popup

Submissions

No Date Request Urls Hosts IDS Rule Score Zero VT Player Etc
9166 2021-06-24 09:54 vbc.exe  

de41a01457573e366909c2ddb491d1f3


PE File OS Processor Check PE32 VirusTotal Malware PDB unpack itself Windows Remote Code Execution DNS crashed 		4.0 35 ZeroCERT

9167 2021-06-24 10:02 x3.exe  

673189c4150264e0e7f3f74478867375


Generic Malware DNS Socket Create Service Escalate priviledges KeyLogger Code injection ScreenShot BitCoin AntiDebug AntiVM PE File PE64 VirusTotal Cryptocurrency Miner Malware AutoRuns suspicious privilege MachineGuid Code Injection Check memory Checks debugger buffers extracted Creates executable files unpack itself Windows utilities Auto service Check virtual network interfaces suspicious process malicious URLs suspicious TLD WriteConsoleW Windows ComputerName Firmware CoinMiner 		4 1 13.8 49 ZeroCERT

9168 2021-06-24 10:02 t-d.exe  

95939e9f316d9e5d38e453b5f6095fcd


Armageddon APT WinRAR AntiDebug AntiVM PE File OS Processor Check PE32 VirusTotal Malware PDB Code Injection WMI Creates executable files unpack itself AntiVM_Disk WriteConsoleW VM Disk Size Check ComputerName Remote Code Execution DNS 		6.4 13 ZeroCERT

9169 2021-06-24 10:04 GPU.exe  

619057f86d88426ef8b7cd4a91570aab


Generic Malware AntiDebug AntiVM PE File .NET EXE PE32 VirusTotal Malware AutoRuns suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself Windows DNS DDNS crashed 		6 1 11.6 45 ZeroCERT

9170 2021-06-24 10:07 x2.exe  

7d0872298a99819963ab97c027e2fe54


Generic Malware DNS Socket Create Service Escalate priviledges KeyLogger Code injection ScreenShot BitCoin AntiDebug AntiVM PE File PE64 VirusTotal Cryptocurrency Miner Malware AutoRuns suspicious privilege MachineGuid Code Injection Check memory Checks debugger buffers extracted Creates executable files unpack itself Windows utilities Auto service Check virtual network interfaces suspicious process malicious URLs WriteConsoleW Windows ComputerName Firmware CoinMiner 		4 1 14.0 45 ZeroCERT

9171 2021-06-24 10:07 1204431452_50619973.rar  

5c6b2a4b4311244fb91f48c4215775df


Escalate priviledges KeyLogger AntiDebug AntiVM VirusTotal Malware suspicious privilege Check memory Checks debugger unpack itself DNS 		3.4 45 ZeroCERT

9172 2021-06-24 10:07 nvcontainer.exe  

a236fce97def23d91641ae08041f4107


Generic Malware DGA DNS SMTP Socket Create Service Sniff Audio Escalate priviledges KeyLogger Code injection Internet API ScreenShot Downloader AntiDebug AntiVM PE File .NET EXE PE32 VirusTotal Malware AutoRuns suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself malicious URLs suspicious TLD Windows DNS crashed keylogger 		2 14.8 47 ZeroCERT

9173 2021-06-24 10:08 kill.exe  

6084f2e484d7ae81d35dff0aa576c546


Armageddon APT WinRAR AntiDebug AntiVM PE File OS Processor Check PE32 VirusTotal Malware PDB Code Injection WMI Creates executable files unpack itself AntiVM_Disk WriteConsoleW VM Disk Size Check ComputerName Remote Code Execution DNS 		1 7.2 23 ZeroCERT

9174 2021-06-24 10:10 NV.exe  

75e7308aacb22402184d08ee9712f89b


Generic Malware DGA DNS Socket Create Service Sniff Audio HTTP Escalate priviledges KeyLogger FTP Code injection Http API Internet API Steal credential ScreenShot Downloader P2P AntiDebug AntiVM PE File .NET EXE PE32 AutoRuns suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself Windows utilities WriteConsoleW Windows DNS DDNS crashed 		1 1 9.8 ZeroCERT

9175 2021-06-24 10:11 sos.exe  

2edfacc58679637e8b8770e9d0c62481


Generic Malware DNS Socket ScreenShot BitCoin AntiDebug AntiVM PE File PE64 VirusTotal Malware MachineGuid Code Injection Check memory Checks debugger buffers extracted unpack itself malicious URLs ComputerName 		8.6 49 ZeroCERT

9176 2021-06-24 10:12 msdtc.exe  

a119493bce8e253eaae093e9afdda7af


Generic Malware DGA DNS SMTP Socket Create Service Sniff Audio Escalate priviledges KeyLogger Code injection Internet API ScreenShot Downloader AntiDebug AntiVM PE File .NET EXE PE32 AutoRuns suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself malicious URLs BitRAT Windows ComputerName DNS crashed keylogger 		2 1 10.6 ZeroCERT

9177 2021-06-24 10:13 x3-uninstaller.exe  

aba3dda5a550d9b29772989223f10678


AsyncRAT backdoor Generic Malware PE File PE64 VirusTotal Malware suspicious privilege MachineGuid Check memory Checks debugger unpack itself Windows utilities suspicious process WriteConsoleW Windows ComputerName 		4.0 38 ZeroCERT

9178 2021-06-24 10:14 NVIDIA.exe  

5ff35bead91ba5d8359afc1389a9ab5e


Generic Malware PE File PE64 Check memory Checks debugger unpack itself DNS 		1 1.8 ZeroCERT

9179 2021-06-24 10:17 kill-ms.exe  

5dde83dfeabd347686a111862a6fe2e0


Armageddon APT WinRAR AntiDebug AntiVM PE File OS Processor Check PE32 VirusTotal Malware PDB Code Injection WMI Creates executable files unpack itself WriteConsoleW ComputerName Remote Code Execution DNS 		6.8 20 ZeroCERT

9180 2021-06-24 10:19 NVC.exe  

70e97b8ae8f08c3f8c2cbf4d81192cf0


Generic Malware DGA DNS Socket Create Service Sniff Audio HTTP Escalate priviledges KeyLogger FTP Code injection Http API Internet API Steal credential ScreenShot Downloader P2P AntiDebug AntiVM PE File .NET EXE PE32 AutoRuns suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself Windows utilities WriteConsoleW Windows crashed 		1 8.8 ZeroCERT

keyword