Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Rule	Score	Zero	VT	Player
9286	2021-06-24 23:23	kcudinre.exe 777d71c05d2f06f0c170d21912003808 AsyncRAT backdoor PWS .NET framework Generic Malware PE File .NET EXE OS Processor Check PE32 VirusTotal Malware DNS					2.4		40	ZeroCERT

9287	2021-06-24 23:23	enbvcsisokec.exe 0e49ad93c3db682db359b39256dda4bb AsyncRAT backdoor PWS .NET framework Generic Malware PE File .NET EXE OS Processor Check PE32 VirusTotal Malware DNS		1			2.2		34	ZeroCERT

9288	2021-06-24 23:25	lsdbvdsljh.exe 8d97796c9404616bf9b330648bf3ac4d AsyncRAT backdoor PWS .NET framework Generic Malware PE File .NET EXE OS Processor Check PE32 Check memory Checks debugger unpack itself					1.4			ZeroCERT

9289	2021-06-24 23:26	KRSetp.exe 0e5a341c5452df8e1bde9b0e31ee916f AsyncRAT backdoor PWS .NET framework BitCoin Generic Malware AntiDebug AntiVM PE File .NET EXE PE32 OS Processor Check Browser Info Stealer VirusTotal Malware AutoRuns suspicious privilege MachineGuid Code Injection Malicious Traffic Check memory Checks debugger buffers extracted Creates executable files ICMP traffic unpack itself Collect installed applications Check virtual network interfaces AppData folder installed browsers check Tofsee Ransomware Windows Browser ComputerName DNS Cryptographic key crashed	10 Keyword trend analysis Info http://kanagannne.xyz/ https://iplogger.org/1viFz7 https://videoconvert-download38.xyz/?user=seo6 https://videoconvert-download38.xyz/?user=seo4 https://videoconvert-download38.xyz/?user=seo5 https://videoconvert-download38.xyz/?user=seo2 https://videoconvert-download38.xyz/?user=seo3 https://videoconvert-download38.xyz/?user=seo1 https://api.ip.sb/geoip https://iplogger.org/16b8s7	9	1		17.0		22	ZeroCERT

9290	2021-06-24 23:28	BarSetpFile.exe 6ec8c0c3fc584cfaabd7199a6c08d894 AsyncRAT backdoor PWS .NET framework Generic Malware PE File .NET EXE PE32 Malware AutoRuns MachineGuid Malicious Traffic Check memory Checks debugger buffers extracted Creates executable files ICMP traffic unpack itself Check virtual network interfaces AppData folder Tofsee Ransomware Windows DNS Cryptographic key	8 Keyword trend analysis Info https://iplogger.org/1BB4g7 https://iplogger.org/1vqFz7 https://videoconvert-download38.xyz/?user=barret6 https://videoconvert-download38.xyz/?user=barret4 https://videoconvert-download38.xyz/?user=barret5 https://videoconvert-download38.xyz/?user=barret2 https://videoconvert-download38.xyz/?user=barret3 https://videoconvert-download38.xyz/?user=barret1	4	1		8.0			ZeroCERT

9291	2021-06-24 23:29	BarSucSETP.exe d3d55fc7ded011f820f3e180dbeabbe8 Gen1 AsyncRAT backdoor Generic Malware PE File .NET EXE PE32 DLL OS Processor Check Browser Info Stealer FTP Client Info Stealer Malware Cryptocurrency wallets Cryptocurrency suspicious privilege MachineGuid Malicious Traffic Check memory Checks debugger buffers extracted Creates executable files unpack itself Collect installed applications Check virtual network interfaces AppData folder installed browsers check Tofsee Ransomware Browser ComputerName Software crashed	9 Keyword trend analysis Info https://videoconvert-download38.xyz/?user=barusca6 https://videoconvert-download38.xyz/?user=barusca4 https://videoconvert-download38.xyz/?user=barusca5 https://videoconvert-download38.xyz/?user=barusca2 https://videoconvert-download38.xyz/?user=barusca3 https://videoconvert-download38.xyz/?user=barusca1 https://iplogger.org/1SiJi7 https://videoconvert-download12.xyz/ - rule_id: 2089 https://iplogger.org/1vvFz7	6	1	1	9.4	M		ZeroCERT

