Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Score	Zero	VT	Player
8401	2023-09-22 17:52	protect.msi 8a740944a8031c72ddd594c45bff03bc Malicious Library UPX MSOffice File CAB OS Processor Check PE File DLL PE32 VirusTotal Malware suspicious privilege Check memory Checks debugger unpack itself AppData folder AntiVM_Disk VM Disk Size Check ComputerName		2	1	2.6		2	ZeroCERT

8402	2023-09-22 17:47	protect.dll 1490c4b8c26ca71a96797e1ef0548a62 Generic Malware Malicious Library UPX Antivirus PE File PE64 OS Processor Check PowerShell VirusTotal Malware powershell PDB suspicious privilege MachineGuid Check memory Checks debugger Creates shortcut unpack itself powershell.exe wrote suspicious process Windows ComputerName Cryptographic key				5.2		8	ZeroCERT

8403	2023-09-22 17:45	reserva....exe 3403cb537d8e1e6257068d3189705050 Gen1 Emotet Generic Malware Malicious Library UPX AntiDebug AntiVM PE File PE32 OS Processor Check CAB VirusTotal Malware AutoRuns Code Injection Check memory Checks debugger Creates executable files unpack itself AppData folder AntiVM_Disk VM Disk Size Check Windows ComputerName DNS DDNS crashed		2	1	6.4		34	ZeroCERT

8404	2023-09-22 17:03	d292defb89bac7be1d7f41a292887e... d292defb89bac7be1d7f41a292887eeb Generic Malware UPX .NET framework(MSIL) Malicious Packer PE File PE32 .NET EXE Malware download NetWireRC VirusTotal Malware IP Check RAT DNS DDNS	1 Keyword trend analysis	4	4	3.4		60	ZeroCERT

8405	2023-09-22 16:38	0ea461af5bf18fa9fe0a4945bda2c2... 0ea461af5bf18fa9fe0a4945bda2c2c0 Generic Malware Malicious Library UPX Downloader Antivirus .NET framework(MSIL) Malicious Packer PE File PE32 .NET EXE OS Processor Check PDB MachineGuid Check memory Checks debugger unpack itself				1.2			ZeroCERT

8406	2023-09-22 13:36	Rws.xll d1a45948f411c02136ca98410475de52 Generic Malware PE File DLL PE64 VirusTotal Malware				0.4		7	ZeroCERT

8407	2023-09-22 13:36	Gwl.xll d1a45948f411c02136ca98410475de52 Generic Malware PE File DLL PE64 VirusTotal Malware				0.4		7	ZeroCERT

8408	2023-09-22 13:36	Hjm.xll f1b91fdbcd062031687e2766ab6773b6 Generic Malware PE File DLL PE64 VirusTotal Malware				0.4		8	ZeroCERT

8409	2023-09-22 10:51	5a8434f899549874f8114dda6a6e27... 5a8434f899549874f8114dda6a6e2763 Generic Malware task schedule Downloader Malicious Library UPX Antivirus .NET framework(MSIL) Malicious Packer Create Service Socket P2P DGA Steal credential Http API Escalate priviledges PWS Sniff Audio HTTP DNS ScreenShot Code injection Internet API FTP VirusTotal Malware Code Injection Check memory Checks debugger unpack itself Windows utilities WriteConsoleW Windows				3.6		59	ZeroCERT

8410	2023-09-22 09:36	cod.jpg_1.exe 66f08e67109b6c6f161530d6f2e009d2 AsyncRAT UPX .NET framework(MSIL) Malicious Packer PE File PE32 .NET EXE OS Processor Check		2					ZeroCERT

8411	2023-09-22 09:34	cod.jpg_2.exe d6acfe956cc6ae5006f747e8b04bddb0 Confuser .NET .NET DLL PE File DLL PE32 VirusTotal Malware				1.2		42	ZeroCERT

8412	2023-09-22 09:31	cod.jpg.vbs e5556e4179d7bf35e96d269d8c511c5a Antivirus crashed				0.2			ZeroCERT

8413	2023-09-22 09:11	Jonas_Fiedler_2022_tax.js c5429b73a55a97c9560f3bec2e5861e2 Generic Malware Antivirus powershell suspicious privilege Check memory Checks debugger Creates shortcut unpack itself suspicious process WriteConsoleW Windows ComputerName Cryptographic key	1 Keyword trend analysis			4.8			ZeroCERT

8414	2023-09-22 07:55	u.exe 1cc5f4774e35db4143eaeadc67f230dd RedLine Infostealer RedLine stealer UPX .NET framework(MSIL) Confuser .NET PE File PE32 .NET EXE OS Processor Check Browser Info Stealer RedLine Malware download FTP Client Info Stealer VirusTotal Malware Microsoft suspicious privilege Check memory Checks debugger buffers extracted unpack itself Collect installed applications installed browsers check Stealer Windows Browser ComputerName DNS Cryptographic key Software crashed		1	5	6.2	M	49	ZeroCERT

8415	2023-09-22 07:52	sunor.exe a7e4eb402115dec3547194a610da7760 Malicious Library UPX AntiDebug AntiVM PE File PE32 OS Processor Check DLL VirusTotal Malware PDB Code Injection unpack itself suspicious process AppData folder Remote Code Execution				3.6		29	ZeroCERT