Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Score	Zero	VT	Player
8851	2021-06-14 12:26	pcprotect.exe b3dba69bba89f7d4d0e37c56b6628a2d AntiDebug AntiVM PE File .NET EXE PE32 VirusTotal Malware PDB Code Injection Check memory Checks debugger buffers extracted unpack itself Windows Cryptographic key				7.8	M	27	ZeroCERT

8852	2021-06-14 12:28	wservvi.exe 463ceb2526abe326f2b8de4a3c55665a SMTP KeyLogger AntiDebug AntiVM PE File .NET EXE PE32 VirusTotal Malware PDB suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself Windows ComputerName Cryptographic key crashed				10.6	M	48	ZeroCERT

8853	2021-06-14 12:31	wservvices.exe d6178a9f8e0ed153c4c7ba01c3c3cc04 AntiDebug AntiVM PE File .NET EXE PE32 FormBook Malware download VirusTotal Malware PDB suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted unpack itself Windows Cryptographic key	8 Keyword trend analysis Info http://www.honeyconstructionmanagement.com/nins/ http://www.honeyconstructionmanagement.com/nins/?-Z2hixI=CSWtjiA3M4Ppphzb667aytU67ye1qjUBytc/hIDoPKj99jS+Gi3ipZziH4f+L6iuPCDPLB6v&2d=lnxdA http://www.bumper-magnets.com/nins/ http://www.affordableseo.club/nins/?-Z2hixI=tFBDvCtUe0HD/ccO5m2h8i1eXF+4FBg+pflDmOOzodHkSX9ZExNm31cipdmsfkKR5q5qsDfz&2d=lnxdA http://www.linuxtechusa.com/nins/?-Z2hixI=lvQAqEWEGQZsqKrkw4k0D9t5C5CuIZEQ9GgBn8Dl3JCy+ly5g/eG5ltKGFug6d/EXI0b/st3&2d=lnxdA http://www.linuxtechusa.com/nins/ http://www.affordableseo.club/nins/ http://www.bumper-magnets.com/nins/?-Z2hixI=o+Ciev9HZtjEJkjICMnTDJ8wZDwJggFHFW/9USXD8me35A+IBe7sDmwR8hqgCZZCZv6hsDyw&2d=lnxdA	11 Info www.sonofmanbusiness.com() www.sarahdewald.com() www.linuxtechusa.com(34.208.62.71) www.modernish.net() www.bumper-magnets.com(34.102.136.180) www.affordableseo.club(198.54.117.212) www.honeyconstructionmanagement.com(158.85.87.76) 158.85.87.76 198.54.117.215 - mailcious 34.102.136.180 - mailcious 34.208.62.71	1	9.2	M	49	ZeroCERT

8854	2021-06-14 12:35	file3.exe 89bc30347b1d6eb8d04fad715c08551a PE File OS Processor Check PE32 VirusTotal Malware PDB unpack itself Windows DNS crashed				3.6	M	42	ZeroCERT

8855	2021-06-14 12:35	winhost.exe a06f7662b29f5e3e2831cb96fa1db1d1 PE File .NET EXE PE32 PE64 OS Processor Check Malware download VirusTotal Cryptocurrency Miner Malware Cryptocurrency PDB suspicious privilege Malicious Traffic Check memory Checks debugger buffers extracted Creates executable files unpack itself Auto service Check virtual network interfaces suspicious process WriteConsoleW Windows ComputerName Firmware DNS Downloader	2 Keyword trend analysis	3	7 Info ET INFO Executable Download from dotted-quad Host ET POLICY PE EXE or DLL Windows file download HTTP ET INFO Executable Retrieved With Minimal HTTP Headers - Potential Second Stage Download ET HUNTING SUSPICIOUS Dotted Quad Host MZ Response ET MALWARE Terse alphanumeric executable downloader high likelihood of being hostile ET INFO Packed Executable Download ET POLICY Cryptocurrency Miner Checkin	8.4	M	31	ZeroCERT

8856	2021-06-14 12:37	Serwices.exe cf1048a8362b93b9cdf47260b50d8f37 PE File .NET EXE PE32 VirusTotal Malware PDB Check memory Checks debugger unpack itself Windows ComputerName Cryptographic key				3.0	M	47	ZeroCERT

8857	2021-06-14 12:37	ExcelViewer.exe c34157e025416d3ddf0a8610fa2e8b98 PE File PE32 VirusTotal Malware buffers extracted RWX flags setting unpack itself Windows DNS crashed				4.2	M	54	ZeroCERT

8858	2021-06-14 12:46	file2.exe 4241050f14e102c015beb4f4d83fd280 AsyncRAT backdoor PWS .NET framework BitCoin SMTP AntiDebug AntiVM PE File .NET EXE PE32 Browser Info Stealer VirusTotal Malware suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted unpack itself Collect installed applications Check virtual network interfaces installed browsers check Tofsee Windows Browser ComputerName DNS Cryptographic key crashed	2 Keyword trend analysis	4	2	11.4	M	31	ZeroCERT

8859	2021-06-14 13:53	winApps.exe 652432d0bf1de80adceb2aa54cc9bb3e SMTP KeyLogger AntiDebug AntiVM PE File .NET EXE PE32 VirusTotal Malware PDB suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself Windows ComputerName Cryptographic key crashed				9.6	M	45	ZeroCERT

8860	2021-06-14 13:53	csgo%20cheat%20new%2001062021.... b97b650ca091ac961cf92c1a071d5625 PE File PE32 VirusTotal Malware AutoRuns Check memory unpack itself sandbox evasion Windows Browser ComputerName DNS				5.4	M	59	ZeroCERT

8861	2021-06-14 13:53	file5.exe 70f6123b6995f9eed0912e66f9941e9a AsyncRAT backdoor PWS .NET framework BitCoin SMTP AntiDebug AntiVM PE File .NET EXE OS Processor Check PE32 Browser Info Stealer FTP Client Info Stealer VirusTotal Malware suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted unpack itself Collect installed applications Check virtual network interfaces installed browsers check Tofsee Windows Browser ComputerName DNS Cryptographic key Software crashed	2 Keyword trend analysis	3	2	11.2	M	19	ZeroCERT

8862	2021-06-14 13:55	file4.exe 31199e1618a3b8ede668281f4f199b9f AsyncRAT backdoor PWS .NET framework PE File .NET EXE OS Processor Check PE32 Browser Info Stealer VirusTotal Malware suspicious privilege Malicious Traffic Check memory Checks debugger buffers extracted unpack itself Collect installed applications Check virtual network interfaces installed browsers check Tofsee Windows Browser ComputerName Remote Code Execution Cryptographic key crashed	2 Keyword trend analysis	4	1	7.4	M	30	ZeroCERT

8863	2021-06-14 13:55	NewRat.exe 23ff29e277ce2e65001613c8f79f96dd Antivirus PE File OS Processor Check PE32 VirusTotal Malware AutoRuns suspicious privilege Creates executable files unpack itself AppData folder Windows DNS crashed		1		6.2	M	61	ZeroCERT

8864	2021-06-14 13:57	bmw.exe ddbd2fbf64d65e696766e90e21c2a632 PE File OS Processor Check PE32 VirusTotal Malware PDB unpack itself Windows crashed				2.6		22	ZeroCERT

8865	2021-06-14 14:10	slowloris.bin 1819f2525b90e042f5e30395133c656e PE File .NET EXE PE32 VirusTotal Malware PDB DNS				1.8	M	31	ZeroCERT