Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Score	Zero	VT	Player
76	2025-04-05 01:31	License.exe 35585060bb1b65654fee82799996e9d0 Generic Malware Malicious Library WinRAR UPX PE File PE64 OS Processor Check VirusTotal Malware PDB unpack itself				1.2		2	guest

77	2025-04-04 10:03	qx.exe 6af85522bfd942c0413bb09977eb2941 Malicious Library .NET framework(MSIL) UPX PE File .NET EXE PE32 VirusTotal Malware Check memory Checks debugger unpack itself DNS		1		3.0	M	52	ZeroCERT

78	2025-04-04 10:02	propertyconcentrate.exe 00745fc06cd3afea6b73300e9bb0dcf3 Generic Malware Malicious Library Antivirus PE File .NET EXE PE32 VirusTotal Malware powershell suspicious privilege Malicious Traffic Check memory Checks debugger buffers extracted Creates shortcut unpack itself Windows utilities powershell.exe wrote Check virtual network interfaces suspicious process AppData folder WriteConsoleW Tofsee Windows ComputerName Cryptographic key	2 Keyword trend analysis	2	1	10.2	M	41	ZeroCERT

79	2025-04-04 10:00	bloodengineer.bat ae9cfe66056b85f360098a7fcb9bc238 Generic Malware Downloader Antivirus Create Service Socket DGA Http API ScreenShot Escalate priviledges Steal credential PWS Sniff Audio HTTP DNS Code injection Internet API FTP KeyLogger P2P AntiDebug AntiVM VirusTotal Malware powershell suspicious privilege Check memory Checks debugger Creates shortcut unpack itself suspicious process WriteConsoleW Windows ComputerName Cryptographic key	1 Keyword trend analysis			4.8	M	10	ZeroCERT

80	2025-04-04 09:59	j.exe 492bde0d908c7d54d74dc50f94f9a406 Code injection AntiDebug AntiVM PE File .NET EXE PE32 DLL .NET DLL Malware download VirusTotal Malware Code Injection Malicious Traffic Check memory Checks debugger buffers extracted WMI Creates executable files unpack itself Windows utilities Check virtual network interfaces AppData folder IP Check Windows ComputerName DNS Cryptographic key Downloader	2 Keyword trend analysis	3	7 Info ET INFO External IP Lookup Domain in DNS Lookup (ip-api .com) ET INFO Executable Download from dotted-quad Host ET MALWARE Terse alphanumeric executable downloader high likelihood of being hostile ET POLICY External IP Lookup ip-api.com ET POLICY PE EXE or DLL Windows file download HTTP ET INFO Executable Retrieved With Minimal HTTP Headers - Potential Second Stage Download ET HUNTING SUSPICIOUS Dotted Quad Host MZ Response	13.2	M	40	ZeroCERT

81	2025-04-04 09:58	v1.exe 5b61fae91f37fdfd32ff77482ae052de Generic Malware Malicious Library UPX PE File PE32 OS Processor Check VirusTotal Malware PDB Checks debugger Detects VMWare AppData folder suspicious TLD VMware crashed	1 Keyword trend analysis	2		5.0	M	50	ZeroCERT

82	2025-04-04 09:57	newnoadminpc.exe e24846b05948ac79eac8540917047cb8 .NET framework(MSIL) PE File .NET EXE PE32 VirusTotal Malware suspicious privilege Check memory Checks debugger buffers extracted unpack itself Windows ComputerName Cryptographic key crashed				4.2	M	36	ZeroCERT

83	2025-04-04 09:56	classcomputer.bat 1efa55a9de6aba6f8d2344679470ad39 Generic Malware Downloader Antivirus Create Service Socket DGA Http API ScreenShot Escalate priviledges Steal credential PWS Sniff Audio HTTP DNS Code injection Internet API FTP KeyLogger P2P AntiDebug AntiVM VirusTotal Malware powershell suspicious privilege Check memory Checks debugger Creates shortcut unpack itself suspicious process WriteConsoleW Windows ComputerName Cryptographic key				4.8	M	10	ZeroCERT

84	2025-04-04 09:55	clip64.dll b7944be7b7f50acc36aa2e4e50b0b79c Amadey Generic Malware Malicious Library UPX PE File DLL PE32 OS Processor Check VirusTotal Malware Malicious Traffic Checks debugger unpack itself DNS	1 Keyword trend analysis	1		3.6	M	52	ZeroCERT

85	2025-04-04 09:53	t.exe 98612673aa9539fb213928d7b7f8c80c Malicious Library .NET framework(MSIL) UPX PE File .NET EXE PE32 VirusTotal Malware Check memory Checks debugger unpack itself DNS		1		2.8	M	37	ZeroCERT

86	2025-04-04 09:53	rh.exe a562a58fcd80a509c9c28dca1b7b6fa6 Code injection AntiDebug AntiVM PE File .NET EXE PE32 DLL .NET DLL Malware download NetWireRC VirusTotal Malware suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted WMI Creates executable files unpack itself Windows utilities Check virtual network interfaces AppData folder IP Check Windows RAT ComputerName Trojan DNS Cryptographic key Downloader	2 Keyword trend analysis	3	9 Info ET POLICY External IP Lookup ip-api.com ET MALWARE Sheet RAT CnC Checkin ET MALWARE Single char EXE direct download likely trojan (multiple families) ET INFO Executable Download from dotted-quad Host ET MALWARE Terse alphanumeric executable downloader high likelihood of being hostile ET POLICY PE EXE or DLL Windows file download HTTP ET INFO Executable Retrieved With Minimal HTTP Headers - Potential Second Stage Download ET HUNTING SUSPICIOUS Dotted Quad Host MZ Response ET INFO External IP Lookup Domain in DNS Lookup (ip-api .com)	14.4		40	ZeroCERT

87	2025-04-04 09:47	try.bat 29d4688963a72ae6d8c85017f2c5c878 Generic Malware Downloader Antivirus Create Service Socket DGA Http API ScreenShot Escalate priviledges Steal credential PWS Sniff Audio HTTP DNS Code injection Internet API FTP KeyLogger P2P AntiDebug AntiVM VirusTotal Malware powershell suspicious privilege Check memory Checks debugger WMI Creates shortcut unpack itself Windows utilities powershell.exe wrote suspicious process WriteConsoleW Windows ComputerName Cryptographic key	1 Keyword trend analysis			6.4		8	ZeroCERT

88	2025-04-04 09:45	385383af03411274e379b462253217... 28c6f767c25f6242064e4070caf111e0 Generic Malware Antivirus VirusTotal Malware powershell suspicious privilege Check memory Checks debugger WMI Creates shortcut unpack itself Windows utilities suspicious process WriteConsoleW Windows ComputerName Cloudflare DNS Cryptographic key	1 Keyword trend analysis	2	1	6.6		2	ZeroCERT

89	2025-04-04 09:35	UCHI.ps1 fa6618d283a0d6482c7e238caf915aed Generic Malware Antivirus VirusTotal Malware Check memory unpack itself WriteConsoleW Windows Cryptographic key				1.6		15	ZeroCERT

90	2025-04-04 09:32	amd.ps1 2c0c53f72d23ec22e07b2b96f8cb8229 Generic Malware Antivirus Check memory Creates executable files unpack itself WriteConsoleW Windows Cryptographic key crashed				3.2	M		ZeroCERT