Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Score	Zero	VT	Player
8776	2021-06-11 12:26	ruzzzki.exe cbb62490f144ce119dcbe5d1ef7f4ff6 AsyncRAT backdoor PWS .NET framework PE File .NET EXE OS Processor Check PE32 Browser Info Stealer FTP Client Info Stealer VirusTotal Malware suspicious privilege Malicious Traffic Check memory Checks debugger buffers extracted unpack itself Collect installed applications Check virtual network interfaces installed browsers check Tofsee Windows Browser ComputerName Remote Code Execution DNS Cryptographic key Software crashed	2 Keyword trend analysis	5	2	8.4	M	39	ZeroCERT

8777	2021-06-11 12:28	MATiXBR.exe 53eb52950fafc1d73f38e6cc298dca5f PE File OS Processor Check PE32 VirusTotal Malware suspicious privilege unpack itself Windows DNS keylogger		1		6.8	M	54	ZeroCERT

8778	2021-06-11 12:28	Vlcplayer.exe 6b2715b3c6ce4879c41ea44a261bbdd0 AgentTesla Malicious Library DGA DNS Socket Create Service Sniff Audio HTTP Escalate priviledges KeyLogger FTP Hijack Network Code injection Http API Internet API Steal credential ScreenShot Downloader P2P persistence AntiDebug AntiVM PE File PE32 OS Proc VirusTotal Malware Buffer PE AutoRuns Code Injection Malicious Traffic Check memory Checks debugger buffers extracted Creates executable files unpack itself Windows utilities suspicious process AppData folder malicious URLs AntiVM_Disk sandbox evasion WriteConsoleW VM Disk Size Check Tofsee Windows ComputerName DNS crashed	2 Keyword trend analysis	4	3	15.0	M	16	ZeroCERT

8779	2021-06-11 12:30	main.exe 94d266e338b8c8b9ea84cd9c03439032 AntiDebug AntiVM PE File .NET EXE PE32 VirusTotal Malware suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted WMI unpack itself Check virtual network interfaces ComputerName Firmware crashed	2 Keyword trend analysis	2	1	12.0	M	45	ZeroCERT

8780	2021-06-11 12:30	HAiL.exe 90b78dd5da157605f08463bffa996219 AsyncRAT backdoor PE File .NET EXE PE32 VirusTotal Malware MachineGuid Malicious Traffic Check memory Checks debugger unpack itself Check virtual network interfaces DNS	1 Keyword trend analysis	2		4.6	M	47	ZeroCERT

8781	2021-06-11 12:30	miner.bin 9559bcadf47a53f861b8fc7769a5ba9f Malicious Packer PE File .NET EXE PE32 VirusTotal Malware PDB				1.2	M	36	ZeroCERT

8782	2021-06-11 12:32	vbc.exe 6c425cf25da766d3d98597a9be4e7300 PE File PE32 DLL Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware suspicious privilege Check memory Checks debugger Creates executable files unpack itself AppData folder sandbox evasion Windows Browser Email ComputerName Cryptographic key Software crashed				7.2	M	16	ZeroCERT

8783	2021-06-11 12:32	research-453468889.xlsm 11465058b522cd71f419238bd897a2f1 Creates executable files unpack itself suspicious process Tofsee DNS	2 Keyword trend analysis	5	5	4.8			guest

8784	2021-06-11 12:34	research-454358124.xlsm c37e6721c280cfd1623479232567f16e Creates executable files unpack itself suspicious process Tofsee DNS	2 Keyword trend analysis	4	5	3.2			guest

8785	2021-06-11 12:36	DiSCOFi.exe 74043ea9857ed1b12d551357ed3b5ca3 AsyncRAT backdoor PWS .NET framework PE File .NET EXE PE32 VirusTotal Malware MachineGuid Check memory Checks debugger Creates executable files unpack itself AppData folder ComputerName				5.2	M	52	ZeroCERT

8786	2021-06-11 12:42	ConsoleApp4.exe c4050e6bdd335e319ca7b848d53b9108 AsyncRAT backdoor Code injection AntiDebug AntiVM PE File .NET EXE OS Processor Check PE32 VirusTotal Malware AutoRuns MachineGuid Check memory Creates executable files unpack itself Windows utilities suspicious process AppData folder WriteConsoleW Tofsee Windows ComputerName crashed	1 Keyword trend analysis	3	2	10.4	M	50	ZeroCERT

8787	2021-06-11 12:52	p.exe a2fd68fa16fa572100cc5c7f9ec6af5a PE File .NET EXE PE32 VirusTotal Malware AutoRuns suspicious privilege MachineGuid Check memory Checks debugger WMI unpack itself Windows utilities Check virtual network interfaces suspicious process AppData folder WriteConsoleW Tofsee Windows ComputerName Firmware DNS crashed	1 Keyword trend analysis	4	3	8.0	M	33	ZeroCERT

8788	2021-06-11 12:55	t.exe 27cbe7dd25fcf34f9fdf55db0c55b1a4 PE File .NET EXE PE32 VirusTotal Malware AutoRuns suspicious privilege MachineGuid Check memory Checks debugger WMI unpack itself Windows utilities Check virtual network interfaces suspicious process AppData folder WriteConsoleW Tofsee Windows ComputerName Firmware DNS crashed	2 Keyword trend analysis Info http://redirector.gvt1.com/edgedl/release2/update2/AIUdiWYcaIvMz1IBNCM0PPo_1.3.36.82/GoogleUpdateSetup.exe http://r2---sn-3u-bh2z7.gvt1.com/edgedl/release2/update2/AIUdiWYcaIvMz1IBNCM0PPo_1.3.36.82/GoogleUpdateSetup.exe?cms_redirect=yes&mh=ms&mip=175.208.134.150&mm=28&mn=sn-3u-bh2z7&ms=nvh&mt=1623379959&mv=u&mvi=2&pl=18&rmhost=r6---sn-3u-bh2z7.gvt1.com&shardbypass=yes&smhost=r6---sn-3u-bh2sy.gvt1.com	4	5	8.0	M	37	ZeroCERT

8789	2021-06-11 13:04	research-454091161.xlsm 6f59d4e021f3792927f8260947c5e422 Creates executable files unpack itself suspicious process Tofsee DNS	2 Keyword trend analysis	4	5	3.8			guest

8790	2021-06-11 13:12	research-465435183.xlsm 15974008521b37da4005366256485d1a Creates executable files unpack itself suspicious process Tofsee DNS	2 Keyword trend analysis	4	5	3.8			guest