Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Score	Zero	VT	Player
8071	2021-05-17 17:00	c4da0137cbb99626fd44da707ae1bc... c4da0137cbb99626fd44da707ae1bca8 Darkside Ransomware Cobalt Strike PE File PE32 VirusTotal Malware MachineGuid				2.4		47	r0d

8072	2021-05-17 17:40	svhostd.jpg 5d4f2a009db79009b1b86d416019d808 PE64 PE File VirusTotal Cryptocurrency Miner Malware Cryptocurrency Check memory unpack itself Check virtual network interfaces suspicious TLD ComputerName Firmware DNS		6	3	5.8		42	ZeroCERT

8073	2021-05-17 17:40	Nitro_Snypa.exe 61fccc142e2bbf498885bb6e42bae62c AsyncRAT backdoor PWS .NET framework .NET EXE PE File PE32 VirusTotal Malware PDB MachineGuid Check memory Checks debugger unpack itself DNS				3.2		38	ZeroCERT

8074	2021-05-18 07:33	build1.exe 6add6f06cdfa94d50858317140cc31f8 PWS .NET framework BitCoin AntiDebug AntiVM .NET EXE PE File PE32 Browser Info Stealer VirusTotal Malware PDB suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted unpack itself Collect installed applications Check virtual network interfaces installed browsers check Tofsee Windows Browser ComputerName DNS Cryptographic key crashed	2 Keyword trend analysis	3	1	10.0		13	ZeroCERT

8075	2021-05-18 07:33	build3.exe 16cae166b40d0d51e16764dce9d76323 .NET EXE PE File PE32 Browser Info Stealer Malware suspicious privilege Malicious Traffic Check memory Checks debugger buffers extracted unpack itself Checks Bios Collect installed applications Detects VMWare Check virtual network interfaces VMware anti-virtualization installed browsers check Tofsee Windows Browser ComputerName Firmware DNS Cryptographic key crashed	2 Keyword trend analysis	3	1	8.6			ZeroCERT

8076	2021-05-18 07:43	build5_protected.exe 261d3ab4b1acf206d0d9684a3b1aece9 Anti_VM .NET EXE PE File PE32 Browser Info Stealer Malware suspicious privilege Malicious Traffic Check memory Checks debugger buffers extracted unpack itself Checks Bios Collect installed applications Detects VMWare Check virtual network interfaces VMware anti-virtualization installed browsers check Tofsee Windows Browser ComputerName Firmware DNS Cryptographic key crashed	2 Keyword trend analysis	3	1	8.6			ZeroCERT

8077	2021-05-18 08:58	78x.exe 48db1efd405907c867358fe6ae8111e4 PWS .NET framework Malicious Library AntiDebug AntiVM .NET EXE PE File PE32 Malware download NetWireRC VirusTotal Malware Buffer PE PDB suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself Windows utilities suspicious process WriteConsoleW BitRAT Windows ComputerName DNS Cryptographic key DDNS crashed keylogger		2	1	12.6		44	ZeroCERT

8078	2021-05-18 08:58	fac.exe 2ce30ded9fe4bcbebdac0763913f97c4 AsyncRAT backdoor .NET EXE PE File PE32 VirusTotal Malware Check memory Checks debugger unpack itself Check virtual network interfaces ComputerName DNS		1		3.2		41	ZeroCERT

8079	2021-05-18 09:00	INVOICE%20CONFIRMATION.exe 47cb06b3265d633beef3831e2d9c73ff Malicious Library SMTP KeyLogger AntiDebug AntiVM .NET EXE PE File PE32 VirusTotal Malware PDB suspicious privilege Code Injection Check memory Checks debugger buffers extracted WMI unpack itself Checks Bios Detects VirtualBox VMware anti-virtualization ComputerName DNS Software		1		13.2		21	ZeroCERT

8080	2021-05-18 09:00	C3b.exe edc4dc3947bcadc3039095321c71572a Malicious Library AntiDebug AntiVM .NET EXE PE File PE32 Malware download NetWireRC VirusTotal Malware Buffer PE suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself Windows utilities suspicious process WriteConsoleW BitRAT Windows ComputerName DNS DDNS keylogger		2	1	13.6		48	ZeroCERT

8081	2021-05-18 09:02	tuvomaq.exe 524acaf48bdd42d49c4f6f485468bc67 PE File PE32 DLL Browser Info Stealer FTP Client Info Stealer Email Client Info Stealer suspicious privilege MachineGuid Check memory Creates executable files unpack itself AppData folder AntiVM_Disk VM Disk Size Check installed browsers check Browser Email ComputerName DNS Software	1 Keyword trend analysis	1		7.4			ZeroCERT

8082	2021-05-18 09:03	mega.exe ffba772f9ca82656131883f57760fe1d AgentTesla Gen1 Gen2 DGA DNS Socket Create Service Sniff Audio HTTP Escalate priviledges KeyLogger FTP Code injection Http API Internet API Steal credential ScreenShot Downloader P2P AntiDebug AntiVM PE File PE32 PE64 DLL Emotet VirusTotal Malware Buffer PE AutoRuns Code Injection buffers extracted Creates executable files RWX flags setting unpack itself suspicious process WriteConsoleW Tofsee Windows	3 Keyword trend analysis Info https://hcqffw.db.files.1drv.com/y4m6dVzY8CCIhzjb-I23lqiX8p_OpgjX4UgVdcD0vA_YnoKFdHuI_cf0IQBZQmGX-eQsEGcduV3IN7eAcU_CjcQcnSp5UMgVJox_ksMyrBZxMM5xkIS4NZ1hMCXekymp67Rv6cQeoxxtT8ZaF-KX_igccR972RpYjhLBmlkgNtkaG1oMVNRD21JiWEo5UW2m9WT2m8rczGwxArlilVCac3m-A/Zgbjwrwwilzzptiybppmkkujxqzsfgg?download&psid=1 https://hcqffw.db.files.1drv.com/y4mVE2s76lcwPjMfcPCkq0z8SRIHO9DbIQsNNvOCDTHtjXuEV_NW2eFGXT_O-Ji6nLGV601ybW4ueJYpikq58o9lSIoSQFTXRVr2c0n7aj_iwFe1Elc_vM3W1Cjkvhs4DJ-tQ_Uy8y_AlyNmOjPWpkR4KCYnu4RKISMhLEaIrfJNCWU1BOYeQkDM_VfWzg2ofNrigxv_LUea2x98UWMgRC30Q/Zgbjwrwwilzzptiybppmkkujxqzsfgg?download&psid=1 https://onedrive.live.com/download?cid=56BCCEEF869BA531&resid=56BCCEEF869BA531%21109&authkey=APWq7QSqCmVR7dg	4	1	9.2		39	ZeroCERT

8083	2021-05-18 09:04	file5.exe 723a3fc8d6faeefe3f6ac7eca0f56570 Anti_VM PE File PE32 VirusTotal Malware unpack itself Checks Bios Detects VirtualBox Detects VMWare VMware anti-virtualization Tofsee Windows ComputerName Firmware crashed		2	1	5.2	M	25	ZeroCERT

8084	2021-05-18 09:06	b9cmykxv6.tar 0887cda7ee95f03a05cc7fa5d12ea1bc DLL PE File OS Processor Check PE32 VirusTotal Malware PDB unpack itself crashed				1.4	M	10	ZeroCERT

8085	2021-05-18 09:07	n9yo6g3m.rar e5769bdf194b0a6369c0f58cc16e5a96 DLL PE File OS Processor Check PE32 VirusTotal Malware PDB unpack itself DNS crashed				1.8	M	7	ZeroCERT