Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Rule	Score	Zero	VT	Player
8356	2023-09-23 20:05	DigitalPulse.exe 3e74b7359f603f61b92cf7df47073d4a Generic Malware Malicious Library UPX PE File PE32 MZP Format OS Processor Check PE64 VirusTotal Malware Checks debugger unpack itself AppData folder					2.4		28	ZeroCERT

8357	2023-09-23 20:05	setup.exe 9cb4b92f6b0eef1a38d3dcf3c8ff9757 Malicious Library PE File PE32 VirusTotal Malware WMI Creates executable files RWX flags setting Checks Bios anti-virtualization ComputerName					3.8	M	24	ZeroCERT

8358	2023-09-23 19:55	LightCleaner.exe 8b04643577f8dd8fab107e1db5c3882d njRAT UPX Antivirus .NET framework(MSIL) PE File PE32 .NET EXE VirusTotal Malware PDB MachineGuid Check memory Checks debugger unpack itself					2.0		28	ZeroCERT

8359	2023-09-23 19:49	d1e3511d22c7f4502e50699a6735aa... d1e3511d22c7f4502e50699a6735aa38 Malicious Library UPX .NET DLL PE File DLL PE32 OS Processor Check VirusTotal Malware PDB					1.8		41	ZeroCERT

8360	2023-09-23 19:47	df656194809375ad60e61b7e05cf02... df656194809375ad60e61b7e05cf02ac Malicious Library UPX .NET DLL PE File DLL PE32 OS Processor Check VirusTotal Malware PDB					1.0		3	ZeroCERT

8361	2023-09-23 19:34	Black.exe 55e9b1518973a808c7b567fe3ad52153 RedLine Infostealer RedLine stealer UPX .NET framework(MSIL) Confuser .NET PE File PE32 .NET EXE OS Processor Check VirusTotal Malware Check memory Checks debugger unpack itself Windows DNS Cryptographic key		1			3.8	M	54	ZeroCERT

8362	2023-09-23 19:32	aktivosexeeeeeee.exe 626babe1d3377fe912f28488866fd891 .NET framework(MSIL) PE File PE32 .NET EXE Browser Info Stealer VirusTotal Email Client Info Stealer Malware PDB suspicious privilege Check memory Checks debugger unpack itself Browser Email ComputerName crashed					4.0	M	26	ZeroCERT

8363	2023-09-23 19:30	Green.exe 4d6a1026728059cb4259537c95ba4abf RedLine Infostealer RedLine stealer UPX .NET framework(MSIL) Confuser .NET PE File PE32 .NET EXE OS Processor Check VirusTotal Malware Check memory Checks debugger unpack itself Windows DNS Cryptographic key		1			3.8	M	52	ZeroCERT

8364	2023-09-23 19:30	Blue.exe 307a68077f059e5ea634795ce6f2f9ca RedLine Infostealer RedLine stealer UPX .NET framework(MSIL) Confuser .NET PE File PE32 .NET EXE OS Processor Check VirusTotal Malware Check memory Checks debugger unpack itself Windows DNS Cryptographic key		1			3.8	M	53	ZeroCERT

8365	2023-09-23 19:30	qasx.vbs 5b2229d9e2c1e56a5ad88f560b059956 Generic Malware Antivirus Hide_URL PowerShell VirusTotal Malware powershell suspicious privilege Check memory Checks debugger buffers extracted Creates shortcut unpack itself Check virtual network interfaces suspicious process WriteConsoleW Tofsee Windows ComputerName Cryptographic key	3 Keyword trend analysis	3	1		8.4		3	ZeroCERT

8366	2023-09-23 19:28	nsi85.exe a1bc2664e9c74a561ad7d36735914d61 RedLine stealer Gen1 Emotet Browser Login Data Stealer task schedule Malicious Library UPX ASPack Http API PWS HTTP Internet API AntiDebug AntiVM PE File PE32 CAB DLL OS Processor Check Browser Info Stealer RedLine Malware download FTP Client Info Stealer VirusTotal Malware Microsoft AutoRuns PDB suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted WMI Creates executable files unpack itself Collect installed applications AppData folder AntiVM_Disk VM Disk Size Check installed browsers check Stealc Stealer Windows Browser ComputerName Remote Code Execution DNS Cryptographic key Software crashed	1 Keyword trend analysis	2	7 Info ET MALWARE [ANY.RUN] Win32/Stealc Checkin (POST) ET HUNTING GENERIC SUSPICIOUS POST to Dotted Quad with Fake Browser 1 ET INFO Microsoft net.tcp Connection Initialization Activity ET MALWARE Redline Stealer TCP CnC Activity ET MALWARE [ANY.RUN] RedLine Stealer Related (MC-NMF Authorization) ET MALWARE Redline Stealer TCP CnC - Id1Response ET MALWARE Redline Stealer Activity (Response)	1	16.4	M	40	ZeroCERT

8367	2023-09-23 19:28	DV.exe 974cf9781ee4c391d8c78f68247e1b18 PE File ftp PE64 VirusTotal Malware unpack itself					2.0	M	49	ZeroCERT

8368	2023-09-23 19:28	94.228.169.123 a2fb0b0d34d71073cd037e872d40ea14 Generic Malware PE File DLL PE64 VirusTotal Malware					1.0	M	33	ZeroCERT

8369	2023-09-23 19:26	LicenseChecker.exe 9fdc64ec19b88144c87e10004a7ebebd PE File PE32 .NET EXE ftp VirusTotal Malware AutoRuns suspicious privilege MachineGuid Check memory Checks debugger Creates executable files unpack itself Windows utilities suspicious process AppData folder WriteConsoleW Windows					6.4	M	41	ZeroCERT

8370	2023-09-23 19:26	Yellow.exe c164b7fe11a08a813729f746b87d5337 RedLine Infostealer RedLine stealer UPX .NET framework(MSIL) Confuser .NET PE File PE32 .NET EXE OS Processor Check VirusTotal Malware Check memory Checks debugger unpack itself Windows DNS Cryptographic key		1			3.8	M	44	ZeroCERT