Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Rule	Score	Zero	VT	Player
8731	2023-09-11 10:28	Information about the reservat... c932efa508ef39e723186177a7a885f7 Malicious Library UPX Malicious Packer Antivirus PE File PE32 OS Processor Check VirusTotal Malware PDB Check memory Tofsee Remote Code Execution		2	2		2.4		38	ZeroCERT

8732	2023-09-11 10:11	Data.exe d5d7a26c2873753cd0d51750442a5a3b Malicious Library PE File PE64 VirusTotal Malware Check memory Checks debugger unpack itself					1.8	M	18	ZeroCERT

8733	2023-09-11 10:11	new.exe 0850a7c711fb74cccfb476eeae54cb44 Malicious Library PE File PE64 VirusTotal Malware MachineGuid Check memory Checks debugger unpack itself					2.2	M	27	ZeroCERT

8734	2023-09-11 10:08	19flbanzy.exe 8e907c9833ee773ec37975c493b8b159 Malicious Library UPX PWS SMTP AntiDebug AntiVM PE File PE32 OS Processor Check Browser Info Stealer RedLine Malware download FTP Client Info Stealer VirusTotal Malware Microsoft Buffer PE suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself Collect installed applications installed browsers check Stealer Windows Browser ComputerName DNS Cryptographic key Software crashed		1	4		11.0	M	47	ZeroCERT

8735	2023-09-11 09:51	UM.exe 83ac976bad443e25d5c1e54092e348b7 Malicious Library PE File PE64 VirusTotal Malware Check memory Checks debugger unpack itself					1.8	M	14	ZeroCERT

8736	2023-09-11 09:49	Saturn.exe f995aec459fa35d48bff3d5b7530d1b1 RedLine Infostealer RedLine stealer UPX .NET framework(MSIL) Confuser .NET PE File .NET EXE PE32 OS Processor Check VirusTotal Malware Check memory Checks debugger unpack itself Windows DNS Cryptographic key		1			3.8	M	52	ZeroCERT

8737	2023-09-11 09:47	build.exe 8669fe397a7225ede807202f6a9d8390 RedLine Infostealer RedLine stealer UPX .NET framework(MSIL) Confuser .NET PE File .NET EXE PE32 OS Processor Check Browser Info Stealer RedLine Malware download VirusTotal Malware Microsoft suspicious privilege Malicious Traffic Check memory Checks debugger buffers extracted unpack itself Collect installed applications Check virtual network interfaces installed browsers check Tofsee Stealer Windows Browser ComputerName DNS Cryptographic key crashed	1 Keyword trend analysis	3	3		6.6	M	36	ZeroCERT

8738	2023-09-11 09:47	GTA5CheatMenu.exe 02c02920de30db7f8852973ec8bdfedd PE File PE64 VirusTotal Malware Buffer PE suspicious privilege Check memory Checks debugger buffers extracted unpack itself					3.2	M	15	ZeroCERT

8739	2023-09-11 08:08	QmapmAFtEUjYUodvdxV63DhsGuLq96... bca408ca8e4a4d10c877744bfb58b43f PE File PE64 crashed					1.0	M		ZeroCERT

8740	2023-09-11 08:06	fotod345.exe 260a110f878a0e0d2531aa2de6e773d7 Gen1 Emotet Malicious Library UPX CAB PE File PE32 Browser Info Stealer RedLine Malware download FTP Client Info Stealer Malware Microsoft AutoRuns PDB suspicious privilege Malicious Traffic Check memory Checks debugger WMI Creates executable files unpack itself Collect installed applications AntiVM_Disk VM Disk Size Check installed browsers check Stealc Stealer Windows Browser ComputerName Remote Code Execution DNS Cryptographic key Software crashed	1 Keyword trend analysis	2	7 Info ET MALWARE [ANY.RUN] Win32/Stealc Checkin (POST) ET HUNTING GENERIC SUSPICIOUS POST to Dotted Quad with Fake Browser 1 ET INFO Microsoft net.tcp Connection Initialization Activity ET MALWARE Redline Stealer TCP CnC Activity ET MALWARE [ANY.RUN] RedLine Stealer Related (MC-NMF Authorization) ET MALWARE Redline Stealer TCP CnC - Id1Response ET MALWARE Redline Stealer Activity (Response)	1	9.0	M		ZeroCERT

8741	2023-09-11 08:04	foto3450.exe a6ce44f4650202d7016f5a23cf0bc447 Gen1 Emotet Browser Login Data Stealer RedLine Infostealer RedLine stealer Malicious Library UPX .NET framework(MSIL) Confuser .NET CAB PE File PE32 .NET EXE OS Processor Check Browser Info Stealer RedLine Malware download FTP Client Info Stealer Malware Microsoft AutoRuns PDB suspicious privilege Malicious Traffic Check memory Checks debugger WMI Creates executable files unpack itself Windows utilities Collect installed applications suspicious process AppData folder AntiVM_Disk WriteConsoleW VM Disk Size Check installed browsers check Stealc Stealer Windows Browser ComputerName Remote Code Execution DNS Cryptographic key Software crashed	1 Keyword trend analysis	2	7 Info ET INFO Microsoft net.tcp Connection Initialization Activity ET MALWARE Redline Stealer TCP CnC Activity ET MALWARE [ANY.RUN] RedLine Stealer Related (MC-NMF Authorization) ET MALWARE Redline Stealer TCP CnC - Id1Response ET MALWARE Redline Stealer Activity (Response) ET MALWARE [ANY.RUN] Win32/Stealc Checkin (POST) ET HUNTING GENERIC SUSPICIOUS POST to Dotted Quad with Fake Browser 1	1	11.2	M		ZeroCERT

8742	2023-09-11 08:01	xk555wjbvnhf3f.exe 1a18fc4db3affaacf43f4022df7a2c32 Malicious Library UPX PWS SMTP AntiDebug AntiVM PE File PE32 OS Processor Check Browser Info Stealer RedLine Malware download FTP Client Info Stealer Malware Microsoft Buffer PE PDB suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself Collect installed applications installed browsers check Stealer Windows Browser ComputerName DNS Cryptographic key Software crashed		1	4		10.0	M		ZeroCERT

8743	2023-09-11 08:00	jfdgdfg.exe 2d54c50c74f1c1517fe00cc167f199da Malicious Library PE File PE32 PDB					0.6	M		ZeroCERT

8744	2023-09-10 17:08	clp8.exe 97325593f51f6ac58bfd2983c98da85e PE File PE32 VirusTotal Malware Checks debugger					2.2	M	35	ZeroCERT

8745	2023-09-10 17:06	Chrome.exe 43e176e16444079c82e2446f0870d1e1 Malicious Library UPX Malicious Packer PE File PE64 VirusTotal Malware					1.8	M	19	ZeroCERT