Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Rule	Score	Zero	VT	Player
8041	2023-10-04 10:23	JinxRunner.exe 71b292094ff79b9c520d28ceac33c198 AntiDebug AntiVM MSOffice File Code Injection RWX flags setting exploit crash unpack itself Windows utilities Tofsee Windows Exploit DNS crashed		2	1		3.8	M		ZeroCERT

8042	2023-10-04 10:21	cred64.dll 74d702c79b9813d2b0379c1d69c60414 Browser Login Data Stealer Malicious Library UPX PE File DLL PE64 OS Processor Check VirusTotal Malware PDB Checks debugger unpack itself installed browsers check Browser ComputerName crashed					2.8	M	45	ZeroCERT

8043	2023-10-04 10:20	download add29a185e990ee7eb0bb41294c0869b Generic Malware PE File PE32 .NET EXE VirusTotal Malware PDB Check memory Checks debugger unpack itself ComputerName					2.8	M	49	ZeroCERT

8044	2023-10-04 10:19	tvnc 279e80bab42a9971336f59d05e281f96 PE File DLL PE64 MachineGuid Check memory Checks debugger RWX flags setting unpack itself suspicious process WriteConsoleW crashed					2.6	M		ZeroCERT

8045	2023-10-04 10:18	download 0736f9d1b7d620b9459c50f8597e8a56 Generic Malware PE File PE32 .NET EXE VirusTotal Malware PDB Check memory Checks debugger unpack itself ComputerName					2.8	M	50	ZeroCERT

8046	2023-10-04 09:38	BonitSetup.exe 22bddfd1a372bb47701d241dcc17660b Gen1 RedLine stealer Generic Malware Malicious Library UPX Admin Tool (Sysinternals etc ...) Malicious Packer Obsidium protector Anti_VM Javascript_Blob PE File PE32 ftp DLL PE64 OS Processor Check suspicious privilege Check memory Checks debugger Creates executable files RWX flags setting unpack itself Check virtual network interfaces AppData folder Ransomware crashed					3.8			ZeroCERT

8047	2023-10-04 07:56	processing.exe 5b4cde02e2552a6c3d5f4c96e61a9e4b Formbook NSIS Malicious Library UPX PE File PE32 FormBook Malware download VirusTotal Malware suspicious privilege Malicious Traffic Check memory Creates executable files ICMP traffic unpack itself	3 Keyword trend analysis Info http://www.johnnystintshop.com/sy22/?5j=lBpndDaiazzaPDz8oVvNWLtjY8ASY3krgNLZx/nYs7DN6Z9ubRKrMqHrK8vEE3FEQDB+295P&vTdDK=LJBx - rule_id: 36543 http://www.mysticheightstrail.com/sy22/?5j=Q5FfiwTKAQAoPcoP4e5kySmJcOUQtYy/n0X88F5fBW8bclPVBZXpMCw8fqRp6JUwXvQoTE+1&vTdDK=LJBx - rule_id: 36309 http://www.jizihao1.com/sy22/?5j=3PKlaCPIzU4vEpSTCliM62U/p7q8/wgFKC2xum1ddk3IfpDEo7oK1Mr0Jaw/Go0sFzx2J7Yb&vTdDK=LJBx - rule_id: 36544	6	1	3	5.0	M	41	ZeroCERT

8048	2023-10-04 07:53	audiodg.exe 4e4c359c0e36f7e5b3dc44af663ceff5 .NET framework(MSIL) PE File PE32 .NET EXE VirusTotal Malware PDB Check memory Checks debugger unpack itself					2.2		28	ZeroCERT

8049	2023-10-04 07:52	MGL%20Wholesale%20Group%20L.L.... 9e5f0a7ad4c7061edd9e8d998f597bc7 UPX PE File PE32 .NET EXE VirusTotal Malware Buffer PE PDB Check memory Checks debugger buffers extracted unpack itself Windows ComputerName DNS Cryptographic key		1			4.2	M	25	ZeroCERT

8050	2023-10-04 07:51	syncUpd.exe 661f21fa79064d41c270176ad38c1866 Malicious Library UPX PE File PE32 OS Processor Check VirusTotal Malware unpack itself Remote Code Execution					1.6	M	34	ZeroCERT

