Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Rule	Score	Zero	VT	Player
8806	2021-06-12 12:44	e.exe ab6993ce2614fdcdc6909b4a4d9d7be1 DNS Socket BitCoin AntiDebug AntiVM PE File PE64 VirusTotal Malware AutoRuns suspicious privilege MachineGuid Code Injection Check memory Checks debugger buffers extracted Creates executable files unpack itself Windows utilities suspicious process malicious URLs WriteConsoleW Windows ComputerName DNS					13.0	M	44	ZeroCERT

8807	2021-06-12 12:52	QC1qw1AMUImsIa4h.jpg 812d7a22b508c5ccb39dd31d42a5e378						M	3	ZeroCERT

8808	2021-06-12 12:53	YzpQk9uwWaFBYCye.jpg 8994c81cf4128ca3605ae763a4c83d6e VirusTotal Malware					0.4	M	2	ZeroCERT

8809	2021-06-12 12:53	Lovebirds_2021-06-10_19-23.exe 2b862c6350557bc32519e55f14a1e3a7 Generic Malware Malicious Packer PE File OS Processor Check PE32 VirusTotal Malware PDB unpack itself Windows crashed					3.0	M	46	ZeroCERT

8810	2021-06-12 12:53	VinDiesel.exe e6b7b89f79f7ab9eab16b2120a6b7a80 AsyncRAT backdoor PWS .NET framework PE File .NET EXE OS Processor Check PE32 Browser Info Stealer VirusTotal Malware suspicious privilege Malicious Traffic Check memory Checks debugger buffers extracted unpack itself Collect installed applications Check virtual network interfaces installed browsers check Tofsee Windows Browser ComputerName Remote Code Execution DNS Cryptographic key crashed	2 Keyword trend analysis	4	1		7.6	M	19	ZeroCERT

8811	2021-06-12 12:53	hBKKvc5PYJSJ.exe ea64fb745ef58010d1b9d7ac80f221d0 PWS .NET framework BitCoin AntiDebug AntiVM PE File .NET EXE PE32 Browser Info Stealer FTP Client Info Stealer VirusTotal Malware PDB suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted unpack itself Collect installed applications Check virtual network interfaces installed browsers check Tofsee Windows Browser ComputerName DNS Cryptographic key Software crashed	2 Keyword trend analysis	3	2		10.6	M	32	ZeroCERT

8812	2021-06-12 12:55	ASDFG345SD45ASD.exe b5113d839a4752d320b02ef4f5846523 PE File OS Processor Check PE32 VirusTotal Malware Check memory unpack itself Remote Code Execution DNS					3.2	M	53	ZeroCERT

8813	2021-06-12 12:55	regasm.exe 280b2702d12137e28f9807dee5a02445 loki bot PWS Loki[b] Loki[m] AsyncRAT backdoor .NET framework Malicious Library DNS Socket AntiDebug AntiVM PE File .NET EXE PE32 Browser Info Stealer LokiBot Malware download FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware c&c PDB suspicious privilege MachineGuid Code Injection Malicious Traffic Check memory Checks debugger buffers extracted unpack itself malicious URLs installed browsers check Browser Email ComputerName Software	1 Keyword trend analysis	2	7 Info ET MALWARE LokiBot User-Agent (Charon/Inferno) ET MALWARE LokiBot Checkin ET MALWARE LokiBot Application/Credential Data Exfiltration Detected M1 ET MALWARE LokiBot Application/Credential Data Exfiltration Detected M2 ET MALWARE LokiBot Request for C2 Commands Detected M1 ET MALWARE LokiBot Request for C2 Commands Detected M2 ET MALWARE LokiBot Fake 404 Response	1	13.2	M	30	ZeroCERT

8814	2021-06-12 12:56	oCs.txt.html 57ae0fd6b13d1be4fdc0e1171a9ea4d8 VBScript PowerShell Obfuscated File Antivirus AntiDebug AntiVM VirusTotal Malware powershell suspicious privilege MachineGuid Code Injection Check memory Checks debugger Creates shortcut unpack itself Windows utilities powershell.exe wrote suspicious process Windows ComputerName DNS Cryptographic key	1 Keyword trend analysis	1			6.8	M	16	ZeroCERT

8815	2021-06-12 12:57	10_6_r_net.exe 8cd51c4ba5a61fec3157fd7480ae4aae AsyncRAT backdoor PWS .NET framework BitCoin AntiDebug AntiVM PE File .NET EXE PE32 VirusTotal Malware Code Injection Malicious Traffic Check memory Checks debugger buffers extracted unpack itself Check virtual network interfaces Tofsee Windows Cryptographic key	1 Keyword trend analysis	3	1		8.0	M	32	ZeroCERT

8816	2021-06-12 12:59	ner.exe 4e99138abad19c9cba519e39083831c5 Generic Malware Malicious Packer PE File OS Processor Check PE32 VirusTotal Malware PDB unpack itself Windows DNS crashed					3.4	M	38	ZeroCERT

8817	2021-06-12 13:00	rfl_01098752.exe d2a8ef4a18e3c6dc377daf765b37a9ca AsyncRAT backdoor AntiDebug AntiVM PE File .NET EXE PE32 FormBook Malware download VirusTotal Malware suspicious privilege Malicious Traffic unpack itself	1 Keyword trend analysis	2	1		3.4	M	39	ZeroCERT

8818	2021-06-12 13:01	saawwrr.exe 768c83fe9d356c8da442fbe5f074346c PWS .NET framework PE File .NET EXE PE32 VirusTotal Malware suspicious privilege MachineGuid Check memory Checks debugger unpack itself Windows DNS Cryptographic key DDNS		2	1		3.8	M	47	ZeroCERT

8819	2021-06-12 13:05	mainplg.exe d86922868602b785f595f06a0fe875bf PE File PE64 VirusTotal Malware MachineGuid Check memory Checks debugger unpack itself DNS					3.2	M	40	ZeroCERT

8820	2021-06-12 13:05	YzpQk9uwWaFBYCye.jpg 8994c81cf4128ca3605ae763a4c83d6e Antivirus VirusTotal Malware Check memory unpack itself WriteConsoleW Windows Cryptographic key					1.4	M	2	ZeroCERT