Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Rule	Score	Zero	VT	Player
8491	2021-06-02 18:04	cc200-099.exe 7bc408042f560b1eb350925c9eebab8c AsyncRAT backdoor PWS .NET framework Generic Malware Admin Tool (Sysinternals Devolutions inc) Anti_VM Malicious Library SMTP AntiDebug AntiVM PE File .NET EXE PE32 VirusTotal Malware PDB suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself Windows Cryptographic key					7.4		17	ZeroCERT

8492	2021-06-02 18:04	sg-3nlJH.exe 41a5ea7052e4e49b5f159511f4f3a1ec AsyncRAT backdoor SMTP KeyLogger AntiDebug AntiVM PE File .NET EXE PE32 Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted unpack itself Check virtual network interfaces IP Check Tofsee Windows Browser Email ComputerName DNS Cryptographic key DDNS Software crashed	2 Keyword trend analysis	4	4		13.2	M	28	ZeroCERT

8493	2021-06-02 18:11	file16.exe 71be6ce9458398183d7664cc8e4edc51 AsyncRAT backdoor PWS .NET framework BitCoin Admin Tool (Sysinternals Devolutions inc) Anti_VM AntiDebug AntiVM PE File .NET EXE PE32 Browser Info Stealer VirusTotal Malware PDB suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted unpack itself Collect installed applications Check virtual network interfaces installed browsers check Tofsee Windows Browser ComputerName DNS Cryptographic key crashed	2 Keyword trend analysis	4	1		11.8		16	ZeroCERT

8494	2021-06-02 18:13	toolspab1.exe bc004ebe4199980b8686dc9202f3b7cb Generic Malware Malicious Packer Malicious Library PE File OS Processor Check PE32 VirusTotal Malware PDB unpack itself Windows DNS crashed		2			3.6	M	26	ZeroCERT

8495	2021-06-02 18:15	Setup2.exe e9d57ca7c57fdeed2e24074ce20e3310 Gen2 Emotet Generic Malware VMProtect PE File PE32 DLL GIF Format VirusTotal Malware suspicious privilege MachineGuid Malicious Traffic Check memory Checks debugger buffers extracted Creates shortcut Creates executable files unpack itself AppData folder AntiVM_Disk sandbox evasion IP Check VM Disk Size Check installed browsers check Browser ComputerName DNS crashed	3 Keyword trend analysis	8	2	2	10.0	M	47	ZeroCERT

8496	2021-06-02 18:17	filename.exe e9f7040390e3052baacd0e25e6186e01 Generic Malware Malicious Packer Malicious Library PE File OS Processor Check PE32 VirusTotal Malware PDB unpack itself Windows DNS crashed					3.6	M	23	ZeroCERT

8497	2021-06-03 07:37	mimikatz.exe 8d0a0f482090df08b986c7389c1401c2 Gen2 PE File PE64 VirusTotal Malware Check memory WriteConsoleW DNS					2.2		40	guest

8498	2021-06-03 07:38	OSnArKbouinwHTMsm.exe fffb2b816a4e4afadace3876de1245bb AsyncRAT backdoor PWS .NET framework Admin Tool (Sysinternals Devolutions inc) Anti_VM Malicious Library SMTP KeyLogger AntiDebug AntiVM PE File .NET EXE PE32 VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself Windows utilities suspicious process WriteConsoleW Windows ComputerName Cryptographic key crashed					11.8		40	ZeroCERT

8499	2021-06-03 07:40	MSxMnArarcVRS32Z.exe fa7f986810b452cb785e294d1e2d4c4d AsyncRAT backdoor PWS .NET framework Admin Tool (Sysinternals Devolutions inc) Anti_VM Malicious Library SMTP KeyLogger AntiDebug AntiVM PE File .NET EXE PE32 VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself Windows utilities suspicious process WriteConsoleW Windows ComputerName Cryptographic key crashed					11.8	M	17	ZeroCERT

8500	2021-06-03 07:42	OGngyu7VMPef7zMc3.exe bf1e36cc296d0bbaf33e28417a2b0d00 AsyncRAT backdoor PWS .NET framework Admin Tool (Sysinternals Devolutions inc) Anti_VM Malicious Library SMTP KeyLogger AntiDebug AntiVM PE File .NET EXE PE32 VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself Windows utilities suspicious process WriteConsoleW Windows ComputerName Cryptographic key crashed					10.8	M	18	ZeroCERT

8501	2021-06-03 07:44	template-jn02b3.dot 7bad9bfadd445f637abb738bba8000c7 VBA_macro MSOffice File VirusTotal Malware unpack itself					1.6	M	24	ZeroCERT

8502	2021-06-03 07:52	217.exe 8d5e4167aa133e350eb0b8e983b81cd8 PWS .NET framework Admin Tool (Sysinternals Devolutions inc) Anti_VM Malicious Library AntiDebug AntiVM PE File .NET EXE PE32 VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself Windows DNS Cryptographic key					7.8		15	ZeroCERT

8503	2021-06-03 08:01	cc200-0008.exe eaff083cf662029659ef37118e198006 Admin Tool (Sysinternals Devolutions inc) Anti_VM Malicious Library AntiDebug AntiVM PE File .NET EXE OS Processor Check PE32 VirusTotal Malware PDB suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself Windows utilities AppData folder Windows DNS Cryptographic key					9.6		19	ZeroCERT

8504	2021-06-03 09:19	PO 825468.xls d24d609e6ac612f69030bfc3695e6aad VBA_macro Malicious Packer MSOffice File VirusTotal Malware unpack itself Tofsee	4 Keyword trend analysis Info https://sunshineserviceproviders.com/wp-content/plugins/w2dc/templates/categories/WS3E2S2dTX7hx.php https://bwcreativestudio.com/blog/wp-includes/js/jquery/ui/PrEe0VE6BJ0CD.php https://arboretsens72.fr/wp-content/themes/twentyseventeen/template-parts/footer/X8FJlzkyXi8ixjn.php https://zabalit.com/wp-content/plugins/wordpress-seo/css/dist/3IR10ztB.php	8	2		5.0		22	ZeroCERT

8505	2021-06-03 10:06	3IR10ztB.php a9a3fd9fd53605ef2bebef23dc595750 PE File DLL PE32 VirusTotal Malware					1.2		19	ZeroCERT