Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Rule	Score	Zero	VT	Player
7921	2023-10-08 10:45	trafico.exe e9c5b36d7d606477f23c1d7219469d71 Malicious Library PE File PE32 Browser Info Stealer RedLine Malware download FTP Client Info Stealer VirusTotal Malware Microsoft suspicious privilege Check memory Checks debugger buffers extracted unpack itself Collect installed applications installed browsers check Stealer Windows Browser ComputerName DNS Cryptographic key Software crashed		1	4		6.4	M	27	ZeroCERT

7922	2023-10-08 10:43	htmlc.exe 90f56eefb533c21d5a62577184244aa9 Formbook NSIS Malicious Library UPX PE File PE32 FormBook Malware download VirusTotal Malware suspicious privilege Malicious Traffic Check memory Creates executable files unpack itself	5 Keyword trend analysis Info http://www.kimgj.com/sy22/?GFNl=3SPsA2Ss8I6lJqBAUfWjnvopZUchcaiATf/poqfUwjZ4JN2yY1pEd2m56Et1bCNhcUG3dZ4S&Rlj=YVFTx4dp http://www.qixservice.online/sy22/?GFNl=VBKd4i1TBAeTlYBnm9tWLCP4ww2vn+XVFOQPMnsW4AFxqlBX+KApyR5y0aXQ0sSyxSIvT0ne&Rlj=YVFTx4dp - rule_id: 35938 http://www.podplugca.com/sy22/?GFNl=1SbEEVOB0X5p51zw8Y9tIyj0s4wRGWDD/YTF5BQf3aGuyUlv8rzVEk4tRHrNdM/Dikld30uR&Rlj=YVFTx4dp - rule_id: 36546 http://www.kwamitikki.com/sy22/?GFNl=ayc0h3zWsM+s/UZ3LUjJJuwK+un3y5jAnwaTGnQTjoBH3sQruTiuCMTcn690zSCGQsaDZ/V1&Rlj=YVFTx4dp - rule_id: 36545 http://www.displayfridges.fun/sy22/?GFNl=aXg/rmbVwlFwwtnhCbViqZ1yX+MILNYt2xJKgyzLKbDp+5cOMXOnKyz8SWn7ESolc4/lQPeb&Rlj=YVFTx4dp	10 Info www.kimgj.com(99.83.196.71) www.displayfridges.fun(64.225.91.73) www.qixservice.online(81.88.57.70) - mailcious www.podplugca.com(198.49.23.144) - mailcious www.kwamitikki.com(195.216.243.33) - mailcious 75.2.85.42 - mailcious 64.225.91.73 - mailcious 195.216.243.33 - malware 198.185.159.145 - mailcious 81.88.57.70 - mailcious	1	3	4.2	M	50	ZeroCERT

7923	2023-10-08 10:43	987123.exe a12f1418bce76730a72bb3fed956ecca Malicious Library UPX PE File PE32 OS Processor Check VirusTotal Malware unpack itself					1.2		26	ZeroCERT

7924	2023-10-07 16:23	build12345.exe 0bebf37eba1580ce4dc19a70f135572d RedlineStealer RedLine Infostealer RedLine stealer UPX .NET framework(MSIL) PE File PE32 .NET EXE OS Processor Check VirusTotal Malware Check memory Checks debugger unpack itself Check virtual network interfaces Windows DNS Cryptographic key		1			4.2	M	63	ZeroCERT

7925	2023-10-07 16:21	cats.exe 6733a0b9f804367c450d7d650612f288 RedLine Infostealer RedLine stealer UPX .NET framework(MSIL) Confuser .NET PE File PE32 .NET EXE OS Processor Check Browser Info Stealer RedLine Malware download FTP Client Info Stealer VirusTotal Malware Microsoft suspicious privilege Malicious Traffic Check memory Checks debugger buffers extracted unpack itself Collect installed applications Check virtual network interfaces installed browsers check Tofsee Stealer Windows Browser ComputerName DNS Cryptographic key Software crashed	1 Keyword trend analysis	4	3		8.0		55	ZeroCERT

