Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Score	VT	Player
9211	2021-06-24 19:29	iTV.exe 2a270d6a0d77fd1e12f813c8f8661e86 PE File OS Processor Check PE32 VirusTotal Malware Remote Code Execution				1.2	13	ZeroCERT

9212	2021-06-24 19:29	ie.exe a85e6746a9b2c8b9f66d030ff757dc7f Generic Malware AntiDebug AntiVM PE File .NET EXE PE32 FormBook Malware download VirusTotal Malware suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted unpack itself Tofsee Windows DNS crashed	6 Keyword trend analysis Info http://www.gottagowalkies.com/lvno/?YL3=9rNhNx&J6A=BIINJ2S2Tp2rCikhMdutRp73X6ZITjb0X2WLzpLeubUePX4YpIC6rDzOIcOPdbUC6nE5JpT1 http://www.pgbook.info/lvno/?J6A=3UsGHXuOiJoilto+iOdPovDIzDPsFHKzK+O08oXYkfgibzsvuQ4UAMTE5lmWzMZgACx5iD+e&YL3=9rNhNx http://www.bootyandbeauty.com/lvno/?YL3=9rNhNx&J6A=t7J8DJRNQhYTx0MOBTmQ+azOakd+N/cQyRzsEg+lLsJ1rrS7uU5Wzuo07U6UdehuYu5JCFPu http://edgedl.me.gvt1.com/edgedl/release2/update2/AIUdiWYcaIvMz1IBNCM0PPo_1.3.36.82/GoogleUpdateSetup.exe https://update.googleapis.com/service/update2?cup2key=10:220834941&cup2hreq=eac8227a881b042076732f4d40d8af2d30ff3e49013e211d6fa405d75148489d https://update.googleapis.com/service/update2	8	5	9.2	26	ZeroCERT

9213	2021-06-24 19:29	vbc.exe 7ff6857b4e750127cfb44e3392ce0d06 PE File PE32 DLL Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware suspicious privilege Check memory Checks debugger Creates executable files unpack itself AppData folder Windows Browser Email ComputerName DNS Cryptographic key Software crashed		1		8.4	10	ZeroCERT

9214	2021-06-24 19:31	clean1.exe e5b895e9aa0f2d53b535f968bd05ae7f PE File PE32 VirusTotal Malware Creates executable files Windows utilities WriteConsoleW Windows				4.0	17	ZeroCERT

9215	2021-06-24 19:32	svcshost.exe 71a631f1113b4a885d5bc6bcd063482f Gen2 Antivirus PE File OS Processor Check PE32 VirusTotal Malware powershell AutoRuns PDB suspicious privilege Code Injection Check memory Checks debugger Creates shortcut Creates executable files unpack itself powershell.exe wrote suspicious process WriteConsoleW Windows ComputerName DNS Cryptographic key		1		10.6	29	ZeroCERT

9216	2021-06-24 19:33	z0r0.arm7 972005dca60af708096f1b1c47eb2e0d AntiDebug AntiVM ELF VirusTotal Email Client Info Stealer Malware suspicious privilege Checks debugger Creates shortcut unpack itself AntiVM_Disk VM Disk Size Check installed browsers check Browser Email ComputerName				4.6	22	ZeroCERT

9217	2021-06-24 19:34	actXApiLib.dll 814775ead2e655aca8eccdfd4378fe00 PE File DLL PE32 VirusTotal Malware				0.6	19	ZeroCERT

9218	2021-06-24 19:35	file.exe e77d74abb804fd809d2a4a49b797bb18 Generic Malware Malicious Packer PE File OS Processor Check PE32 VirusTotal Malware PDB unpack itself Windows Remote Code Execution DNS crashed				3.8	26	ZeroCERT

9219	2021-06-24 19:35	ujxckjczud.exe e4f78978c762392406197670a9bf4695 AsyncRAT backdoor PWS .NET framework Generic Malware PE File .NET EXE OS Processor Check PE32 VirusTotal Malware				1.8	46	ZeroCERT

