Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Score	Zero	VT	Player
8281	2021-05-24 18:15	vbc.exe c43ff70c1a60486bda3a8f005e5bf26f PWS .NET framework Malicious Library SMTP KeyLogger AntiDebug AntiVM .NET EXE PE File PE32 VirusTotal Malware PDB suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself Windows ComputerName DNS Cryptographic key crashed				10.2		40	ZeroCERT

8282	2021-05-24 18:17	rYMtUTp556Z02qL.exe 76c61f35c06b4d510bc59d3f8aa42fea AsyncRAT backdoor PWS .NET framework Malicious Library .NET EXE PE File PE32 VirusTotal Malware PDB Check memory Checks debugger unpack itself Windows Cryptographic key				2.0		8	ZeroCERT

8283	2021-05-24 18:17	brazzz.exe 011ef8c61ebdce09c170eff3311c4a0a Malicious Library .NET EXE PE File PE32 VirusTotal Malware Check memory Checks debugger unpack itself Windows DNS Cryptographic key				3.0		36	ZeroCERT

8284	2021-05-24 18:19	banh.exe 8dc45cee87ca5370db8341c7755c8b9e PWS .NET framework Malicious Library SMTP KeyLogger AntiDebug AntiVM .NET EXE PE File PE32 VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself malicious URLs Windows ComputerName Cryptographic key crashed				9.4		20	ZeroCERT

8285	2021-05-24 18:20	sIIpO8jjC02iQCT.exe 3d9a120a83e330ab0f26454a46b9e1e7 PWS .NET framework Malicious Library .NET EXE PE File PE32 VirusTotal Malware Check memory Checks debugger unpack itself Windows DNS Cryptographic key				2.8		24	ZeroCERT

8286	2021-05-24 18:22	c0r0n4x.spc 4ad6111429ca4e0546a847815659843c AntiDebug AntiVM ELF VirusTotal Malware Check memory Checks debugger unpack itself DNS				2.6		29	ZeroCERT

8287	2021-05-24 18:23	bin---0.exe 9191f2c11d448ac2baa34768d210f3a7 Formbook PE File PE32 FormBook Malware download VirusTotal Malware suspicious privilege Malicious Traffic unpack itself	20 Keyword trend analysis Info http://www.leonardocarrillo.com/p2io/ http://www.micheldrake.com/p2io/?8pz8KT3x=d2NgnqRQHDqC8zfUpSeXKrGILlrAeXd0mpzt/HUKTHCMsqjNpHqiPqxZu8ECgv8Wi9ydyjUw&CR=CFQH8Xe http://www.yunlimall.com/p2io/ http://www.vectoroutlines.com/p2io/?8pz8KT3x=RfOK6jKjejKyxd8Ge5LTyAppaXreGCTFIzs53vHZyU46XfbA28pKG3jMmZvEd1BBCDsLyI+Y&CR=CFQH8Xe http://www.adultpeace.com/p2io/ http://www.liminaltechnology.com/p2io/?8pz8KT3x=PfX6gvL1n2k6iJTsm2w17tv0qq3FBu3hWsZA38xYtqeUN4691F0nKiAgOKyjpkHMBi57ZW6+&CR=CFQH8Xe http://www.adultpeace.com/p2io/?8pz8KT3x=4oufm6g7w9cVhgu+mDBWoA8I6Q2bNaX51teMhl/6i5f1woTl8Y4Ohfe29cQ9y7IaJQfIj0iK&CR=CFQH8Xe http://www.alfenas.info/p2io/ http://www.untylservice.com/p2io/?8pz8KT3x=L8zxg9SOaofWzoyPv00N4yNSfvs8vmV6MzKbpPLG03vcM8SdHJJ++2zBKn8m8TZ8Pf8jLpz7&CR=CFQH8Xe http://www.alfenas.info/p2io/?8pz8KT3x=qSqSgno9cBloRqN5VLtR5zfvl4qKeuO7jrdOV5f2r4ZX0X85kelskx3YtL4YRmLXGzhxb6Nv&CR=CFQH8Xe http://www.liminaltechnology.com/p2io/ http://www.essentiallyourscandles.com/p2io/?8pz8KT3x=tOwaJov3Qh/So8Abi3+vLu8KpTdHs2Vuljr6rtQHuYg94Ec45hj5yXZ1J0+xHcOVWF/IMli4&CR=CFQH8Xe http://www.untylservice.com/p2io/ http://www.vectoroutlines.com/p2io/ http://www.myfavbutik.com/p2io/ http://www.yunlimall.com/p2io/?8pz8KT3x=FG8u3oFYMEksByvCNClu9ACxgqrSnZ6gPOMyaYsdv+YEYVVrg2Qkx51ZmTmiwfcSVwhsWZbW&CR=CFQH8Xe http://www.essentiallyourscandles.com/p2io/ http://www.leonardocarrillo.com/p2io/?8pz8KT3x=Z8FkwwkotLBkQtrDqM/eMJCTIQtJD+6S4GTF4HzAZ8KQRsKSHf3+L+a292aesc2eaUyoVCup&CR=CFQH8Xe http://www.micheldrake.com/p2io/ http://www.myfavbutik.com/p2io/?8pz8KT3x=dKp6rERBK113SD0GvHZ5ksFEU2G9ncFkpMVxqDe1xbP28bbT8N8SqFHc7ZWN2qvn1fWpyoOF&CR=CFQH8Xe	24 Info www.leonardocarrillo.com() www.essentiallyourscandles.com(23.227.38.74) www.vectoroutlines.com(198.54.126.105) www.pandemisorgugirisi-tr.com() www.adultpeace.com(163.44.239.73) www.liminaltechnology.com(185.111.89.170) www.buylocalclub.info() www.tricqr.com() www.micheldrake.com(192.0.78.25) www.myfavbutik.com(172.67.161.4) www.alfenas.info(34.102.136.180) www.untylservice.com(185.224.137.223) www.zgcbw.net() www.yunlimall.com(142.111.47.2) 185.224.137.223 163.44.239.73 198.54.126.105 - mailcious 209.99.40.222 - mailcious 185.111.89.170 34.102.136.180 - mailcious 104.21.15.16 192.0.78.24 - mailcious 23.227.38.74 - mailcious 142.111.47.2	1	3.6		44	ZeroCERT

