Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Score	Zero	VT	Player
8116	2021-05-19 13:26	wpp.exe 055c79de6e3f255beade0b35a0a2cd17 PE64 PE File OS Processor Check VirusTotal Malware PDB RWX flags setting unpack itself crashed				2.0		9	ZeroCERT

8117	2021-05-19 13:26	mx1.exe 9fe42163ba30d147d596637e72088071 PE File PE32 DLL Browser Info Stealer LokiBot Malware download FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware c&c suspicious privilege MachineGuid Malicious Traffic Check memory Creates executable files unpack itself AppData folder AntiVM_Disk VM Disk Size Check installed browsers check Browser Email ComputerName DNS Software	1 Keyword trend analysis	2	7 Info ET MALWARE LokiBot User-Agent (Charon/Inferno) ET MALWARE LokiBot Checkin ET MALWARE LokiBot Application/Credential Data Exfiltration Detected M1 ET MALWARE LokiBot Application/Credential Data Exfiltration Detected M2 ET MALWARE LokiBot Request for C2 Commands Detected M1 ET MALWARE LokiBot Request for C2 Commands Detected M2 ET MALWARE LokiBot Fake 404 Response	9.4	M	23	ZeroCERT

8118	2021-05-19 13:28	Empire1.xls d27ef65984ab2b26d5ca7ead4ec7b0a4 VBA_macro MSOffice File VirusTotal Malware unpack itself				1.4	M	33	ZeroCERT

8119	2021-05-19 13:30	FT_F.exe b423749c0dbdc698c0af44114a76a36d Gen1 Gen2 Anti_VM PE File PE32 DLL OS Processor Check Browser Info Stealer Malware download FTP Client Info Stealer Azorult VirusTotal Email Client Info Stealer Malware Cryptocurrency wallets Cryptocurrency MachineGuid Malicious Traffic Check memory Creates executable files unpack itself Checks Bios Collect installed applications Detects VirtualBox Detects VMWare AppData folder sandbox evasion VMware anti-virtualization installed browsers check Ransomware Windows Browser Email ComputerName Firmware DNS DDNS Software crashed	1 Keyword trend analysis	2	2	14.4	M	30	ZeroCERT

8120	2021-05-19 13:31	paypal.exe c436b9b71dd9f9bd7872f288fd632fb8 AsyncRAT backdoor .NET EXE PE File PE32 VirusTotal Malware suspicious privilege Check memory Checks debugger unpack itself ComputerName crashed				3.2	M	37	ZeroCERT

8121	2021-05-19 13:31	22222222280.exe 959599de8f19097ea41d0e82999d5b05 PWS .NET framework Malicious Library .NET EXE PE File PE32 VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger unpack itself Windows DNS Cryptographic key				6.0		39	ZeroCERT

8122	2021-05-19 13:32	msf.docm 28618dc816f92287178a26e72c37d311 VBA_macro VirusTotal Malware unpack itself				2.2	M	38	ZeroCERT

8123	2021-05-19 13:33	sisifo_setup.exe 74059a7fb97d04bcdf3df8a1cc4fdcd8 PE File PE32 DLL VirusTotal Malware Check memory Creates executable files unpack itself AppData folder DNS				3.2		39	ZeroCERT

8124	2021-05-19 13:45	sisifo_setup.exe 610eba16c4e6bdff4d3b2da79d31e8f5 PE File PE32 DLL VirusTotal Malware Check memory Creates executable files unpack itself AppData folder DNS				3.2		35	ZeroCERT

8125	2021-05-19 13:45	black.txt 5594e29409269da66e8c7efb5b5e34dd Anti_VM Antivirus SMTP KeyLogger AntiDebug AntiVM Browser Info Stealer FTP Client Info Stealer Email Client Info Stealer Malware suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted unpack itself Check virtual network interfaces WriteConsoleW Windows Browser Email ComputerName DNS Cryptographic key Software crashed keylogger	1 Keyword trend analysis	1		13.0			ZeroCERT

8126	2021-05-19 13:45	1.exe 296546fc0093734f42dfa96729643b86 Anti_VM .NET EXE PE File PE32 Browser Info Stealer FTP Client Info Stealer VirusTotal Malware suspicious privilege Malicious Traffic Check memory Checks debugger buffers extracted unpack itself Checks Bios Collect installed applications Detects VMWare Check virtual network interfaces VMware anti-virtualization installed browsers check Tofsee Windows Browser ComputerName Firmware DNS Cryptographic key Software crashed	2 Keyword trend analysis	3	2	10.0	M	28	ZeroCERT

8127	2021-05-19 13:46	lanzador.exe 5853bcf6d49ce99e5db6f67c1b5838b9 AsyncRAT backdoor PWS .NET framework .NET EXE PE File PE32 VirusTotal Malware PDB Malicious Traffic Check memory Checks debugger unpack itself Check virtual network interfaces Windows crashed	1 Keyword trend analysis	2		5.8		32	ZeroCERT

8128	2021-05-19 13:47	TAOBRAVE20-2NDSOA.cab 76c676330782ef31d6ca09faa5e5262d VirusTotal Malware				0.8	M	22	ZeroCERT

8129	2021-05-19 13:48	msf.docm 28618dc816f92287178a26e72c37d311 VBA_macro VirusTotal Malware unpack itself DNS				2.8	M	38	ZeroCERT

8130	2021-05-19 13:49	embedded-empire-xls.docx 78676b31e396f912739664c3154f5169 Vulnerability VirusTotal Malware unpack itself				2.8	M	34	ZeroCERT