Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Score	Zero	VT	Player
8551	2023-12-06 12:23	LjYLHSho7Xgoi1P.exe 77e7f5ee129d7a0eb6a063c6700083f6 AgentTesla .NET framework(MSIL) PWS SMTP KeyLogger AntiDebug AntiVM PE32 PE File .NET EXE Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware AutoRuns PDB suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted unpack itself Check virtual network interfaces IP Check Tofsee Windows Browser Email ComputerName DNS Software crashed keylogger	1 Keyword trend analysis	4	5	15.4	M	46	ZeroCERT

8552	2023-12-06 12:21	autorun.exe 292eeb275937dbfc806df2b169cf61e6 Malicious Library Malicious Packer UPX PE32 PE File OS Processor Check Browser Info Stealer RedLine Malware download FTP Client Info Stealer VirusTotal Malware Microsoft suspicious privilege Check memory Checks debugger buffers extracted WMI unpack itself Collect installed applications installed browsers check Stealer Windows Browser ComputerName DNS Cryptographic key Software crashed		2	5 Info ET INFO Microsoft net.tcp Connection Initialization Activity ET MALWARE Redline Stealer TCP CnC Activity ET MALWARE [ANY.RUN] RedLine Stealer Family Related (MC-NMF Authorization) ET MALWARE Redline Stealer TCP CnC - Id1Response ET MALWARE Redline Stealer Family Activity (Response)	7.2	M	34	ZeroCERT

8553	2023-12-06 12:20	reverse.exe cedc316a75f461facb72511004041ebe Meterpreter PE File PE64 VirusTotal Malware DNS crashed		1		3.6	M	61	ZeroCERT

8554	2023-12-06 12:20	chromepass.exe 83deabd1a3d271493c2084cb2cc0b975 Gen1 Malicious Library UPX Anti_VM PE File PE64 OS Processor Check DLL ZIP Format ftp VirusTotal Malware Check memory Creates executable files				2.2	M	32	ZeroCERT

8555	2023-12-06 12:19	obizx.exe 12f10d15b25ffad6e27f76029516058a AgentTesla PWS SMTP KeyLogger AntiDebug AntiVM PE32 PE File .NET EXE Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware PDB suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself Check virtual network interfaces Tofsee Browser Email ComputerName Software crashed		2	2	13.0	M	43	ZeroCERT

8556	2023-12-06 12:18	clip64.dll 92adfbe29d3ddd3afe816ca7e6f183bb Amadey Malicious Library UPX PE32 PE File DLL OS Processor Check VirusTotal Malware Malicious Traffic Checks debugger unpack itself DNS	2 Keyword trend analysis	4		3.6	M	49	ZeroCERT

8557	2023-12-06 12:17	microsofttoldemetheywanttodele... 08568b90661f80313579e0c16c2737f0 MS_RTF_Obfuscation_Objects RTF File doc PE32 PE File .NET EXE Malware download Malware Malicious Traffic RWX flags setting exploit crash AppData folder Windows Exploit DNS crashed	1 Keyword trend analysis	1	5 Info ET INFO Executable Download from dotted-quad Host ET MALWARE Likely Evil EXE download from dotted Quad by MSXMLHTTP M1 ET POLICY PE EXE or DLL Windows file download HTTP ET MALWARE Likely Evil EXE download from dotted Quad by MSXMLHTTP M2 ET HUNTING SUSPICIOUS Dotted Quad Host MZ Response	3.6	M		ZeroCERT

8558	2023-12-06 12:15	runscript.ps1 c6b2f70cc5d512b714eca9c9cedb523b Generic Malware Antivirus PowerShell VirusTotal Malware powershell suspicious privilege Malicious Traffic Check memory Checks debugger WMI Creates shortcut unpack itself Windows utilities powershell.exe wrote Check virtual network interfaces suspicious process WriteConsoleW Windows ComputerName DNS Cryptographic key	2 Keyword trend analysis	1	1	10.0		12	ZeroCERT

8559	2023-12-06 12:15	Booking_Information.exe f78c97a1a066952e9b277770e9150efa UPX AntiDebug AntiVM PE32 PE File .NET EXE Browser Info Stealer VirusTotal Malware suspicious privilege MachineGuid Code Injection Check memory Checks debugger buffers extracted Creates executable files unpack itself installed browsers check Windows Browser ComputerName DNS Cryptographic key		1		12.4	M	50	ZeroCERT

8560	2023-12-06 12:12	p.ps1 3dc32f74db9c2b56bca483d6e56316be Generic Malware Antivirus powershell Check memory unpack itself Windows utilities powershell.exe wrote Check virtual network interfaces WriteConsoleW Tofsee Windows Gmail ComputerName Cryptographic key		2	2	6.8			ZeroCERT

8561	2023-12-06 12:10	microsoftdeletedentirehistoryc... 20c6385491d543c1e42804b5b7c72eaf MS_RTF_Obfuscation_Objects RTF File doc VirusTotal Malware Malicious Traffic RWX flags setting exploit crash Exploit DNS crashed	1 Keyword trend analysis	1	1	4.2	M	33	ZeroCERT

8562	2023-12-06 12:09	Wraub.exe 249fa2a560a2a8e1ae5a6b114e31afb2 .NET framework(MSIL) PE32 PE File .NET EXE VirusTotal Malware AutoRuns suspicious privilege Code Injection Check memory Checks debugger unpack itself Windows Cryptographic key				7.4		54	ZeroCERT

8563	2023-12-05 08:21	Posh_v2_dropper_migrate_x86.ex... 96ddbe7ae5e33743408cf2cc5b9082b6 Hide_EXE Malicious Library Malicious Packer UPX PE32 PE File OS Processor Check VirusTotal Malware Code Injection Checks debugger buffers extracted unpack itself Windows utilities WriteConsoleW Windows				3.4	M	44	ZeroCERT

8564	2023-12-05 08:19	SOFT_KNITTING.exe 07db05ee98e9284a52f767b6410acdd7 Malicious Packer UPX PE File PE64 VirusTotal Malware Checks debugger DNS		1		4.4	M	51	ZeroCERT

8565	2023-12-05 08:17	PBindSharp_v4_dropper_x86.exe 11bbccb66e1eb21038ba8ee73cf873c4 Hide_EXE Malicious Library Malicious Packer UPX PE32 PE File OS Processor Check VirusTotal Malware Code Injection Check memory Checks debugger buffers extracted unpack itself				3.6	M	46	ZeroCERT