popup

Submissions

No Date Request Urls Hosts IDS Rule Score Zero VT Player Etc
8506 2023-12-11 19:17 tuc4.exe  

269b9baebbde670b904d009f61854799


Emotet Gen1 Generic Malware Malicious Library UPX Malicious Packer Admin Tool (Sysinternals etc ...) PE32 PE File MZP Format DLL OS Processor Check DllRegisterServer dll PE64 wget ZIP Format Check memory Checks debugger Creates executable files unpack itself Windows utilities suspicious process AppData folder WriteConsoleW Windows ComputerName crashed 		4.2 M ZeroCERT

8507 2023-12-11 19:16 bloodefficiency.exe  

6d7108103907bff106aa0ada254e52b2


.NET framework(MSIL) PE32 PE File .NET EXE VirusTotal Malware Check memory Checks debugger unpack itself Check virtual network interfaces DNS 		1 4.4 M 50 ZeroCERT

8508 2023-12-11 19:16 Gdbpyzcldrr.exe  

ab0443c4b5ae89cd913377183852ecb3


Hide_EXE .NET framework(MSIL) AntiDebug AntiVM PE File PE64 .NET EXE VirusTotal Malware suspicious privilege MachineGuid Code Injection Check memory Checks debugger buffers extracted unpack itself Windows Cryptographic key 		7.6 M 25 ZeroCERT

8509 2023-12-11 18:46 wlanext.exe  

0ac30e4d15c7aa703d6999c80f524373


Generic Malware Malicious Library UPX Antivirus PE32 PE File VirusTotal Malware powershell suspicious privilege Check memory Checks debugger Creates shortcut unpack itself Windows utilities powershell.exe wrote suspicious process Windows ComputerName Cryptographic key crashed 		7.2 M 44 ZeroCERT

8510 2023-12-11 18:43 Booking_information.exe  

24ba06fd80a3f7f185804ae0b8de0682


UPX Malicious Library AntiDebug AntiVM PE32 PE File .NET EXE Browser Info Stealer RedLine Malware download FTP Client Info Stealer VirusTotal Malware Microsoft suspicious privilege Code Injection Check memory Checks debugger buffers extracted Creates executable files unpack itself Collect installed applications AppData folder installed browsers check Stealer Windows Browser ComputerName DNS Cryptographic key Software crashed 		1 3 13.8 M 52 ZeroCERT

8511 2023-12-11 18:42 tuc2.exe  

db2a79634197945313bdc4d81154981e


Emotet Gen1 Generic Malware Malicious Library UPX Malicious Packer Admin Tool (Sysinternals etc ...) PE32 PE File MZP Format DLL OS Processor Check DllRegisterServer dll PE64 wget ZIP Format VirusTotal Malware Check memory Checks debugger Creates executable files unpack itself Windows utilities suspicious process AppData folder WriteConsoleW Windows ComputerName crashed 		5.0 M 23 ZeroCERT

8512 2023-12-11 18:41 wlanext.exe  

669874d49e316097b979b2b3535ddc0d


NSIS Generic Malware Malicious Library UPX Antivirus PE32 PE File VirusTotal Malware powershell suspicious privilege Check memory Checks debugger Creates shortcut unpack itself Windows utilities powershell.exe wrote suspicious process Windows ComputerName Cryptographic key crashed 		7.6 M 43 ZeroCERT

8513 2023-12-11 18:40 wlanext.exe  

81d2e375dce372acb9d13e41748ecc2f


NSIS Generic Malware Malicious Library UPX Antivirus PE32 PE File powershell suspicious privilege Check memory Checks debugger Creates shortcut unpack itself Windows utilities powershell.exe wrote suspicious process Windows ComputerName Cryptographic key crashed 		5.8 M ZeroCERT

8514 2023-12-11 15:30 BraveCrashHandler64.exe  

80933f1574b52fe27bfc085779bd2552


EnigmaProtector Generic Malware UPX PE32 PE File MZP Format PE64 VirusTotal Malware suspicious privilege Checks debugger WMI Creates executable files unpack itself Windows utilities Detects VMWare suspicious process sandbox evasion WriteConsoleW VMware Windows ComputerName crashed 		8.2 M 26 ZeroCERT

8515 2023-12-11 15:29 prox.exe  

a09dc65d1b842e5fd4dbd4bf4fc74a0b


Hide_EXE UPX PE File PE64 OS Processor Check VirusTotal Malware AutoRuns suspicious privilege Code Injection Check memory Checks debugger unpack itself Windows DNS Cryptographic key 		1 6.4 M 46 ZeroCERT

8516 2023-12-11 15:28 ma.exe  

c1ca2440bbc8d8e5928e7d28eb4d24ca


UPX PE File PE64 .NET EXE VirusTotal Malware unpack itself Windows Remote Code Execution crashed 		2.8 M 25 ZeroCERT

8517 2023-12-11 15:25 Pfvtwoys.exe  

eeca722283938a812fd6670b34ec5e29


Hide_EXE .NET framework(MSIL) UPX PWS AntiDebug AntiVM PE File PE64 .NET EXE OS Processor Check VirusTotal Malware suspicious privilege MachineGuid Code Injection Check memory Checks debugger buffers extracted unpack itself Windows ComputerName Cryptographic key 		8.6 M 46 ZeroCERT

8518 2023-12-11 15:24 Nnyphhamc.exe  

7f5108b2158d537f11fd88886c1c047c


Hide_EXE UPX PE File PE64 OS Processor Check VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger unpack itself Windows DNS Cryptographic key 		1 5.8 M 47 ZeroCERT

8519 2023-12-11 15:23 Zocymkpxeu.exe  

b9922787936c8e2ed028b5bd652d7ee9


Create Service Socket Escalate priviledges PWS DNS persistence AntiDebug AntiVM PE File PE64 URL Format VirusTotal Malware AutoRuns suspicious privilege MachineGuid Code Injection Check memory Checks debugger buffers extracted ICMP traffic unpack itself malicious URLs Windows Cryptographic key 		1 7 1 12.4 M 49 ZeroCERT

8520 2023-12-11 15:23 Edbwgnrp.exe  

27b354807eeeeacddfeab9532165a5d8


Hide_EXE .NET framework(MSIL) UPX PWS AntiDebug AntiVM PE File PE64 .NET EXE OS Processor Check VirusTotal Malware suspicious privilege MachineGuid Code Injection Check memory Checks debugger buffers extracted unpack itself Windows Cryptographic key 		8.0 M 48 ZeroCERT

keyword