9292	2021-06-24 23:30	badpanda.exe ff5ab9ce41d93ed5dd47c9b0527fd5ca Emotet VMProtect PE File PE32					1.4			ZeroCERT

9293	2021-06-24 23:32	NMemo1Setp.exe f12aa4983f77ed85b3a618f7656807c2 Gen1 PWS .NET framework Generic Malware PE File .NET EXE PE32 DLL OS Processor Check Browser Info Stealer FTP Client Info Stealer Malware Cryptocurrency wallets Cryptocurrency AutoRuns suspicious privilege MachineGuid Malicious Traffic Check memory Checks debugger buffers extracted Creates executable files unpack itself Collect installed applications Check virtual network interfaces AppData folder installed browsers check Tofsee Ransomware Windows Browser ComputerName DNS Cryptographic key Software crashed	13 Keyword trend analysis Info http://kanagannne.xyz/ https://iplogger.org/1SPHi7 https://videoconvert-download38.xyz/?user=newpb1_6 https://videoconvert-download38.xyz/?user=newpb1_5 https://videoconvert-download38.xyz/?user=newpb1_4 https://videoconvert-download38.xyz/?user=newpb1_3 https://videoconvert-download38.xyz/?user=newpb1_2 https://videoconvert-download38.xyz/?user=newpb1_1 https://api.ip.sb/geoip https://iplogger.org/1vpFz7 https://pcfixmy-download-13.xyz/api.php?getusers https://pcfixmy-download-13.xyz/ https://pcfixmy-download-13.xyz/api.php	10	1		11.2			ZeroCERT

9294	2021-06-24 23:33	ooRexx.exe f11868be97cdbb6abae3bf71189b1a74 Emotet PE File PE32 DLL VirusTotal Malware Check memory Creates executable files unpack itself AppData folder AntiVM_Disk sandbox evasion VM Disk Size Check DNS					4.0		15	ZeroCERT

9295	2021-06-24 23:33	bin1.exe e9db1d560bfd2b211eb2597a1c8bdff7 PE File OS Processor Check PE32 AutoRuns PDB Code Injection Check memory Creates executable files unpack itself suspicious process AntiVM_Disk WriteConsoleW VM Disk Size Check Windows DNS		1			8.2			ZeroCERT

9296	2021-06-24 23:35	lsdbvdsljh.exe 8d97796c9404616bf9b330648bf3ac4d AsyncRAT backdoor PWS .NET framework Generic Malware PE File .NET EXE OS Processor Check PE32 Check memory Checks debugger unpack itself					1.4			ZeroCERT

9297	2021-06-24 23:36	install.exe 856fbef821befcb890b61db7a0d22a00 Emotet Admin Tool (Sysinternals etc ...) PE File OS Processor Check PE32 PNG Format DLL MSOffice File VirusTotal Malware PDB Check memory Checks debugger Creates executable files unpack itself AppData folder AntiVM_Disk VM Disk Size Check Remote Code Execution DNS	1 Keyword trend analysis	2			5.2		26	ZeroCERT

9298	2021-06-24 23:37	setup_8172912.exe 8dc596b11203d6f699dca666feb1e446 AsyncRAT backdoor PWS .NET framework Generic Malware PE File .NET EXE PE32 VirusTotal Malware suspicious privilege MachineGuid Check memory Checks debugger unpack itself DNS					3.6		45	ZeroCERT

9299	2021-06-24 23:37	5wbf 2737ca9d24320c1b018a72b836c30515 Generic Malware PE File .NET EXE PE32 VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger unpack itself ComputerName					6.2		48	ZeroCERT

9300	2021-06-24 23:39	cjuorszkjg.exe f4b8b0e43e3d5437668a54f1a395a8b4 AsyncRAT backdoor PWS .NET framework Generic Malware PE File .NET EXE OS Processor Check PE32 VirusTotal Malware DNS					2.2		36	ZeroCERT