Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Score	Zero	VT	Player
8311	2021-05-25 18:06	mna.exe df8c895d1e6b9fb4e3914a6c4b7e3a31 PWS .NET framework Malicious Library SMTP KeyLogger AntiDebug AntiVM .NET EXE PE File PE32 VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself Windows utilities suspicious process WriteConsoleW Windows ComputerName DNS Cryptographic key crashed				12.8		30	ZeroCERT

8312	2021-05-25 18:06	4Hs8qbk2vS4KWX6.exe f0a1ef38fc601323f5f24a68dc5d02a4 PWS .NET framework Malicious Library SMTP KeyLogger AntiDebug AntiVM .NET EXE PE File PE32 suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself Windows utilities suspicious process WriteConsoleW Windows ComputerName Cryptographic key crashed				10.6			ZeroCERT

8313	2021-05-25 18:09	phantom.exe 2e2c59afbb7175fbafabe95d0d2730a4 Raccoon Stealer Glupteba PE File OS Processor Check PE32 VirusTotal Malware PDB unpack itself Windows DNS crashed				3.2		23	ZeroCERT

8314	2021-05-25 18:10	svchost.exe 760f463b1279b98b75fe6aa0417f83a5 PE File PE32 VirusTotal Malware Check memory RWX flags setting unpack itself suspicious process anti-virtualization				2.6		17	ZeroCERT

8315	2021-05-25 18:11	phantom2.exe 24dc854336a585ea23251476947215f0 Raccoon Stealer Glupteba PE File OS Processor Check PE32 VirusTotal Malware PDB unpack itself Windows crashed				2.0	M	18	ZeroCERT

8316	2021-05-25 18:13	4hKre9EL6dUlIXf.exe 44ce3829d2bed5adf00008a95b6b57c2 PWS .NET framework Malicious Library SMTP KeyLogger AntiDebug AntiVM .NET EXE PE File PE32 VirusTotal Malware PDB suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself Windows utilities suspicious process WriteConsoleW Windows ComputerName Cryptographic key crashed				11.0		13	ZeroCERT

8317	2021-05-26 01:39	ACC.exe 1b566412e52165a3ef457cc7dd0ecfba AsyncRAT backdoor PWS .NET framework Malicious Library Antivirus .NET EXE PE File PE32 VirusTotal Malware powershell PDB suspicious privilege Check memory Checks debugger Creates shortcut unpack itself powershell.exe wrote Check virtual network interfaces suspicious process WriteConsoleW Windows ComputerName DNS Cryptographic key		1		7.0	M	26	guest

8318	2021-05-26 08:58	IMG_078_36_110.exe 7991a1408bbb33e32dab67230cb4a0ff AsyncRAT backdoor SMTP KeyLogger AntiDebug AntiVM .NET EXE PE File PE32 Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware suspicious privilege Malicious Traffic Check memory Checks debugger unpack itself Check virtual network interfaces IP Check Tofsee Windows Browser Email ComputerName DNS Cryptographic key DDNS Software crashed	2 Keyword trend analysis	4	4	8.0		17	ZeroCERT

8319	2021-05-26 08:59	Kill$.exe 84351b76b5750af1b8da4b9b3572ca6a AgentTesla Antivirus Anti_VM DGA DNS Socket Create Service Sniff Audio HTTP Escalate priviledges KeyLogger FTP Code injection Http API Internet API Steal credential ScreenShot Downloader P2P AntiDebug AntiVM PE64 PE File VirusTotal Malware suspicious privilege Code Injection Check memory WMI Creates executable files Windows utilities suspicious process WriteConsoleW shadowcopy delete Windows ComputerName				7.2	M	23	guest

8320	2021-05-26 09:00	PL_175_063_107.exe e2f9e8c9bc0c758d98ee96ff0779076c AsyncRAT backdoor SMTP KeyLogger AntiDebug AntiVM .NET EXE PE File PE32 Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware suspicious privilege Malicious Traffic Check memory Checks debugger unpack itself Check virtual network interfaces VMware IP Check Tofsee Windows Browser Email ComputerName DNS Cryptographic key DDNS Software crashed	2 Keyword trend analysis	4	4	9.2		13	ZeroCERT

8321	2021-05-26 09:02	richedit.exe b89786dcab1dc0b2c71d410c73a9bf8d PE File PE32 VirusTotal Malware Check memory unpack itself				2.2	M	31	ZeroCERT

8322	2021-05-26 09:04	p6.exe 0ff51f81af4ba59f7a3be211066a0f8c PWS .NET framework Malicious Library .NET EXE PE File PE32 VirusTotal Malware Check memory Checks debugger unpack itself Windows ComputerName DNS Cryptographic key		1		3.2		38	ZeroCERT

8323	2021-05-26 09:07	Document%20093250.xls 662ed1aced50cad399d305467f290fea VBA_macro MSOffice File VirusTotal Malware Checks debugger WMI unpack itself Windows utilities suspicious process WriteConsoleW Tofsee Windows ComputerName DNS crashed	1 Keyword trend analysis	3	1	8.0		20	ZeroCERT

8324	2021-05-26 09:09	Oski_KelvinBryant.exe 08c192a4b1b2ffefcb59f04230682f8d PE File OS Processor Check PE32 VirusTotal Malware ComputerName DNS		1		3.0		43	ZeroCERT

8325	2021-05-26 09:17	p4.exe 69a8c51720e4b71360018614cd7a8123 AsyncRAT backdoor PWS .NET framework Malicious Library AntiDebug AntiVM .NET EXE PE File PE32 VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself				7.6		50	ZeroCERT