Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Rule	Score	Zero	VT	Player
7936	2021-05-11 09:12	axD70r2UMtC1a0x.exe 15a8db86060368ecc3d8ee13d8a4fa26 AsyncRAT backdoor PWS .NET framework Malicious Library .NET EXE PE File PE32 VirusTotal Malware Check memory Checks debugger unpack itself Windows DNS Cryptographic key					3.0	M	30	ZeroCERT

7937	2021-05-11 09:12	IMG_052_126_097.exe 8cedabf7bcbbf4466c0698bbcc774315 AsyncRAT backdoor AgentTesla SMTP KeyLogger AntiDebug AntiVM .NET EXE PE File PE32 VirusTotal Malware suspicious privilege Check memory Checks debugger unpack itself malicious URLs Windows ComputerName crashed					4.8	M	24	ZeroCERT

7938	2021-05-11 09:15	bdell.exe 7278d1fc666d4c3dd033cbf2e39a60ff AsyncRAT backdoor PWS .NET framework Malicious Library SMTP KeyLogger AntiDebug AntiVM .NET EXE PE File PE32 VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself Windows utilities suspicious process WriteConsoleW Windows ComputerName DNS Cryptographic key crashed					11.0	M	23	ZeroCERT

7939	2021-05-11 09:15	Olqmvkwk.exe 77b58a583c012987b81bbdc5ccc92af2 PWS Loki[b] Loki[m] AsyncRAT backdoor AgentTesla DNS AntiDebug AntiVM .NET EXE PE File PE32 Browser Info Stealer LokiBot Malware download FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware c&c suspicious privilege MachineGuid Malicious Traffic Check memory malicious URLs installed browsers check Browser Email ComputerName DNS Software	1 Keyword trend analysis	1	7 Info ET MALWARE LokiBot User-Agent (Charon/Inferno) ET MALWARE LokiBot Checkin ET MALWARE LokiBot Application/Credential Data Exfiltration Detected M1 ET MALWARE LokiBot Application/Credential Data Exfiltration Detected M2 ET MALWARE LokiBot Request for C2 Commands Detected M1 ET MALWARE LokiBot Request for C2 Commands Detected M2 ET MALWARE LokiBot Fake 404 Response	1	8.2	M	26	ZeroCERT

7940	2021-05-11 09:17	win.exe e760913a1d3c11e3897361faf601dd29 AsyncRAT backdoor PWS .NET framework Malicious Library SMTP KeyLogger AntiDebug AntiVM .NET EXE PE File PE32 VirusTotal Malware PDB suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself Windows ComputerName Cryptographic key crashed					10.2		7	ZeroCERT

7941	2021-05-11 09:19	Giwdmzf.exe 49fc90c6abbe70021eaac6d8dd41c7dd AsyncRAT backdoor AgentTesla SMTP KeyLogger AntiDebug AntiVM .NET EXE PE File PE32 Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware suspicious privilege Malicious Traffic Check memory Checks debugger unpack itself Check virtual network interfaces malicious URLs IP Check Tofsee Windows Browser Email ComputerName DNS Cryptographic key DDNS Software crashed	2 Keyword trend analysis	4	4		8.6	M	21	ZeroCERT

7942	2021-05-11 10:52	mna.exe dfc3a64bf445208a26857c4e79f766c8 AsyncRAT backdoor PWS .NET framework Malicious Library SMTP KeyLogger AntiDebug AntiVM .NET EXE PE File PE32 VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself Windows utilities suspicious process WriteConsoleW Windows ComputerName Cryptographic key crashed					11.0	M	22	ZeroCERT

7943	2021-05-11 10:52	Remittance%20E-MAIL%20Layout%2... 9b6d479272935796ca92e0a610c8ae45 VirusTotal Malware Check memory heapspray unpack itself Java DNS					3.0	M	20	ZeroCERT

7944	2021-05-11 10:54	j5nRNKhh75Uhr2l.exe 945e773e8266467d6dd738d40eb6b4a5 AsyncRAT backdoor PWS .NET framework Malicious Library .NET EXE PE File PE32 VirusTotal Malware Check memory Checks debugger unpack itself Windows Cryptographic key					2.4	M	33	ZeroCERT

7945	2021-05-11 10:55	THYo2Q4WXpxMkJu.exe 55615cd21e0c89e10302a789e6ed6729 AsyncRAT backdoor PWS .NET framework Malicious Library .NET EXE PE File PE32 VirusTotal Malware Check memory Checks debugger unpack itself Windows DNS Cryptographic key crashed					3.0	M	20	ZeroCERT

7946	2021-05-11 10:56	qI7c2elxsuXF0OB.exe e303d2f2447b51b9af0fb45614911f13 AsyncRAT backdoor PWS .NET framework Malicious Library .NET EXE PE File PE32 VirusTotal Malware Check memory Checks debugger unpack itself Windows Cryptographic key					2.0		14	ZeroCERT

7947	2021-05-11 10:57	tUuDajpoTJVbvlB.exe 783e7dd6d786359762d07c217b22dabf AsyncRAT backdoor PWS .NET framework Malicious Library .NET EXE PE File PE32 VirusTotal Malware Check memory Checks debugger unpack itself Windows DNS Cryptographic key crashed					2.8		14	ZeroCERT

7948	2021-05-11 10:59	ok.exe 36b4b412a9eec8b3081ede463ec80d05 AsyncRAT backdoor .NET EXE PE File PE32 VirusTotal Malware Check memory Checks debugger unpack itself					1.8	M	36	ZeroCERT

7949	2021-05-11 10:59	cosmos.exe 810ae4ef26f40a3b18db460a7763bd8b AsyncRAT backdoor PWS .NET framework Malicious Library AntiDebug AntiVM .NET EXE PE File PE32 VirusTotal Malware PDB suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself Windows DNS Cryptographic key					9.2	M	27	ZeroCERT

7950	2021-05-11 14:37	rheinmetall job requirements.d... cb1ae1de9487edd65c2201f1f4a36e3c Gen1 Gen2 VBA_macro MSOffice File PE64 DLL OS Processor Check PE File PE32 Vulnerability VirusTotal Malware Checks debugger Creates executable files unpack itself Windows utilities suspicious process WriteConsoleW Windows ComputerName					8.0		35	r0d