Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Rule	Score	Zero	VT	Player
7966	2021-05-12 09:26	svch.exe 4efddcb5dc1617bd8a38451657291b42 PWS .NET framework Malicious Packer Antivirus SMTP KeyLogger ScreenShot AntiDebug AntiVM .NET EXE PE File PE32 VirusTotal Malware powershell suspicious privilege Code Injection Check memory Checks debugger buffers extracted Creates shortcut Creates executable files unpack itself Windows utilities powershell.exe wrote suspicious process AppData folder WriteConsoleW Windows ComputerName Cryptographic key					12.4		20	ZeroCERT

7967	2021-05-12 09:27	chungx.exe 968927d627b5be1a39972dc04068b2b3 AgentTesla PWS .NET framework browser info stealer Google Chrome User Data Malicious Packer DGA DNS Socket Create Service Sniff Audio HTTP Escalate priviledges KeyLogger FTP Code injection Http API Internet API Steal credential ScreenShot Downloader P2P p VirusTotal Malware Buffer PE AutoRuns Code Injection Check memory Checks debugger buffers extracted Creates executable files ICMP traffic unpack itself Windows utilities Disables Windows Security WriteConsoleW Windows DNS DDNS keylogger		2	1		13.0		37	ZeroCERT

7968	2021-05-12 09:28	vbc.exe 005f481f01dd58065b1e08a3181502cb AsyncRAT backdoor Malicious Library SMTP KeyLogger AntiDebug AntiVM .NET EXE PE File PE32 VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself Windows ComputerName Cryptographic key crashed					10.0	M	26	ZeroCERT

7969	2021-05-12 09:29	suited.exe a7a26d57df53b79b97f904d5b5133f66 PE File PE32 DLL Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware suspicious privilege Check memory Checks debugger Creates executable files unpack itself AppData folder Windows Browser Email ComputerName DNS Cryptographic key Software crashed keylogger		1			8.2	M	25	ZeroCERT

7970	2021-05-12 09:30	svch.exe b0053ddc80b4aa7b07029f94c4d3f063 PWS .NET framework Malicious Library .NET EXE PE File PE32 VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger unpack itself Windows Cryptographic key					5.2	M	27	ZeroCERT

7971	2021-05-12 09:31	EIO.exe 9ed17a3e5105ce4397d81965069ac0a8 AgentTesla browser info stealer Google Chrome User Data Create Service Sniff Audio Escalate priviledges KeyLogger Code injection Internet API Downloader AntiDebug AntiVM .NET EXE PE File PE32 VirusTotal Malware Buffer PE AutoRuns suspicious privilege Code Injection Check memory Checks debugger buffers extracted Creates executable files unpack itself suspicious process WriteConsoleW Windows ComputerName DNS Cryptographic key crashed keylogger		2	1		15.6	M	11	ZeroCERT

7972	2021-05-12 09:37	aclarck.txt 2e0d574bf00170bb5a448510c2226408 AsyncRAT backdoor PWS .NET framework Antivirus HTTP Code injection Http API Internet API AntiDebug AntiVM .NET EXE PE File PE32 VirusTotal Malware powershell suspicious privilege Code Injection Check memory Checks debugger buffers extracted Creates shortcut Creates executable files unpack itself powershell.exe wrote suspicious process WriteConsoleW Windows ComputerName Cryptographic key					10.4		47	ZeroCERT

7973	2021-05-12 09:39	wd10dale.exe 01fbd69aa44b75f2948a817f340d599b HTTP Escalate priviledges KeyLogger Code injection Http API Internet API ScreenShot AntiDebug AntiVM PE64 OS Processor Check PE File VirusTotal Malware Buffer PE Code Injection buffers extracted ICMP traffic RWX flags setting unpack itself ComputerName DNS		1			8.8		48	ZeroCERT

7974	2021-05-12 09:41	verevre.exe 98c830a57d54781fbecec90d6c30ba40 AsyncRAT backdoor .NET EXE PE File PE32 VirusTotal Malware Check memory Checks debugger unpack itself Check virtual network interfaces DNS		1	1		2.8		43	ZeroCERT

7975	2021-05-12 09:56	Fattura_01399475.xlsm 392763f30bb23fd59109e1c70df61888 VBA_macro VirusTotal Malware unpack itself DNS					2.4		15	ZeroCERT

7976	2021-05-12 09:59	bb.exe 315e0ad57c0807ecacf08d749db0dc29 PWS .NET framework .NET EXE PE File PE32 Check memory Checks debugger unpack itself					0.8	M		ZeroCERT

7977	2021-05-12 10:02	4fcr.exe d73fd4127cedd82ec566aecf62676d1e AsyncRAT backdoor PWS .NET framework Gen1 Gen2 Antivirus Http API Steal credential ScreenShot AntiDebug AntiVM .NET EXE PE File PE32 DLL OS Processor Check VirusTotal Email Client Info Stealer Malware powershell suspicious privilege MachineGuid Code Injection Malicious Traffic Check memory Checks debugger buffers extracted Creates shortcut Creates executable files unpack itself Collect installed applications powershell.exe wrote suspicious process AppData folder AntiVM_Disk WriteConsoleW VM Disk Size Check installed browsers check Tofsee Ransomware Windows Browser Email ComputerName DNS Cryptographic key	4 Keyword trend analysis	3	4		15.6	M	51	ZeroCERT

7978	2021-05-12 10:02	cloemobi.txt d3deecf84a70cad64bea1644f7e435e4 AsyncRAT backdoor .NET EXE PE File PE32 VirusTotal Malware Malicious Traffic Check memory Checks debugger unpack itself Check virtual network interfaces ComputerName DNS	2 Keyword trend analysis Info http://asdcqwdwqx.gq/liverpool-fc-news/features/steven-gerrard-liverpool-future-dalglish--goal-E2145BF3722691CA99C0249CF22F24BA.html - rule_id: 680 http://asdcqwdwqx.gq/liverpool-fc-news/features/steven-gerrard-liverpool-future-dalglish--goal-392205D9895C0F0051D2229A80466C43.html - rule_id: 680	2	1	2	3.4	M	48	ZeroCERT

7979	2021-05-12 10:04	hostdevil.txt 48b7a9cec98a290f885c7a7b04e2d742 Gen2 OS Processor Check PE File PE32 VirusTotal Malware PDB unpack itself					1.4		27	ZeroCERT

7980	2021-05-12 10:05	bbcr.txt 517ad3b7e85ad8c18990d2156f27626c AsyncRAT backdoor .NET EXE PE File PE32 VirusTotal Malware Check memory Checks debugger unpack itself Check virtual network interfaces DNS		1	1		2.8	M	34	ZeroCERT