popup

Submissions

No Date Request Urls Hosts IDS Rule Score Zero VT Player Etc
9226 2023-08-22 13:32 payload.dll  

aa9991d405f0742d592ca9a3c193a931


UPX Malicious Packer OS Processor Check PE File DLL PE64 VirusTotal Malware PDB 		1.4 46 yjw

9227 2023-08-22 11:28 http://api.maptiler.com  

60c9f86239a45db522e58c777de569f4


Client SW User Data Stealer browser info stealer Generic Malware Google Chrome User Data Downloader Create Service Socket P2P DGA Steal credential Http API Escalate priviledges PWS Sniff Audio HTTP DNS ScreenShot Code injection Internet API BitCoin persis Browser Info Stealer Code Injection Checks debugger exploit crash unpack itself malicious URLs installed browsers check Exploit Browser crashed 		4.8 guest

9228 2023-08-22 10:48 payload.dll  

aa9991d405f0742d592ca9a3c193a931


UPX Malicious Packer OS Processor Check PE File DLL PE64 VirusTotal Malware PDB 		1.4 46 guest

9229 2023-08-22 09:55 LBK.vbs  

8a78998f2b3d91eee64cdabba464edc4


Generic Malware Antivirus Hide_URL PowerShell VirusTotal Malware powershell suspicious privilege Check memory Checks debugger buffers extracted Creates shortcut unpack itself Windows utilities Check virtual network interfaces suspicious process WriteConsoleW Tofsee Windows ComputerName Cryptographic key 		3 3 1 9.4 7 ZeroCERT

9230 2023-08-22 09:43 nj.vbs  

15708f4435a69aeb90710ef4f51b8326


Generic Malware Antivirus Hide_URL PowerShell powershell suspicious privilege Check memory Checks debugger buffers extracted Creates shortcut unpack itself Check virtual network interfaces suspicious process WriteConsoleW Tofsee Windows ComputerName Cryptographic key 		3 3 1 8.6 M ZeroCERT

9231 2023-08-22 07:44 IE_Cache.vbs  

7b642eb8d28d35357608b4e2d3f955ae


Generic Malware Antivirus Hide_URL PowerShell powershell suspicious privilege Check memory Checks debugger buffers extracted Creates shortcut unpack itself Check virtual network interfaces suspicious process WriteConsoleW Tofsee Windows ComputerName Cryptographic key 		3 3 1 8.6 ZeroCERT

9232 2023-08-22 07:42 skx111.exe  

59d87693d6d2331e75665972353331bc


.NET framework(MSIL) Socket DNS persistence AntiDebug AntiVM PE File .NET EXE PE32 suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself Windows Cryptographic key 		8.4 ZeroCERT

9233 2023-08-22 07:40 img0581.exe  

65e6ee55777c6d70eec5adc27270786c


Gen1 Emotet Malicious Library UPX PE File CAB PE32 Browser Info Stealer RedLine Malware download FTP Client Info Stealer Email Client Info Stealer Malware Microsoft AutoRuns PDB suspicious privilege Malicious Traffic Check memory Checks debugger WMI Creates executable files unpack itself Windows utilities Disables Windows Security Collect installed applications suspicious process AntiVM_Disk WriteConsoleW VM Disk Size Check installed browsers check Stealc Stealer Windows Update Browser Email ComputerName Remote Code Execution DNS Cryptographic key Software crashed 		1 2 7 1 13.8 M ZeroCERT

9234 2023-08-22 07:36 Helper.exe  

19124312cafa0b1c5524329755a5d6a2


Generic Malware Malicious Library UPX Malicious Packer Antivirus OS Processor Check PE File PE32 MSOffice File CAB DLL Buffer PE PDB suspicious privilege Check memory Checks debugger buffers extracted Creates executable files unpack itself AppData folder AntiVM_Disk VM Disk Size Check ComputerName crashed 		5.2 ZeroCERT

9235 2023-08-22 07:35 calc.exe  

a7caaabf9627865778471046c0cf5eda


Malicious Library UPX OS Processor Check PE File PE32 PDB 		0.6 ZeroCERT

9236 2023-08-21 18:48 winPEASx64_ofs.exe  

9013febf3d6a31e157e2d329241dc9f6


North Korea Generic Malware UPX Malicious Packer Antivirus OS Processor Check PE File PE64 VirusTotal Malware MachineGuid Check memory Checks debugger WMI unpack itself Windows utilities Check virtual network interfaces AntiVM_Disk WriteConsoleW anti-virtualization VM Disk Size Check Windows ComputerName 		5.0 45 ZeroCERT

9237 2023-08-21 18:46 thwit4.exe  

0b731ecd61cbe95cee04719b0d7189b1


Gen1 Malicious Library UPX Anti_VM OS Processor Check PE File PE64 DLL ZIP Format ftp VirusTotal Malware Check memory Creates executable files 		1.6 6 ZeroCERT

9238 2023-08-21 18:46 isoHost.exe  

02a3420fffc0285ca90ab96cbe234d75


PE File .NET EXE PE32 VirusTotal Malware PDB Check memory Checks debugger unpack itself 		2.0 12 ZeroCERT

9239 2023-08-21 18:44 balalaika.php  

8ef99b7b22cd9da6c37bc5bb56d94b62


RedLine stealer Malicious Library UPX AntiDebug AntiVM OS Processor Check PE File PE32 Browser Info Stealer RedLine Malware download FTP Client Info Stealer Malware Microsoft Buffer PE PDB suspicious privilege Code Injection Check memory Checks debugger buffers extracted WMI unpack itself Collect installed applications installed browsers check Stealer Windows Browser ComputerName DNS Cryptographic key Software crashed 		1 4 11.0 ZeroCERT

9240 2023-08-21 18:03 dcr3.exe  

e390b2bca53a5f3cccb7c9d88649be28


Malicious Library .NET framework(MSIL) UPX Malicious Packer Antivirus OS Processor Check PE File .NET EXE PE32 VirusTotal Malware Check memory Checks debugger unpack itself DNS 		1 3.6 49 ZeroCERT

keyword