popup

Submissions

No Date Request Urls Hosts IDS Rule Score Zero VT Player Etc
8881 2023-11-16 07:54 crypted.exe  

8ddb35a58ac6c397b91541620a493008


Malicious Library UPX PE32 PE File OS Processor Check PDB 		0.6 M ZeroCERT

8882 2023-11-16 07:53 unsecapp.exe  

10becade76ccb8cbe488fddc823f7fbf


.NET framework(MSIL) UPX PWS SMTP AntiDebug AntiVM PE32 PE File .NET EXE OS Processor Check Malware Buffer PE suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted unpack itself Check virtual network interfaces AppData folder Windows DNS Cryptographic key 		1 1 5 11.8 M ZeroCERT

8883 2023-11-16 07:51 smss.exe  

318e2272187798dbd04f0b228e2ca756


Malicious Library UPX PE32 PE File MZP Format DllRegisterServer dll unpack itself crashed 		1.4 ZeroCERT

8884 2023-11-16 07:49 open.exe  

16252016f9922916b06ba87604aaaa29


AgentTesla .NET framework(MSIL) UPX PWS KeyLogger AntiDebug AntiVM PE32 PE File .NET EXE OS Processor Check Browser Info Stealer FTP Client Info Stealer Email Client Info Stealer Buffer PE AutoRuns suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself Windows utilities Check virtual network interfaces suspicious process WriteConsoleW IP Check Tofsee Windows Browser Email ComputerName DNS Cryptographic key Software crashed keylogger 		2 4 14.4 M ZeroCERT

8885 2023-11-16 07:49 amday.exe  

6800e6fa797f5cf412770d6fb47d81bc


Admin Tool (Sysinternals etc ...) .NET framework(MSIL) UPX Http API HTTP Code injection Internet API AntiDebug AntiVM PE32 PE File .NET EXE Lnk Format GIF Format AutoRuns PDB suspicious privilege Code Injection Check memory Checks debugger buffers extracted Creates shortcut Creates executable files unpack itself Windows utilities Windows ComputerName DNS 		1 11.2 M ZeroCERT

8886 2023-11-15 10:50 pwng.ps1  

a882757ac81f77747ab828a4b3e25e34


Generic Malware Antivirus VirusTotal Malware Check memory unpack itself WriteConsoleW Windows Cryptographic key 		1.4 7 ZeroCERT

8887 2023-11-15 10:49 Agenzia_Entrate.url  

67b426814bf2530e2de2e85d1146c594


AntiDebug AntiVM URL Format MSOffice File Code Injection RWX flags setting exploit crash unpack itself Windows utilities Tofsee Windows Exploit DNS crashed 		1 1 2 5.4 ZeroCERT

8888 2023-11-15 10:49 Agenzia.url  

e8e03b91b2802891c978c8a67999bd10


AntiDebug AntiVM URL Format MSOffice File VirusTotal Malware Code Injection RWX flags setting exploit crash unpack itself Windows utilities Tofsee Windows Exploit DNS crashed 		1 1 2 5.8 6 ZeroCERT

8889 2023-11-15 10:48 df4e69db.exe  

c48c58d873eacde201d14af9cad50e81


Malicious Library UPX PE32 PE File OS Processor Check VirusTotal Malware unpack itself Windows crashed 		2.4 M 29 ZeroCERT

8890 2023-11-15 10:15 ace.jpg.ps1  

297f46ad29a838b1d721d7c0b118678b


Generic Malware Antivirus PE32 PE File DLL .NET DLL Malware download VirusTotal Malware powershell suspicious privilege Malicious Traffic Check memory Checks debugger Creates shortcut Creates executable files unpack itself Windows utilities powershell.exe wrote Check virtual network interfaces suspicious process AppData folder suspicious TLD WriteConsoleW PurpleFox Windows ComputerName Cryptographic key 		4 2 2 2 10.2 M 10 ZeroCERT

8891 2023-11-15 10:15 6f68354e.exe  

e085abe5e940631d40f20acd0f98fcb7


Malicious Library UPX PE32 PE File OS Processor Check unpack itself Windows crashed 		1.6 M ZeroCERT

8892 2023-11-15 10:15 c.txt.ps1  

9680b91497d9c6baa543f55d9a2be4d1


Generic Malware Antivirus VirusTotal Malware unpack itself WriteConsoleW Windows Cryptographic key 		1 1.2 5 ZeroCERT

8893 2023-11-15 10:09 InstallSetup4.exe  

5655432921d1f7ba0005a97a19904ca5


Generic Malware Malicious Library Malicious Packer UPX PE32 PE File .NET EXE OS Processor Check VirusTotal Malware PDB Check memory Checks debugger unpack itself Windows ComputerName Cryptographic key 		2.2 28 ZeroCERT

8894 2023-11-15 08:03 done.exe  

812b3b8f8ca28e56da24f2a04f9a65e0


RedLine stealer Malicious Library UPX ScreenShot PWS AntiDebug AntiVM PE32 PE File OS Processor Check Browser Info Stealer RedLine Malware download FTP Client Info Stealer Malware Microsoft suspicious privilege Code Injection Check memory Checks debugger buffers extracted WMI unpack itself Collect installed applications installed browsers check Stealer Windows Browser ComputerName DNS Cryptographic key Software crashed 		1 4 10.6 M ZeroCERT

8895 2023-11-15 08:03 Morning.exe  

23c56a60085d98d2f35e6bfd87969568


Gen1 Malicious Library UPX Malicious Packer Http API ScreenShot PWS HTTP Internet API AntiDebug AntiVM PE32 PE File OS Processor Check DLL Browser Info Stealer Malware download Malware RecordBreaker MachineGuid Code Injection Malicious Traffic Check memory buffers extracted Creates executable files unpack itself Collect installed applications AppData folder sandbox evasion installed browsers check Stealer Windows Browser DNS 		8 1 11 11.2 M ZeroCERT

keyword