popup

Submissions

No Date Request Urls Hosts IDS Rule Score Zero VT Player Etc
8071 2024-07-05 14:57 22per_.php.vbs  

5e93270af81d27f6664145170cf45887


Generic Malware Antivirus Javascript_Blob OS Processor Check Check memory unpack itself WriteConsoleW Windows Cryptographic key 		1.0 ZeroCERT

8072 2024-07-05 14:57 22per_.php.vbs  

5e93270af81d27f6664145170cf45887


Generic Malware Antivirus Javascript_Blob OS Processor Check Check memory unpack itself WriteConsoleW Windows Cryptographic key 		1.0 ZeroCERT

8073 2024-07-05 14:57 22per.php.vbs  

434ba8778ce364dbcf397f5ca256c6a4


Generic Malware Antivirus Javascript_Blob OS Processor Check Check memory unpack itself WriteConsoleW Windows Cryptographic key 		1.0 ZeroCERT

8074 2024-07-05 14:54 sostener.vbs  

c45cccf34e0483bbb46f55d04ccb781b


Generic Malware Antivirus Hide_URL PowerShell VirusTotal Malware VBScript powershell suspicious privilege Malicious Traffic Check memory Checks debugger buffers extracted wscript.exe payload download Creates shortcut unpack itself Check virtual network interfaces suspicious process Tofsee Windows ComputerName DNS Cryptographic key Dropper 		3 3 2 10.0 M 7 ZeroCERT

8075 2024-07-05 11:13 software.exe  

1ed6f9d578e14edad0bf47edf1f6269f


Vidar Client SW User Data Stealer LokiBot RedLine stealer ftp Client info stealer Malicious Library .NET framework(MSIL) UPX ASPack Http API PWS HTTP Code injection Internet API AntiDebug AntiVM PE File .NET EXE PE32 OS Processor Check FTP Client Info Stealer VirusTotal Malware Telegram PDB suspicious privilege MachineGuid Code Injection Malicious Traffic Check memory Checks debugger buffers extracted WMI unpack itself Windows utilities Collect installed applications suspicious process malicious URLs sandbox evasion WriteConsoleW anti-virtualization installed browsers check Tofsee Windows Browser ComputerName DNS Software 		3 5 3 1 16.4 32 ZeroCERT

8076 2024-07-05 11:09 Balanza.exe  

91256800ace9fbe4fe2158ec132fc01e


UPX PE File PE32 MZP Format VirusTotal Malware Check memory 		1.4 M 6 ZeroCERT

8077 2024-07-05 11:08 KuwaitSetupHockey.exe  

7f69b1fa6c0a0fe8252b40794adc49c6


Emotet Generic Malware Malicious Library UPX Admin Tool (Sysinternals etc ...) Malicious Packer PE File PE32 MZP Format OS Processor Check Lnk Format GIF Format ftp DLL PE64 Buffer PE Check memory Checks debugger buffers extracted Creates shortcut Creates executable files ICMP traffic unpack itself AppData folder AntiVM_Disk VM Disk Size Check ComputerName DNS crashed 		1 9 2 9.8 M ZeroCERT

8078 2024-07-05 11:07 BestChange.exe  

22aea1c65376a239fcead8d4e0ff00e3


Malicious Library .NET framework(MSIL) UPX PE File .NET EXE PE32 VirusTotal Malware PDB Check memory Checks debugger unpack itself ComputerName 		1.6 M 2 ZeroCERT

8079 2024-07-04 17:29 UpdaterP.exe  

40094e123c89625468665c8c196c2ffd


UPX PE File PE32 VirusTotal Malware unpack itself DNS 		1 4.8 M 62 r0d

8080 2024-07-04 17:14 UtilityP.exe  

771b79f619f789921ac9d720d16323ed


Malicious Library PE File PE64 VirusTotal Malware RWX flags setting unpack itself ComputerName DNS 		1 5.2 56 ZeroCERT

8081 2024-07-04 17:12 5555.exe  

99b1f5901c396f5d019f933eb80f6b09


Malicious Packer UPX PE File PE32 VirusTotal Malware unpack itself DNS 		1 2.6 M 64 ZeroCERT

8082 2024-07-04 17:10 a.exe  

2d54d9c5710c8a2d09111644b8c6f76c


Generic Malware Malicious Packer PE File PE64 VirusTotal Malware Code Injection unpack itself 		2.6 M 37 ZeroCERT

8083 2024-07-04 17:08 Explore.vbs  

9b5731dd0f4fe8d82ce62e1ef83ebc8c


Generic Malware Antivirus Hide_URL PowerShell VirusTotal Malware powershell suspicious privilege Check memory Checks debugger Creates shortcut unpack itself suspicious process WriteConsoleW Tofsee Windows ComputerName DNS Cryptographic key 		1 2 9.0 30 ZeroCERT

8084 2024-07-04 17:08 DeathRansom_1.exe  

a35596ed0bfb34de4e512a3225f8300a


Generic Malware PE File PE32 VirusTotal Malware Check memory unpack itself Ransom Message Ransomware ComputerName crashed 		5.0 M 66 ZeroCERT

8085 2024-07-04 17:06 LauncherR.exe  

1b0f8cd0a0f9788b131ccf3f2a6d6d9b


Malicious Library PE File PE64 VirusTotal Malware RWX flags setting unpack itself ComputerName DNS 		1 5.2 M 59 ZeroCERT

keyword