Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Score	Zero	VT	Player
8026	2023-10-04 17:32	eCVXk3pYsYhZNlI.exe e16678adff0c94c5c107ff9e3672a6c9 Emotet Gen1 Generic Malware Malicious Library UPX PE File PE32 .NET EXE JPEG Format DLL OS Name Check OS Memory Check OS Processor Check MZP Format PE64 Browser Info Stealer FTP Client Info Stealer Email Client Info Stealer Malware suspicious privilege MachineGuid Malicious Traffic Check memory Checks debugger buffers extracted Creates executable files unpack itself Check virtual network interfaces AppData folder AntiVM_Disk IP Check VM Disk Size Check installed browsers check Tofsee Windows Browser Email ComputerName DNS DDNS Software crashed keylogger	2 Keyword trend analysis	4	3	12.2	M		ZeroCERT

8027	2023-10-04 17:32	9UFv05EkjiW3qlA.exe 8830f7efe68fddb04c438f9aa1de2dba Emotet Generic Malware Malicious Library UPX Admin Tool (Sysinternals etc ...) Malicious Packer PE File PE32 .NET EXE OS Processor Check PE64 VirusTotal Malware Buffer PE Malicious Traffic Check memory Checks debugger buffers extracted Creates executable files unpack itself AppData folder ComputerName crashed	1 Keyword trend analysis	2		5.4	M	44	ZeroCERT

8028	2023-10-04 15:25	invoice.pdf.exe e8c158e6c3ebf4a4ed03721dd541a7ef Generic Malware Malicious Library UPX Malicious Packer Antivirus AntiDebug AntiVM PE File PE32 VirusTotal Malware powershell suspicious privilege MachineGuid Code Injection Check memory Checks debugger Creates shortcut Creates executable files unpack itself Windows utilities powershell.exe wrote suspicious process WriteConsoleW Windows ComputerName Cryptographic key				8.6		46	ZeroCERT

8029	2023-10-04 15:25	invoice.pdf 13ed7470a064793e361df8e92ef48a5f PDF ZIP Format Windows utilities Windows	5 Keyword trend analysis Info http://acroipm2.adobe.com/20/rdr/ENU/win/nooem/none/consumer/277_20_6_20042.zip http://acroipm2.adobe.com/20/rdr/ENU/win/nooem/none/consumer/281_20_6_20042.zip http://acroipm2.adobe.com/20/rdr/ENU/win/nooem/none/consumer/280_20_6_20042.zip http://acroipm2.adobe.com/20/rdr/ENU/win/nooem/none/consumer/278_20_6_20042.zip http://acroipm2.adobe.com/20/rdr/ENU/win/nooem/none/consumer/message.zip			1.4			ZeroCERT

8030	2023-10-04 14:19	41.xll 26637ccedca5d00512d1bf78b9ad8348 PE File DLL PE64 MachineGuid Check memory Checks debugger suspicious process WriteConsoleW crashed	1 Keyword trend analysis			1.8			ZeroCERT

8031	2023-10-04 14:19	4I.xll b33c17701e564f148250e540bcf58c96 PE File DLL PE64 MachineGuid Check memory Checks debugger unpack itself suspicious process WriteConsoleW crashed	1 Keyword trend analysis			2.2			ZeroCERT

8032	2023-10-04 14:19	4H.xll 31a57c5f8a6b8bd49f1ec6583c9ade36 PE File DLL PE64 MachineGuid Check memory Checks debugger RWX flags setting unpack itself suspicious process WriteConsoleW crashed	1 Keyword trend analysis			2.6			ZeroCERT

8033	2023-10-04 10:43	52.xll fdbe1d30cc4a01948fe99be1159bbb5d PE File DLL PE64 VirusTotal Malware MachineGuid Check memory Checks debugger RWX flags setting unpack itself suspicious process WriteConsoleW crashed	1 Keyword trend analysis			3.0		7	ZeroCERT

8034	2023-10-04 10:31	xkX69dIw9KOs.exe e782fef1056c8725e60e298742004176 njRAT backdoor PE File PE32 .NET EXE Malware download njRAT VirusTotal Malware DNS DDNS		2	3	1.6		57	ZeroCERT

8035	2023-10-04 10:30	hl.exe 5dd98f2b9f3dc468601411359cee78b8 Emotet Generic Malware Malicious Library UPX .NET framework(MSIL) Malicious Packer PE File PE32 .NET EXE OS Name Check OS Memory Check OS Processor Check JPEG Format Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware suspicious privilege MachineGuid Malicious Traffic Check memory Checks debugger buffers extracted Creates executable files unpack itself Check virtual network interfaces AppData folder AntiVM_Disk IP Check VM Disk Size Check installed browsers check Tofsee Windows Browser Email ComputerName DNS Cryptographic key DDNS Software crashed keylogger	2 Keyword trend analysis	4	3	12.6		41	ZeroCERT

8036	2023-10-04 10:30	JinxRunner.exe d53171d108afee9cdfcd948f986d5541 UPX Malicious Packer PE File PE64 OS Processor Check MachineGuid IP Check ComputerName		2	1	2.2			ZeroCERT

8037	2023-10-04 10:29	ReklamX.ps1 2160e7fcf5819e58a56ff11da1573885 Hide_EXE Generic Malware Antivirus VirusTotal Malware Check memory unpack itself Windows Cryptographic key				1.4		18	ZeroCERT

8038	2023-10-04 10:27	JinxRunner.exe 99a86d2efce8a24dd4cb3bbb356feb6b AntiDebug AntiVM MSOffice File Code Injection RWX flags setting exploit crash unpack itself Windows utilities Tofsee Windows Exploit DNS crashed		2	1	3.8	M		ZeroCERT

8039	2023-10-04 10:25	trafico.exe 99b3984c3d9b1c505bb6d2624d4a350f Malicious Library PE File PE32 VirusTotal Malware				1.4	M	24	ZeroCERT

8040	2023-10-04 10:25	clip64.dll bbacde1c1d68325516dada17bce0a48e Amadey Malicious Library UPX Admin Tool (Sysinternals etc ...) PE File DLL PE32 OS Processor Check VirusTotal Malware PDB Checks debugger unpack itself				2.0	M	57	ZeroCERT