7926	2023-10-07 16:21	deluxe_crypted1234.exe b8303120c1bf50b01dbc9f8d6fea45d8 Malicious Library UPX PE File PE32 OS Processor Check VirusTotal Malware PDB unpack itself crashed					2.4	M	50	ZeroCERT

7927	2023-10-07 16:19	Compiled.exe 19b2d98085a534439812011db7186839 Malicious Library UPX Malicious Packer Admin Tool (Sysinternals etc ...) PE File PE32 MZP Format OS Processor Check VirusTotal Malware AutoRuns unpack itself Windows utilities suspicious process WriteConsoleW Windows ComputerName DNS	1 Keyword trend analysis	4	3		5.4		34	ZeroCERT

7928	2023-10-07 16:19	Stealer.exe 242c47b16c8755e72d7d1fdbc9ff0f17 .NET framework(MSIL) PE File PE32 .NET EXE VirusTotal Malware MachineGuid Check memory Checks debugger unpack itself					2.2	M	46	ZeroCERT

7929	2023-10-07 16:17	build1111.exe 2823a053cb3512532ca475cc6eaec825 RedLine Infostealer RedLine stealer UPX .NET framework(MSIL) Confuser .NET PE File PE32 .NET EXE OS Processor Check Browser Info Stealer RedLine Malware download FTP Client Info Stealer VirusTotal Malware Microsoft suspicious privilege Malicious Traffic Check memory Checks debugger buffers extracted unpack itself Collect installed applications Check virtual network interfaces installed browsers check Tofsee Stealer Windows Browser ComputerName DNS Cryptographic key Software crashed	1 Keyword trend analysis	3	3		7.4		43	ZeroCERT

7930	2023-10-07 16:16	build2.0.exe da078231b647caf50cb1ca51ae69a3ef RedlineStealer RedLine Infostealer RedLine stealer UPX .NET framework(MSIL) PE File PE32 .NET EXE OS Processor Check VirusTotal Malware Check memory Checks debugger unpack itself Check virtual network interfaces Windows Cryptographic key		2			3.6	M	60	ZeroCERT

7931	2023-10-07 16:14	setup294.exe a2058836ff17b81908237731b8258974 Malicious Library UPX PE File PE32 DLL OS Processor Check Check memory Checks debugger Creates executable files unpack itself AppData folder					2.0			ZeroCERT

7932	2023-10-07 16:14	sks3.exe 30e1bf37e853843f0437250b763fab89 Malicious Library UPX PE File PE32 OS Processor Check VirusTotal Malware unpack itself Remote Code Execution					1.8	M	42	ZeroCERT

7933	2023-10-07 15:56	HtmlCent.vbs cafb6eb3bcfa78631ba6c20d8fa5b8e6 Generic Malware Antivirus Hide_URL PowerShell VirusTotal Malware powershell suspicious privilege Check memory Checks debugger buffers extracted Creates shortcut unpack itself Check virtual network interfaces suspicious process WriteConsoleW Tofsee Windows ComputerName Cryptographic key	3 Keyword trend analysis	3	1		8.4		5	ZeroCERT

7934	2023-10-07 15:56	HTMLcc.vbs 89cb6db34bd7438b02194d8363bfd41b Generic Malware Antivirus Hide_URL PowerShell VirusTotal Malware powershell suspicious privilege Check memory Checks debugger buffers extracted Creates shortcut unpack itself Check virtual network interfaces suspicious process WriteConsoleW Tofsee Windows ComputerName Cryptographic key	3 Keyword trend analysis	3	1		8.4		8	ZeroCERT

7935	2023-10-07 15:33	a3d5715a81f2fbeb_memz.exe 19dbec50735b5f2a72d4199c4e184960 Malicious Library PE File PE32 VirusTotal Malware Check memory crashed					1.6	M	65	ZeroCERT