popup

Submissions

No Date Request Urls Hosts IDS Rule Score Zero VT Player Etc
8671 2021-06-08 13:29 file31.exe  

76c0ff15fb4bc456ed615f6227549ef1


PWS Loki[b] Loki[m] AgentTesla .NET framework Gen1 browser info stealer ScreenShot AntiDebug AntiVM PE File .NET EXE PE32 DLL OS Processor Check JPEG Format Browser Info Stealer Malware download FTP Client Info Stealer Vidar Arkei VirusTotal Email Client Info Stealer Malware Cryptocurrency wallets Cryptocurrency suspicious privilege MachineGuid Code Injection Malicious Traffic Check memory Checks debugger buffers extracted WMI Creates executable files unpack itself Windows utilities Collect installed applications suspicious process AppData folder malicious URLs sandbox evasion WriteConsoleW anti-virtualization installed browsers check Tofsee ArkeiStealer OskiStealer Stealer Windows Browser Email ComputerName DNS Software Password 		9 3 6 18.6 M 44 ZeroCERT

8672 2021-06-08 13:30 excel  

4024e3a79b01981ce7e8c42c8c815d30


PE File OS Processor Check PE32 VirusTotal Malware DNS 		2.0 M 33 ZeroCERT

8673 2021-06-08 13:32 setup.exe  

9490fb5373a092dd67ca4e5c1fb7d747


Emotet AsyncRAT backdoor Gen1 PE File PE32 PE64 DLL OS Processor Check Malware download VirusTotal Malware Check memory Checks debugger Creates executable files unpack itself AppData folder AntiVM_Disk VM Disk Size Check crashed Downloader 		1 2 1 3.6 M 2 ZeroCERT

8674 2021-06-08 13:33 JNB.exe  

5f4b0a0fc9e6d760a09f5b87826e6212


Generic Malware PE File PE32 VirusTotal Malware Check memory RWX flags setting unpack itself ComputerName 		1.8 M 14 ZeroCERT

8675 2021-06-08 13:36 HBN.exe  

0da7c74ea5d4521529b9c921529082b2


Generic Malware PE File PE32 VirusTotal Malware Check memory RWX flags setting unpack itself anti-virtualization ComputerName DNS 		3.0 M 13 ZeroCERT

8676 2021-06-08 13:36 file31.exe  

76c0ff15fb4bc456ed615f6227549ef1


PWS Loki[b] Loki[m] AgentTesla .NET framework Gen1 browser info stealer ScreenShot AntiDebug AntiVM PE File .NET EXE PE32 JPEG Format DLL OS Processor Check Browser Info Stealer Malware download FTP Client Info Stealer Vidar Arkei VirusTotal Email Client Info Stealer Malware Cryptocurrency wallets Cryptocurrency suspicious privilege MachineGuid Code Injection Malicious Traffic Check memory Checks debugger buffers extracted WMI Creates executable files unpack itself Windows utilities Collect installed applications suspicious process AppData folder malicious URLs sandbox evasion WriteConsoleW anti-virtualization installed browsers check Tofsee ArkeiStealer OskiStealer Stealer Windows Browser Email ComputerName DNS Software crashed Password 		9 3 6 18.8 M 44 ZeroCERT

8677 2021-06-08 13:37 br.exe  

1c85f40e4abe47f93982099c8d9753c1


AsyncRAT backdoor PWS .NET framework Anti_VM Malicious Library DGA DNS SMTP Socket Create Service Sniff Audio Escalate priviledges KeyLogger Code injection Internet API ScreenShot Downloader AntiDebug AntiVM PE File .NET EXE PE32 VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself Windows utilities suspicious process malicious URLs WriteConsoleW Windows ComputerName DNS Cryptographic key keylogger 		1 13.8 M 40 ZeroCERT

8678 2021-06-08 13:40 AAA.exe  

abdd03cef2d854d4caa2b633d633bfe1


Generic Malware PE File PE32 VirusTotal Malware Check memory RWX flags setting unpack itself anti-virtualization ComputerName DNS 		3.0 M 14 ZeroCERT

8679 2021-06-08 13:42 FNM.exe  

bde0289473fa5ed70ff343254bbb5c76


Generic Malware PE File PE32 VirusTotal Malware Check memory RWX flags setting unpack itself anti-virtualization ComputerName DNS 		3.2 M 22 ZeroCERT

8680 2021-06-08 13:42 EBN.exe  

cbca03f7d4b73b42caf9d613050dc414


Generic Malware PE File PE32 VirusTotal Malware Check memory RWX flags setting unpack itself anti-virtualization ComputerName 		2.4 M 12 ZeroCERT

8681 2021-06-08 16:03 RFL_0731_60_127.exe  

52757942734a95026f4499e2747f8007


SMTP KeyLogger AntiDebug AntiVM PE File .NET EXE PE32 Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware suspicious privilege Malicious Traffic Check memory Checks debugger unpack itself Check virtual network interfaces VMware IP Check Tofsee Windows Browser Email ComputerName DNS Cryptographic key DDNS Software crashed 		2 4 4 9.6 M 38 ZeroCERT

8682 2021-06-08 16:04 IMG_0001_205_60_37.exe  

c222dad25c8ba8ab2af48692ad261bcf


SMTP KeyLogger AntiDebug AntiVM PE File .NET EXE PE32 Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware suspicious privilege Malicious Traffic Check memory Checks debugger unpack itself Check virtual network interfaces VMware IP Check Tofsee Windows Browser Email ComputerName DNS Cryptographic key DDNS Software crashed 		2 4 4 10.2 M 36 ZeroCERT

8683 2021-06-08 16:06 spc  

0600368dd5cd4cf1fc90f41827518b29


AntiDebug AntiVM ELF VirusTotal Email Client Info Stealer Malware Code Injection Check memory Checks debugger unpack itself Browser Email 		3.8 M 29 ZeroCERT

8684 2021-06-08 16:06 BLI_0610_36_31.exe  

a8ad861ef6877f243bdfbb00ddf2f37b


SMTP KeyLogger AntiDebug AntiVM PE File .NET EXE PE32 Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware suspicious privilege Malicious Traffic Check memory Checks debugger unpack itself Check virtual network interfaces VMware IP Check Tofsee Windows Browser Email ComputerName DNS Cryptographic key DDNS Software crashed 		2 4 4 10.2 M 38 ZeroCERT

8685 2021-06-08 16:08 BLI_057702308.exe  

6f86775cd014c339e3c8b25563fd51d9


SMTP KeyLogger AntiDebug AntiVM PE File .NET EXE PE32 Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware suspicious privilege Malicious Traffic Check memory Checks debugger unpack itself Check virtual network interfaces VMware IP Check Tofsee Windows Browser Email ComputerName DNS Cryptographic key DDNS Software crashed 		2 4 4 9.6 M 36 ZeroCERT

keyword