Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Rule	Score	Zero	VT	Player
856	2024-08-19 15:51	66bdbedbc9eb9_ipfr.exe a14e062d5ddb947dd490cd3956c7de8a Generic Malware Malicious Library .NET framework(MSIL) UPX PE File .NET EXE PE32 OS Processor Check VirusTotal Malware Buffer PE PDB suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself					6.8	M	48	ZeroCERT

857	2024-08-19 15:50	66c1d07f53497_doz.exe#mene 24d5b262745b653d468c1dfdbaa2c754 Stealc Client SW User Data Stealer LokiBot ftp Client info stealer Malicious Library ASPack UPX Http API PWS HTTP Code injection Internet API AntiDebug AntiVM PE File .NET EXE PE32 OS Processor Check FTP Client Info Stealer VirusTotal Malware Telegram PDB suspicious privilege MachineGuid Code Injection Malicious Traffic Check memory Checks debugger buffers extracted WMI unpack itself Windows utilities Collect installed applications suspicious process malicious URLs sandbox evasion WriteConsoleW anti-virtualization installed browsers check Tofsee Windows Browser ComputerName DNS Software	2 Keyword trend analysis	5	3	1	16.0	M	16	ZeroCERT

858	2024-08-19 15:47	66bdd24d2ac1b_uninstaller.exe fdf999d19df6b5c6a03bdbe1990347b3 Generic Malware Malicious Library UPX PE File ftp PE32 OS Processor Check VirusTotal Malware Remote Code Execution					0.8	M	19	ZeroCERT

859	2024-08-19 15:45	POS_C091.exe 4542643b447f61d5b323ccb555eec06c Malicious Library Admin Tool (Sysinternals etc ...) UPX PE File DllRegisterServer dll PE32 MZP Format VirusTotal Malware unpack itself crashed					1.8	M	9	ZeroCERT

860	2024-08-19 15:44	66c1c5838f95f_file1808.exe#fil... 006edf0ac466164ddc9e0ac56474fe0a Suspicious_Script_Bin Malicious Library Socket DGA Http API ScreenShot PWS DNS Internet API AntiDebug AntiVM PE File PE32 Malware download VirusTotal Malware Microsoft AutoRuns Code Injection Checks debugger buffers extracted unpack itself malicious URLs Tofsee Windows ComputerName DNS	2 Keyword trend analysis	4	6 Info ET INFO Observed External IP Lookup Domain (api .2ip .ua in TLS SNI) SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) ET POLICY External IP Address Lookup DNS Query (2ip .ua) ET USER_AGENTS Suspicious User Agent (Microsoft Internet Explorer) ET MALWARE Win32/Filecoder.STOP Variant Request for Public Key ET MALWARE Win32/Filecoder.STOP Variant Public Key Download	1	9.8	M	26	ZeroCERT

861	2024-08-19 15:40	TMS_C024.exe b8df4ec39884a6248d88482299a55744 Malicious Library UPX PE File DllRegisterServer dll PE32 MZP Format VirusTotal Malware unpack itself crashed					1.8	M	9	ZeroCERT

862	2024-08-19 15:38	wednesdayfileequitossMPDW-cons... 97ee32367c563f106c50974bca88a375 Generic Malware Antivirus Hide_URL PowerShell VirusTotal Malware powershell suspicious privilege Check memory Checks debugger Creates shortcut unpack itself Check virtual network interfaces suspicious process WriteConsoleW Tofsee Windows ComputerName Cryptographic key	1 Keyword trend analysis	2	1		7.6	M	4	ZeroCERT

863	2024-08-19 15:36	NVIDIAShare.exe b17292cfd59a608662ae9e63a9a799fd Generic Malware Malicious Library UPX Downloader PE File PE32 OS Processor Check PE64 VirusTotal Malware AutoRuns PDB Creates executable files AppData folder Tofsee Windows Remote Code Execution	1 Keyword trend analysis	2	1		3.6	M	54	ZeroCERT

864	2024-08-19 15:34	wordup.exe 6b3b47c27c01e8f45f6d0f6aa509315c CoinMiner AutoIt Generic Malware UPX PE File PE32 VirusTotal Malware Check memory Checks debugger					2.6	M	62	ZeroCERT

865	2024-08-19 15:32	POS_C010.exe c27b1550edae5ab1b33a3b4a0b823a93 Malicious Library UPX PE File ftp DllRegisterServer dll PE32 MZP Format OS Processor Check VirusTotal Malware Check memory unpack itself Detects VirtualBox Check virtual network interfaces AntiVM_Disk sandbox evasion anti-virtualization VM Disk Size Check human activity check ComputerName crashed					5.4	M	12	ZeroCERT

866	2024-08-19 15:29	wzoptini.exe e4eff021485fd9e7050c2beebc30a376 Generic Malware UPX PE File PE32 VirusTotal Malware Checks debugger					2.2	M	43	ZeroCERT

867	2024-08-19 15:27	POS_C088.exe d33adff25e4c94c97c77ad6e9954a5bc Malicious Library Admin Tool (Sysinternals etc ...) UPX PE File DllRegisterServer dll PE32 MZP Format VirusTotal Malware unpack itself crashed					2.0	M	10	ZeroCERT

868	2024-08-19 15:26	TMS_C009.exe 36c9de5666a5ef5b6f7a27f23538f5bb Malicious Library UPX PE File DllRegisterServer dll PE32 MZP Format VirusTotal Malware unpack itself crashed					1.8	M	10	ZeroCERT

869	2024-08-19 15:26	imjp14k.dll 4fa897798a9028ea4f8dad8f8da5dc63 Malicious Library UPX PE File DLL PE32 OS Processor Check VirusTotal Malware					1.2	M	49	ZeroCERT

870	2024-08-19 15:25	POS_C018.exe 4a4725aeec3719c349392b5dd8f01d14 Malicious Library UPX PE File DllRegisterServer dll PE32 MZP Format VirusTotal Malware unpack itself crashed					2.0	M	12	ZeroCERT