Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Score	Zero	VT	Player
8371	2023-09-23 19:23	couzineeeeeeeeeeeeee.exe ea7cb34198de808f03b70a26fc884b12 .NET framework(MSIL) PE File PE32 .NET EXE Browser Info Stealer VirusTotal Email Client Info Stealer Malware PDB suspicious privilege Check memory Checks debugger unpack itself Browser Email ComputerName crashed				4.2	M	35	ZeroCERT

8372	2023-09-23 19:23	c.exe efa3ba876e6958864306ff625b9d74a1 Malicious Library UPX PE File PE32 OS Processor Check VirusTotal Malware unpack itself Remote Code Execution				1.8	M	29	ZeroCERT

8373	2023-09-23 19:21	PLV.exe ac5a067a49c0347a26cb08dbf77f45b2 PE File PE64 VirusTotal Malware unpack itself				2.0	M	50	ZeroCERT

8374	2023-09-23 19:21	Gray.exe 98633738065af5b71b373985df27dad8 RedLine Infostealer RedLine stealer UPX .NET framework(MSIL) Confuser .NET PE File PE32 .NET EXE OS Processor Check VirusTotal Malware Check memory Checks debugger unpack itself Windows DNS Cryptographic key		1		3.8		53	ZeroCERT

8375	2023-09-23 19:18	aa.xll a2fb0b0d34d71073cd037e872d40ea14 Generic Malware PE File DLL PE64 VirusTotal Malware				1.0	M	33	ZeroCERT

8376	2023-09-23 19:04	eae04e28d321627908712bb23d1d47... eae04e28d321627908712bb23d1d4799 Malicious Library UPX Malicious Packer PE File PE32 .NET EXE Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware suspicious privilege Check memory Checks debugger unpack itself Browser Email ComputerName Software crashed				4.4		45	ZeroCERT

8377	2023-09-23 18:58	aa.xll.exe f1b91fdbcd062031687e2766ab6773b6 Generic Malware PE File DLL PE64 VirusTotal Malware MachineGuid Check memory Checks debugger RWX flags setting unpack itself suspicious process WriteConsoleW				3.4	M	37	ZeroCERT

8378	2023-09-23 09:47	Clipper.exe a8336c9284c9ef94e43c872a9d851745 PE File PE32 .NET EXE VirusTotal Malware Malicious Traffic Check memory Checks debugger buffers extracted unpack itself Check virtual network interfaces IP Check Tofsee Tor ComputerName	4 Keyword trend analysis Info http://ip-api.com/line?fields=query,country,city http://eternityms33k74r7iuuxfda4sqsiei3o3lbtr5cpalf6f4skszpruad.onion.nz/clp/7c418373ff8d4e30b27ec3685695bf8a?install=1&wallets=&user=dGVzdDIy&comp=VEVTVDIyLVBD&ip=MTc1LjIwOC4xMzQuMTUy&country=U291dGggS29yZWE%3D&city=U29uZ3BhLWd1 https://onion.nz/onion-site-connection-error/ https://eternityms33k74r7iuuxfda4sqsiei3o3lbtr5cpalf6f4skszpruad.onion.nz/clp/7c418373ff8d4e30b27ec3685695bf8a?install=1&wallets=&user=dGVzdDIy&comp=VEVTVDIyLVBD&ip=MTc1LjIwOC4xMzQuMTUy&country=U291dGggS29yZWE%3D&city=U29uZ3BhLWd1	6	2	4.8		50	ZeroCERT

8379	2023-09-23 09:46	Miner.exe b286969b55a9dbb7c7fb450772107ac1 PE File PE64 VirusTotal Malware		2		1.6		45	ZeroCERT

8380	2023-09-23 09:44	Rat.exe f8c994f9200f4155e881ab90ab1598a7 Malicious Library PE File PE64 VirusTotal Malware RWX flags setting unpack itself ComputerName Remote Code Execution DNS		1	1	5.2		55	ZeroCERT

8381	2023-09-23 09:44	Stealer.exe 841ce3b003ee2d41c5c6b53a983f31c1 .NET framework(MSIL) PE File PE32 .NET EXE VirusTotal Malware MachineGuid Check memory Checks debugger unpack itself				2.2		50	ZeroCERT

8382	2023-09-23 09:44	rh_0.4.9rc1.exe c5c64755f463c91c92f516b3214c5b37 Malicious Library UPX PE File PE32 OS Processor Check VirusTotal Malware WMI RWX flags setting unpack itself ComputerName DNS crashed		1		6.0	M	58	ZeroCERT

8383	2023-09-23 09:42	LummaC2.exe c2ffa5554a8f784cca5476aa87f575e8 Malicious Library UPX Malicious Packer PE File PE32 OS Processor Check VirusTotal Malware				1.8	M	38	ZeroCERT

8384	2023-09-23 09:41	Dropper1.exe 5bdab56a23cabe2a7d38338ba91ecba3 Malicious Library Admin Tool (Sysinternals etc ...) UPX PE File PE32 MZP Format OS Processor Check VirusTotal Malware unpack itself Tofsee ComputerName Remote Code Execution		3	2	1.4	M	5	ZeroCERT

8385	2023-09-23 09:40	d3xi5rws2ffuli.exe 52c2f13a9fa292d1f32439dde355ff71 Malicious Library UPX PWS SMTP AntiDebug AntiVM PE File PE32 OS Processor Check Browser Info Stealer RedLine Malware download FTP Client Info Stealer VirusTotal Malware Microsoft Buffer PE suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself Collect installed applications installed browsers check Stealer Windows Browser ComputerName DNS Cryptographic key Software crashed		1	4	11.0	M	47	ZeroCERT