8051	2023-10-04 07:51	audiodg.exe 85c27234aa291cde56c1a78603d71081 Generic Malware .NET framework(MSIL) Antivirus AntiDebug AntiVM PE File PE32 .NET EXE DLL ZIP Format Browser Info Stealer VirusTotal Malware powershell PDB suspicious privilege Code Injection Check memory Checks debugger buffers extracted wscript.exe payload download Creates shortcut Creates executable files unpack itself Windows utilities suspicious process AppData folder WriteConsoleW Windows Browser ComputerName Cryptographic key	11 Keyword trend analysis Info http://www.bimiraq.com/ncoj/ http://www.antsnav.com/ncoj/?nxDCyr=k6lZgIYtgKScwrY8pHro/PDAsyN+Ma0X/rCAAme2ni/5IVGLYG0zVGplEfRL+3QOVGKsiLjVRU/vs+oeg30ChqgsNcJjfndCx8nhIPk=&6h=f51UoXbt17G http://www.38mwynj7dug2.buzz/ncoj/?nxDCyr=cqsb9busYckswu5tl2hs1PEI9pWErdimDzlp34E2aha2iJT2eFFG/funIEYSTKoaqITRs/NPOvbiiBSI+XWo0HJ5fu7hwmxGTgtg6FY=&6h=f51UoXbt17G http://www.antsnav.com/ncoj/ http://www.bimiraq.com/ncoj/?nxDCyr=XIxLCAEQ0j01YzKaapTqF+nS+qsHR4K+mT3TcIh0YevVauHQuuRL63AlAq6+mNvg+WbM+1ZCwlrFZaygUBCQMrF8dtNZCh2ZDkiTiSo=&6h=f51UoXbt17G http://www.lppkk.com/ncoj/ http://www.bord90-1us.click/ncoj/?nxDCyr=/wpW4Eg1zfji5WRIM69mwwfkBKVWxDHOUMH3dJ+6otM1KiL+BV8qZwOPMcyaXeTE36ZRIVdGgp9cEXlGc10Qp3ASMmejNlAX5LVEWFU=&6h=f51UoXbt17G http://www.bord90-1us.click/ncoj/ http://www.sqlite.org/2021/sqlite-dll-win32-x86-3350000.zip http://www.lppkk.com/ncoj/?nxDCyr=Mtp3WxtNvxk26bamdUjkb0yMxjBBBeG3EFYaeCPTWM8qB4rDVAANJEhbdFBrwp5JzidZg3tzQPFU7dQqmqHJyHV4uamwOaSCvkmmqms=&6h=f51UoXbt17G http://www.38mwynj7dug2.buzz/ncoj/	12	1		16.2	M	31	ZeroCERT

8052	2023-10-04 07:49	unvp.exe 60e0cb2dda65e61f07b78667b34ecbd2 AgentTesla Generic Malware Antivirus .NET framework(MSIL) SMTP KeyLogger AntiDebug AntiVM PE File PE32 .NET EXE Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware AutoRuns PDB suspicious privilege Code Injection Check memory Checks debugger buffers extracted Creates shortcut unpack itself Windows utilities Check virtual network interfaces suspicious process WriteConsoleW IP Check Tofsee Windows Browser Email ComputerName DNS Cryptographic key Software crashed		2	4		15.0	M	40	ZeroCERT

8053	2023-10-04 07:47	unvp.exe 7d32d70e2b5287337a67acc90db25c03 LokiBot Generic Malware .NET framework(MSIL) Antivirus PWS SMTP KeyLogger AntiDebug AntiVM PE File PE32 .NET EXE Browser Info Stealer Malware download FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware AgentTesla powershell PDB suspicious privilege Code Injection Check memory Checks debugger buffers extracted Creates shortcut unpack itself Windows utilities powershell.exe wrote Check virtual network interfaces suspicious process WriteConsoleW Windows Browser Email ComputerName Cryptographic key Software crashed		2	2		13.2		35	ZeroCERT

8054	2023-10-04 07:47	onedoz.exe 9d342dbaaada6a16b4634ebcc73f9503 Malicious Library PE File PE32 VirusTotal Malware					1.4		27	ZeroCERT

8055	2023-10-04 07:46	s2.exe 2cd2fe9cdc8d0007e549863d15c70385 Malicious Library UPX PE File PE32 OS Processor Check VirusTotal Malware unpack itself Remote Code Execution					1.6		30	ZeroCERT