popup

Submissions

No Date Request Urls Hosts IDS Rule Score Zero VT Player Etc
9136 2021-06-24 09:09 install.exe  

b00def042414aa226b4abeace6039371


Emotet Admin Tool (Sysinternals etc ...) PE File OS Processor Check PE32 DLL MSOffice File VirusTotal Malware PDB Check memory Checks debugger Creates executable files unpack itself AppData folder AntiVM_Disk VM Disk Size Check Remote Code Execution DNS 		1 2 5.2 22 ZeroCERT

9137 2021-06-24 09:09 trafik.exe  

52dabe5d0e1fd4ca7021abcbf9c8486c


Generic Malware PE File .NET EXE PE32 Malware download njRAT VirusTotal Malware Checks debugger Creates executable files unpack itself DNS 		1 1 3.2 52 ZeroCERT

9138 2021-06-24 09:11 j4.exe  

d75c2fbebaf462dad0d6a10ad884d8fb


AsyncRAT backdoor PWS .NET framework Generic Malware PE File .NET EXE PE32 VirusTotal Malware PDB suspicious privilege MachineGuid Malicious Traffic Check memory Checks debugger unpack itself Check virtual network interfaces Tofsee ComputerName DNS 		1 4 1 6.2 43 ZeroCERT

9139 2021-06-24 09:13 0cfa042f.png  

be837f2ea09c13d63a458c55385f253c


MSOffice File VirusTotal Malware 		1.0 35 ZeroCERT

9140 2021-06-24 09:28 test.exe  

4d067df908b9cab3768f76d6e8a10a90


AsyncRAT backdoor PWS .NET framework Generic Malware PE File .NET EXE OS Processor Check PE32 Browser Info Stealer FTP Client Info Stealer VirusTotal Malware PDB suspicious privilege Malicious Traffic Check memory Checks debugger buffers extracted unpack itself Collect installed applications Check virtual network interfaces installed browsers check Tofsee Windows Browser ComputerName DNS Cryptographic key Software crashed 		2 3 2 7.6 41 ZeroCERT

9141 2021-06-24 09:29 chrome.exe  

2909060bd03990d326fcc07b162b486c


PE File PE32 DLL FormBook Malware download VirusTotal Malware AutoRuns suspicious privilege Malicious Traffic Creates executable files unpack itself AppData folder Tofsee Windows DNS 		9 13 5 6.2 20 ZeroCERT

9142 2021-06-24 09:30 Trackingdetails202106168387483...  

7efdbb8527576ec9bda3a2a60a69f08f

VirusTotal Malware Check memory heapspray unpack itself Java 		2.4 23 ZeroCERT

9143 2021-06-24 09:30 vbc.exe  

357e95c47c4b8666b0fe33277a37f376


PE File PE32 VirusTotal Malware Check memory RWX flags setting unpack itself Remote Code Execution DNS crashed 		3.6 41 ZeroCERT

9144 2021-06-24 09:33 nite.exe  

b13e549416031e23c4e0651ff312dede


Generic Malware SMTP KeyLogger AntiDebug AntiVM PE File .NET EXE PE32 Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself Windows Browser Email ComputerName Cryptographic key Software crashed 		10.6 28 ZeroCERT

9145 2021-06-24 09:34 0cfa042f.png  

be837f2ea09c13d63a458c55385f253c


MSOffice File VirusTotal Malware unpack itself 		2.2 35 ZeroCERT

9146 2021-06-24 09:35 Qxhta5W4hfbBj7U9.jpg.ps1  

92586bda0a17dd64be45fc81eaaa2567


Antivirus VirusTotal Malware Check memory unpack itself WriteConsoleW Windows DNS Cryptographic key 		2.0 1 ZeroCERT

9147 2021-06-24 09:35 1.exe  

d301a8e44e87b93426f17142b81cc820


AsyncRAT backdoor Generic Malware PE File .NET EXE PE32 GIF Format DLL .NET DLL VirusTotal Malware AutoRuns suspicious privilege Malicious Traffic Check memory Checks debugger buffers extracted Creates shortcut Creates executable files unpack itself Windows utilities Check virtual network interfaces suspicious process AppData folder WriteConsoleW installed browsers check Windows Browser ComputerName DNS Cryptographic key crashed 		1 2 12.2 42 ZeroCERT

9148 2021-06-24 09:36 1234.exe  

b831c2085724500a6743d39b1906b015


AsyncRAT backdoor Generic Malware PE File .NET EXE PE32 GIF Format DLL .NET DLL VirusTotal Malware AutoRuns suspicious privilege Malicious Traffic Check memory Checks debugger buffers extracted Creates shortcut Creates executable files unpack itself Windows utilities Check virtual network interfaces suspicious process AppData folder WriteConsoleW installed browsers check Windows Browser ComputerName DNS Cryptographic key crashed 		1 1 12.2 43 ZeroCERT

9149 2021-06-24 09:36 nni.exe  

13314b0c2d533ff681063532cd370bc9


PWS .NET framework Generic Malware SMTP KeyLogger AntiDebug AntiVM PE File .NET EXE PE32 Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself Windows Browser Email ComputerName DNS Cryptographic key Software crashed 		11.6 42 ZeroCERT

9150 2021-06-24 09:36 newn.exe  

cf8211ae3f87a2d9790e72c9128958c1


Generic Malware SMTP KeyLogger AntiDebug AntiVM PE File .NET EXE PE32 Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself Windows Browser Email ComputerName Cryptographic key Software crashed 		10.8 30 ZeroCERT

keyword