popup

Submissions

No Date Request Urls Hosts IDS Rule Score Zero VT Player Etc
7906 2021-05-06 10:49 presentation.dll  

9debcd929765390555ca123c0076eea4


Gen1 DLL PE File PE32 VirusTotal Malware PDB MachineGuid unpack itself ComputerName DNS 		2.2 M 10 ZeroCERT

7907 2021-05-06 10:52 presentation.jar  

c8548c1e92d4429e23ebd7aa1715a7b8

VirusTotal Malware Check memory heapspray unpack itself Java DNS 		3.0 M 21 ZeroCERT

7908 2021-05-06 11:34 waads.exe  

72e4f355907b6c91e6f8508d102bd896


Malicious Library PE File PE32 VirusTotal Malware RWX flags setting unpack itself ComputerName DNS 		2 1 2 3.8 M 53 r0d

7909 2021-05-06 13:48 scr.dll  

a48dc2da2655fd049e37e36fcda28fba


Amadey DLL PE File PE32 JPEG Format VirusTotal Malware Checks debugger buffers extracted unpack itself DNS 		1 1 1 2.8 M 36 r0d

7910 2021-05-06 14:16 so.exe  

5551346aa9f251895021b95a2a7cc390


AsyncRAT backdoor PWS .NET framework Malicious Library .NET EXE PE File PE32 VirusTotal Malware Check memory Checks debugger unpack itself Windows Cryptographic key 		3.6 M 42 ZeroCERT

7911 2021-05-06 14:25 winlog.exe  

64d2a84ee308baeb97c39ca92c679b65


Loki PE File PE32 DLL Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware suspicious privilege MachineGuid Malicious Traffic Check memory Creates executable files unpack itself AppData folder installed browsers check Browser Email ComputerName Software 		2 2 1 8.4 20 ZeroCERT

7912 2021-05-06 16:34 http://nbnbtwowsdydebateqgh.dn...  

64d2a84ee308baeb97c39ca92c679b65


AgentTesla DGA DNS Socket Create Service Sniff Audio HTTP Escalate priviledges KeyLogger FTP Hijack Network Code injection Http API Internet API Steal credential ScreenShot Downloader P2P persistence AntiDebug AntiVM MSOffice File PE File PE32 VirusTotal Malware Code Injection Creates executable files ICMP traffic exploit crash unpack itself Windows utilities AppData folder malicious URLs Tofsee Windows Exploit Trojan DNS crashed 		2 4 6.0 M 20 guest

7913 2021-05-06 18:08 kizito.exe  

0282fb6d3422cdebf88ba2d9ce0831af


PWS .NET framework Malicious Library AntiDebug AntiVM .NET EXE PE File PE32 VirusTotal Malware PDB suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself malicious URLs Windows DNS Cryptographic key 		8.8 39 ZeroCERT

7914 2021-05-07 11:34 cutscroll.png  

5ceaa6deb3ee0395632e64da64077689


tor Gen1 Emotet PE File PE32 Dridex TrickBot Malware Report suspicious privilege Malicious Traffic buffers extracted unpack itself Check virtual network interfaces suspicious process Kovter ComputerName DNS crashed 		1 4 4 1 6.4 M ZeroCERT

7915 2021-05-07 11:34 pCt29lTpXMToITU.exe  

75a979bb75fc8fc7d37925ae786ea658


PWS .NET framework Malicious Library SMTP KeyLogger AntiDebug AntiVM .NET EXE PE File PE32 VirusTotal Malware PDB suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself Windows utilities suspicious process WriteConsoleW Windows ComputerName DNS Cryptographic key crashed 		11.8 29 ZeroCERT

7916 2021-05-07 11:36 terd.exe  

4cca9a1ec4b92df89a8bc992a6ba961f


PE64 PE File VirusTotal Malware unpack itself ComputerName DNS 		3.0 16 ZeroCERT

7917 2021-05-07 11:36 bot.exe  

6d982fa4f9b078255c1167e9889cea9b


Glupteba OS Processor Check PE File PE32 VirusTotal Malware PDB unpack itself Windows crashed 		3.2 35 ZeroCERT

7918 2021-05-07 11:38 gjfUcq8ScvVw2L9.exe  

2f3b713208e4529613738cb2a4aee54f


PWS .NET framework Malicious Library .NET EXE PE File PE32 VirusTotal Malware PDB suspicious privilege Code Injection Check memory Checks debugger unpack itself Windows utilities suspicious process WriteConsoleW Windows ComputerName Cryptographic key 		7.2 26 ZeroCERT

7919 2021-05-07 11:39 shakix.exe  

52289e533348a695d881c6df2d895f5e


AsyncRAT backdoor PWS .NET framework Malicious Packer AntiDebug AntiVM .NET EXE PE File PE32 FormBook Malware download VirusTotal Malware suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted unpack itself DNS 		3 6 1 9.6 21 ZeroCERT

7920 2021-05-07 11:40 msoffice.exe  

4834277170bcb025809c6bcd8c967bc2


OS Processor Check PE File PE32 VirusTotal Malware unpack itself Remote Code Execution 		2.0 M 28 ZeroCERT

keyword