Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Score	VT	Player
9301	2021-06-24 23:46	csrrs.exe f07ce87fb0fee1ccc330e07141be91f9 PE File OS Processor Check PE32 VirusTotal Malware PDB suspicious process sandbox evasion WriteConsoleW Browser DNS				3.2	32	ZeroCERT

9302	2021-06-24 23:46	ottwsttuw.exe 5be8cfbec412b84cad8de61c090843c3 AsyncRAT backdoor PWS .NET framework Generic Malware PE File .NET EXE OS Processor Check PE32 VirusTotal Malware Check memory Checks debugger unpack itself				2.4	32	ZeroCERT

9303	2021-06-24 23:46	3.exe 76be7ef5d129b04ccfb8049846b58d01 AsyncRAT backdoor PWS .NET framework Generic Malware PE File .NET EXE OS Processor Check PE32 Browser Info Stealer FTP Client Info Stealer VirusTotal Malware suspicious privilege Malicious Traffic Check memory Checks debugger buffers extracted unpack itself Collect installed applications Check virtual network interfaces installed browsers check Tofsee Windows Browser ComputerName DNS Cryptographic key Software crashed	2 Keyword trend analysis	3	2	7.2	33	ZeroCERT

9304	2021-06-24 23:48	ServiceCore.dll 0a32af7486ad37209fbef9b5789901e8 PE File DLL PE32 Checks debugger unpack itself DNS crashed				2.2		ZeroCERT

9305	2021-06-24 23:48	server.exe 3702ad7cc7ea7c7333c67896a78ec921 PE File PE32 Check memory unpack itself				1.2		ZeroCERT

9306	2021-06-24 23:50	3TRExkFGrlKGuTV8.txt.html c3b6ba282e363900c1f851a178e1ad0b VBScript PowerShell Obfuscated File Antivirus AntiDebug AntiVM Malware powershell suspicious privilege MachineGuid Code Injection Malicious Traffic Check memory Checks debugger Creates shortcut unpack itself Windows utilities powershell.exe wrote suspicious process Tofsee Windows ComputerName DNS Cryptographic key	2 Keyword trend analysis	3	1	7.4		ZeroCERT

9307	2021-06-24 23:52	HookSetp.exe 8e3ed904b5b3239566ca0e41cd48910d PWS .NET framework Generic Malware PE File .NET EXE PE32 OS Processor Check Browser Info Stealer Malware AutoRuns suspicious privilege MachineGuid Malicious Traffic Check memory Checks debugger buffers extracted Creates executable files unpack itself Collect installed applications Check virtual network interfaces AppData folder installed browsers check Tofsee Ransomware Windows Browser ComputerName DNS Cryptographic key crashed	10 Keyword trend analysis Info http://23.83.133.165:15064/ https://iplogger.org/1vtFz7 https://api.ip.sb/geoip https://videoconvert-download38.xyz/?user=hook6 https://videoconvert-download38.xyz/?user=hook5 https://videoconvert-download38.xyz/?user=hook4 https://videoconvert-download38.xyz/?user=hook3 https://videoconvert-download38.xyz/?user=hook2 https://videoconvert-download38.xyz/?user=hook1 https://iplogger.org/1Hfmh7	7	1	9.6		ZeroCERT

9308	2021-06-24 23:53	Lady.exe c1e123df8403bf9087cce44956d6801c Gen2 PE File OS Processor Check PE32 DarkComet AutoRuns suspicious privilege Code Injection Check memory ICMP traffic unpack itself Windows utilities suspicious process AppData folder WriteConsoleW human activity check Windows Trojan DNS crashed keylogger		1		12.0		ZeroCERT

9309	2021-06-24 23:55	File1.exe 849ef5d887feb1fcc1096ace616eb9aa Emotet Antivirus PE File PE32 MSOffice File Check memory RWX flags setting unpack itself Remote Code Execution				1.2		ZeroCERT

9310	2021-06-24 23:55	sefile.exe 8b78fa29a8b90f35bcfad36b2b7da0fc Malicious Packer PE File OS Processor Check PE32 PDB unpack itself Windows Remote Code Execution DNS crashed		1		2.6		ZeroCERT

9311	2021-06-24 23:57	deli_driver.exe 6348584e7297e257afe64e59efbfe223 Gen2 Emotet Gen1 Generic Malware Admin Tool (Sysinternals etc ...) Anti_VM UPX PE File PE32 OS Processor Check Browser Info Stealer AutoRuns Check memory Creates executable files RWX flags setting unpack itself AppData folder installed browsers check Windows Browser DNS		1		4.2		ZeroCERT

9312	2021-06-25 00:07	zdFdffsdadfs.exe 94780d33f21b5a3292d88e68e7796515 AsyncRAT backdoor PWS .NET framework Generic Malware PE File .NET EXE OS Processor Check PE32 Browser Info Stealer FTP Client Info Stealer Malware suspicious privilege Malicious Traffic Check memory Checks debugger buffers extracted unpack itself Collect installed applications Check virtual network interfaces installed browsers check Tofsee Windows Browser ComputerName DNS Cryptographic key Software crashed	2 Keyword trend analysis	3	2	6.2		ZeroCERT

9313	2021-06-25 00:07	INSTALL.EXE 7415aea4d76ea8d2706a6441be814b03 PE File OS Processor Check PE32 DLL PDB Check memory Checks debugger Creates executable files unpack itself AppData folder Remote Code Execution DNS	1 Keyword trend analysis	2		3.6		ZeroCERT

9314	2021-06-25 00:07	e9S 045cd8a6189dd15ad2b8e394f19b32f6 PE File PE32 unpack itself AntiVM_Disk VM Disk Size Check Remote Code Execution Trojan Banking				2.6		ZeroCERT

9315	2021-06-25 00:08	bin.exe b7136b8c5c7e7efe559bd3a70d8200e0 Raccoon Stealer Emotet Gen2 Generic Malware Admin Tool (Sysinternals etc ...) Anti_VM PE File OS Processor Check PE32 AutoRuns Creates executable files unpack itself installed browsers check Windows Browser crashed				2.6		ZeroCERT