a87ac


AgentTesla browser info stealer Google Chrome User Data Create Service Sniff Audio Escalate priviledges KeyLogger Code injection Internet API Downloader AntiDebug AntiVM .NET EXE PE File PE32 VirusTotal Malware Buffer PE AutoRuns suspicious privilege Code Injection Check memory Checks debugger buffers extracted Creates executable files unpack itself suspicious process WriteConsoleW Windows ComputerName DNS Cryptographic key crashed keylogger 		2 14.2 M 20 ZeroCERT

7885 2021-05-05 20:20 5.exe  

870b1ebd3a6f7418f9d9651a2772431f


OS Processor Check PE File PE32 VirusTotal Malware unpack itself Remote Code Execution DNS 		3.2 38 ZeroCERT

7886 2021-05-05 20:21 FRK.exe  

7cef0587c3a904ca005df0ea9e9c88e0


DNS AntiDebug AntiVM .NET EXE PE File PE32 VirusTotal Malware Buffer PE AutoRuns suspicious privilege MachineGuid Code Injection Check memory Checks debugger buffers extracted unpack itself Windows utilities suspicious process WriteConsoleW human activity check Windows ComputerName Cryptographic key 		2 14.2 21 ZeroCERT

7887 2021-05-05 20:22 Xcsyck.exe  

295a89feccf93ea0e55f95d486c5036a


AsyncRAT backdoor PWS .NET framework AgentTesla AntiDebug AntiVM .NET EXE PE File PE32 VirusTotal Malware Malicious Traffic Check memory Checks debugger unpack itself malicious URLs 		1 2 3.6 24 ZeroCERT

7888 2021-05-05 20:23 prtoioou5yeuytyudgsugksgwm.exe  

353d774ce94ac11a2a10461b2a3f0623


PWS .NET framework Malicious Library SMTP KeyLogger AntiDebug AntiVM .NET EXE PE File PE32 VirusTotal Malware AutoRuns suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself Windows utilities suspicious process malicious URLs WriteConsoleW Windows ComputerName DNS Cryptographic key crashed 		14.0 15 ZeroCERT

7889 2021-05-05 20:25 waads.exe  

72e4f355907b6c91e6f8508d102bd896


PE File PE32 VirusTotal Malware RWX flags setting unpack itself ComputerName DNS 		2 1 3.8 53 ZeroCERT

7890 2021-05-05 20:25 JOT.exe  

99e166082b19603ff6c4cbebd2641813


.NET EXE PE File PE32 VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger unpack itself suspicious process WriteConsoleW Windows DNS Cryptographic key 		6.4 23 ZeroCERT

keyword