Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Score	Zero	VT	Player
8146	2021-05-20 07:50	WAX.exe 970247901268bd976aa5eb37d8e703ad PE File PE32 VirusTotal Malware RWX flags setting unpack itself anti-virtualization				2.4		36	ZeroCERT

8147	2021-05-20 07:53	PLF.exe 365d37e09e2514a935e87f9ab793ffc9 PE File PE32 VirusTotal Malware RWX flags setting unpack itself anti-virtualization DNS		1		3.0		35	ZeroCERT

8148	2021-05-20 07:57	XPP.exe 02767a23a2e6b59b337dee3f44b75f39 PE File PE32 RWX flags setting unpack itself anti-virtualization DNS				2.0	M		ZeroCERT

8149	2021-05-20 07:58	ODS.exe 67e197ce60aee392b9a6d6c1f0c8273a PE File PE32 VirusTotal Malware RWX flags setting unpack itself anti-virtualization				2.6	M	40	ZeroCERT

8150	2021-05-20 08:00	0k9L0.mp4 f3cfde24b4dcdb6a8f281929c9e000d5 Gen1 Emotet PE64 PE File OS Processor Check DLL VirusTotal Malware Check memory Creates executable files unpack itself ComputerName	1 Keyword trend analysis	2		2.4	M	19	ZeroCERT

8151	2021-05-20 09:28	n8wwj8ZL6Q34VkW.exe c2eed737336b1194cd3297da7dee1128 PWS .NET framework Malicious Library .NET EXE PE File PE32 VirusTotal Malware Check memory Checks debugger unpack itself Windows DNS Cryptographic key				3.0	M	32	ZeroCERT

8152	2021-05-20 09:28	chrome.exe 3f9e1c91f21e32b1c194d42ed4d2112c PE File PE32 DLL Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware AutoRuns suspicious privilege Checks debugger Creates executable files exploit crash unpack itself AppData folder Windows Exploit Browser Email Cryptographic key Software crashed				8.6	M	22	ZeroCERT

8153	2021-05-20 09:31	vbc.exe a335ba58d6993c66e18c3c9bfefc2032 AsyncRAT backdoor PWS .NET framework Malicious Library SMTP KeyLogger AntiDebug AntiVM .NET EXE PE File OS Processor Check PE32 VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself Windows ComputerName DNS Cryptographic key crashed				9.6	M	28	ZeroCERT

8154	2021-05-20 09:31	sdkdiff.exe 47cd8b6aae996f5510e5963b8fba3438 Gen1 Gen2 PE64 PE File OS Processor Check VirusTotal Malware RWX flags setting unpack itself crashed				2.0		2	ZeroCERT

8155	2021-05-20 09:33	FD1.exe 36f95f7e28e486ef9f48990e23a71ab0 Gen2 PE64 PE File OS Processor Check VirusTotal Malware PDB RWX flags setting unpack itself DNS crashed				2.8		5	ZeroCERT

8156	2021-05-20 09:34	Delivery%20Order%2026947238.xl... c245d6f79bca2e8e87381a68b842c4d2 VBA_macro MSOffice File VirusTotal Malware unpack itself Tofsee	10 Keyword trend analysis Info https://www.ktateeb.vision-building.com/public/graph/uploads/200x300/content_images/CByVubhIO51.php https://clodoaldofernandes.com.br/_privado/sistema/modulos/link/categoria/tqP8TJ220u.php https://ciatran.com.co/wp-content/plugins/shortcodes-ultimate/inc/core/K2kGXKi6v5rC.php https://mail-call.us/76a7Sg6AAZRX.php https://proterra.med.br/wp-includes/js/tinymce/themes/advanced/Zg1TbiK17uVn.php https://agentsv2.ivm.mv/user_guide/_static/css/rjWMenNTq.php https://canteraspalomino.com/firmas/img/UignuN7NTZsS.php https://notificacao.acessoeduk.com.br/FAIBRA/boleto/Ojjgl6TANm7k.php https://fate.sa/2EWZ1gzKbk.php https://aims1.ezicodes.com/wp-includes/js/tinymce/skins/lightgray/A2jVIUfifA7zwR.php	20 Info canteraspalomino.com(192.185.123.100) proterra.med.br(192.185.217.211) fate.sa(192.196.158.90) mail-call.us(74.220.219.123) clodoaldofernandes.com.br(177.72.160.55) ciatran.com.co(107.190.140.178) notificacao.acessoeduk.com.br(186.233.148.33) agentsv2.ivm.mv(192.185.36.231) aims1.ezicodes.com(188.225.225.70) www.ktateeb.vision-building.com(95.217.60.220) 192.185.217.211 107.190.140.178 186.233.148.33 192.185.36.231 95.217.60.220 177.72.160.55 192.196.158.90 188.225.225.70 192.185.123.100 74.220.219.123 - malware	2	3.0	M	19	ZeroCERT

8157	2021-05-20 09:36	kn.exe 6c92e49ac1316c25830ae5d1ece9789c DNS AntiDebug AntiVM .NET EXE PE File PE32 Buffer PE suspicious privilege MachineGuid Code Injection Check memory Checks debugger buffers extracted unpack itself Windows utilities suspicious process WriteConsoleW human activity check Windows ComputerName DNS DDNS		2		13.0	M		ZeroCERT

8158	2021-05-20 09:38	orgload.exe 5215dde464e1fbadbe4e7a59927a73b4 Malicious Library AntiDebug AntiVM .NET EXE PE File PE32 VirusTotal Malware PDB suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself Windows utilities AppData folder Windows				10.4		14	ZeroCERT

8159	2021-05-20 09:38	5.exe 9e0637d40ac3dfd9fed6e63763394d96 Gen1 Gen2 PE File OS Processor Check PE32 DLL JPEG Format VirusTotal Email Client Info Stealer Malware MachineGuid Malicious Traffic Check memory buffers extracted Creates executable files unpack itself Windows utilities Collect installed applications suspicious process AppData folder AntiVM_Disk VM Disk Size Check installed browsers check Tofsee Ransomware Windows Browser Email ComputerName DNS	4 Keyword trend analysis	3	4	9.2		46	ZeroCERT

8160	2021-05-20 09:38	8R9GcHQ9fBwo0Wz.exe db698aae915f80b58a86503167e59976 AgentTesla PWS .NET framework browser info stealer Malicious Library Google Chrome User Data DGA DNS Socket Create Service Sniff Audio HTTP Escalate priviledges KeyLogger FTP Code injection Http API Internet API Steal credential ScreenShot Downloader P2P VirusTotal Malware Buffer PE AutoRuns Code Injection Check memory Checks debugger buffers extracted Creates executable files unpack itself Windows utilities WriteConsoleW Windows DNS Cryptographic key				10.2	M	31	ZeroCERT