8288	2021-05-24 18:24	vbc.exe 3b2b6ffb60a32fda17e7196a96dd7e72 AsyncRAT backdoor PWS .NET framework Malicious Library SMTP KeyLogger AntiDebug AntiVM .NET EXE PE File PE32 VirusTotal Malware PDB suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself Windows ComputerName Cryptographic key crashed		1		9.0	M	18	ZeroCERT

8289	2021-05-25 09:31	ACC.exe 1b566412e52165a3ef457cc7dd0ecfba AsyncRAT backdoor PWS .NET framework Malicious Library Escalate priviledges AntiDebug AntiVM .NET EXE PE File PE32 Browser Info Stealer VirusTotal Malware powershell AutoRuns PDB suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted Creates shortcut Creates executable files unpack itself Windows utilities Disables Windows Security powershell.exe wrote Check virtual network interfaces suspicious process WriteConsoleW shadowcopy delete Ransomware Windows Browser ComputerName DNS Cryptographic key	1 Keyword trend analysis	1		19.4	M	26	ZeroCERT

8290	2021-05-25 09:33	tSuk40mH9f7Dz23.exe 232b3e7b065156daaabbc65228e0eede AsyncRAT backdoor PWS .NET framework Malicious Library .NET EXE PE File PE32 VirusTotal Malware PDB Check memory Checks debugger unpack itself Windows Cryptographic key				2.4		21	ZeroCERT

8291	2021-05-25 09:35	app.exe e6f2c7e2ebd7dd935bbdce6c38e50467 Raccoon Stealer Glupteba PE File OS Processor Check PE32 VirusTotal Malware PDB unpack itself Windows DNS crashed				3.4		26	ZeroCERT

8292	2021-05-25 09:35	nd.xlsx f886a27269a2648e3cb5cf4ce85d579b MSOffice File Malware download VirusTotal Malware exploit crash unpack itself Windows Exploit DNS DDNS crashed Downloader	1 Keyword trend analysis	5	2	5.4		16	ZeroCERT

8293	2021-05-25 09:36	bin---old.exe 18d071af176d03b7611afe4d60b9cac9 AsyncRAT backdoor PWS .NET framework Malicious Library AntiDebug AntiVM .NET EXE PE File PE32 VirusTotal Malware PDB suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself Windows Cryptographic key				7.6		21	ZeroCERT

8294	2021-05-25 09:38	bin.exe 6ab96e3529b17180141109a469eb5a43 AsyncRAT backdoor PWS .NET framework Malicious Library AntiDebug AntiVM .NET EXE PE File PE32 VirusTotal Malware PDB suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself Windows DNS Cryptographic key				8.2		22	ZeroCERT

8295	2021-05-25 09:38	kn.exe c1827d46d577d50f668c8b0b845416c3 PE File PE32 DLL VirusTotal Malware Check memory Creates executable files unpack itself AppData folder				2.6		12	ZeroCERT