9220	2021-06-24 19:39	nigger.exe ec353e36a9a79650663f2ab119eeb331 AsyncRAT backdoor PWS .NET framework Generic Malware Malicious Library PE File .NET EXE OS Processor Check PE32 VirusTotal Malware Check memory Checks debugger unpack itself				2.0	52	ZeroCERT

9221	2021-06-24 19:54	123001.exe 2d50dbb80e4e0974ac31b1b7b0586b43 Malicious Library PE File OS Processor Check PE32 DLL AutoRuns Windows Remote Code Execution DNS		2		2.2		ZeroCERT

9222	2021-06-24 19:55	zxaqewre.exe 34d50da5169cf75afd21f10027ba80e1 AsyncRAT backdoor PWS .NET framework Generic Malware PE File .NET EXE OS Processor Check PE32 Browser Info Stealer FTP Client Info Stealer Malware suspicious privilege Malicious Traffic Check memory Checks debugger buffers extracted unpack itself Collect installed applications Check virtual network interfaces installed browsers check Tofsee Windows Browser ComputerName DNS Cryptographic key Software crashed	2 Keyword trend analysis	6	2	6.2		ZeroCERT

9223	2021-06-24 19:55	vbc.exe f17e854a03ef48b2b2581e329b233510 Generic Malware Malicious Packer PE File OS Processor Check PE32 PDB unpack itself Remote Code Execution crashed				1.8		ZeroCERT

9224	2021-06-24 19:59	KYKeoxe.exe 3b25b4407e5343c55f87a0325aad2e9f AsyncRAT backdoor PWS .NET framework Gen2 Generic Malware PE File .NET EXE PE32 DLL Malware Buffer PE PDB suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted Creates executable files unpack itself Check virtual network interfaces AppData folder installed browsers check Tofsee Windows Browser DNS crashed keylogger	11 Keyword trend analysis Info http://kimyen.info/kykeoxe/1quangcao/KYQuangcao.txt http://kimyen.net/kykeoxe/1quangcao/KYKeoxePb.txt http://kimyen.info/kykeoxe/1quangcao/KYKeoxePb.txt http://free.timeanddate.com/clock/i3jl68nm/n246/tlir/tt0/tw0/tm3/th1 http://kimyen.net/kykeoxe/1quangcao/KYQuangcao.txt http://kimyen.net/kykeoxe/phimhuongdan_kykeoxe.txt http://kimyen.net/kykeoxe/1quangcao/KYMayphu.txt https://jxhoitu.com/home/static/uploads/userfiles/images/quangcao.gif https://i0.wp.com/s1.uphinh.org/2021/06/06/hoa6.gif https://i0.wp.com/s1.uphinh.org/2021/05/18/lamhoa.gif https://i0.wp.com/s1.uphinh.org/2021/01/31/autokimyen.gif	19 Info time.nist.gov(132.163.97.1) kimyen.info(103.28.36.10) utcnist.colorado.edu(128.138.140.44) jxhoitu.com(103.90.224.168) ptbtime1.ptb.de(192.53.103.108) i0.wp.com(192.0.77.2) free.timeanddate.com(151.101.193.176) time.ien.it(193.204.114.105) kimyen.net(103.255.237.239) - malware 103.90.224.168 151.101.77.176 103.28.36.10 192.0.77.2 - mailcious 128.138.140.44 112.213.89.26 - phishing 128.138.141.172 103.255.237.239 - malware 192.53.103.108 193.204.114.105	2	10.2		ZeroCERT

9225	2021-06-24 20:00	INSTALL.EXE 0710a9310359c4f231ee7509d92a6a62 Emotet Admin Tool (Sysinternals etc ...) PE File OS Processor Check PE32 PE64 DLL MSOffice File VirusTotal Malware PDB Check memory Checks debugger Creates executable files unpack itself AppData folder AntiVM_Disk VM Disk Size Check Remote Code Execution	2 Keyword trend analysis	2		5.2	21	ZeroCERT