popup

Submissions

No Date Request Urls Hosts IDS Rule Score Zero VT Player Etc
8341 2021-05-26 09:42 retretwork.exe  

0694273bf7ef4b376ea26ffc4434240e


PE File PE32 DLL Browser Info Stealer LokiBot Malware download FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware c&c suspicious privilege MachineGuid Malicious Traffic Check memory Creates executable files unpack itself AppData folder installed browsers check Browser Email ComputerName Software 		1 2 7 8.2 13 ZeroCERT

8342 2021-05-26 09:45 y5.exe  

a923bf5fba472d85713560b15ccede99


PWS .NET framework Malicious Library AntiDebug AntiVM .NET EXE PE File PE32 VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself Windows Cryptographic key 		7.4 M 28 ZeroCERT

8343 2021-05-26 09:48 New%20Order.exe  

9686d7f5778397a1727d314553f126d4


Antivirus .NET EXE PE File PE32 VirusTotal Malware powershell suspicious privilege Check memory Checks debugger Creates shortcut Creates executable files unpack itself Windows utilities Disables Windows Security powershell.exe wrote suspicious process AppData folder sandbox evasion WriteConsoleW Ransomware Windows ComputerName Cryptographic key crashed 		8.6 M 19 ZeroCERT

8344 2021-05-26 09:52 t.exe  

ddda0d5616775408eb31992c1d602a8d


AsyncRAT backdoor .NET EXE PE File PE32 VirusTotal Malware Malicious Traffic Check memory Checks debugger buffers extracted unpack itself Check virtual network interfaces Tofsee Windows DNS 		2 3 8 1 3.6 18 ZeroCERT

8345 2021-05-26 09:52 origin.exe  

8270fec5a4b9cd84da15ab4b61e891ee


Malicious Packer .NET EXE PE File PE32 VirusTotal Malware suspicious privilege Check memory Checks debugger unpack itself DNS 		2.8 39 ZeroCERT

8346 2021-05-26 10:14 document.exe  

46179daceb9602cc1f11c2e002c35f57


PE File 		guest

8347 2021-05-26 10:22 1.exe  

d6a178030c845618787d82658751f393


DLL PE File PE32 		Kim.GS

8348 2021-05-26 10:27 document.exe  

ff030ccb88227fc44d495468a2cc8992


DLL PE File PE32 		0.6 guest

8349 2021-05-26 10:30 document.exe  

ff030ccb88227fc44d495468a2cc8992


DLL PE File PE32 		0.6 guest

8350 2021-05-26 10:30 document.exe  

d6a178030c845618787d82658751f393


DLL PE File PE32 		Kim.GS

8351 2021-05-26 11:44 IMG_3615_763_8.exe  

87eb69c0cf08d284c76acc6666749a91


AsyncRAT backdoor AntiDebug AntiVM .NET EXE PE File PE32 VirusTotal Malware suspicious privilege unpack itself DNS 		1 2.8 M 13 ZeroCERT

8352 2021-05-26 15:18 origin.exe  

8270fec5a4b9cd84da15ab4b61e891ee


AgentTesla(IN) Malicious Packer .NET EXE PE File PE32 VirusTotal Malware suspicious privilege Check memory Checks debugger unpack itself 		2.2 M 39 r0d

8353 2021-05-26 17:40 PO 474050.xls  

8cd09ba1a0a1c52115e5419c92342708


VBA_macro MSOffice File VirusTotal Malware unpack itself Tofsee 		10 20 4 3.4 M 34 ZeroCERT

8354 2021-05-26 17:44 0BwVRYsmMqnmVek1UbU9tQnRjS28  

d9b498a75f204feb90dbe7e6da25ea11

 ZeroCERT

8355 2021-05-26 17:47 HOO.exe  

b0c6368fb892e87132504695169245d0


PE File PE32 VirusTotal Malware RWX flags setting unpack itself anti-virtualization crashed 		2.4 25 ZeroCERT

keyword