Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Score	Zero	Player
9316	2021-06-25 00:09	c.1x e0da003c129a2b3d91e459c732290418 PE File OS Processor Check PE32 PDB				0.6		ZeroCERT

9317	2021-06-25 00:18	asyncclientaaa.exe a4f6c257028460c7c5c28e51fba4cb19 AsyncRAT backdoor PWS .NET framework Generic Malware Malicious Library DGA DNS Socket Create Service Sniff Audio HTTP Escalate priviledges KeyLogger FTP Code injection Http API Internet API Steal credential ScreenShot Downloader P2P AntiDebug AntiVM PE Fi AutoRuns Code Injection Windows utilities suspicious process AppData folder WriteConsoleW Windows ComputerName DNS				4.2		ZeroCERT

9318	2021-06-25 00:18	umbr.exe f9d986194bfbc6d9e56e62a7e6f3f1f7 AsyncRAT backdoor Process Kill Generic Malware CryptGenKey FindFirstVolume Malicious Packer Http API Steal credential ScreenShot AntiDebug AntiVM PE File OS Processor Check Device_File_Check PE32 .NET EXE suspicious privilege Code Injection Check memory Checks debugger buffers extracted Creates executable files unpack itself AntiVM_Disk suspicious TLD VM Disk Size Check Tofsee Windows Cryptographic key crashed	1 Keyword trend analysis	4	4	7.4		ZeroCERT

9319	2021-06-25 00:20	md5list.exe 61ff50d7c66468a4770076f26e7ac115 PE File PE32 WriteConsoleW DNS				1.6		ZeroCERT

9320	2021-06-25 00:23	oss.exe 3b5417e340e41818100871988f442063 Generic Malware AntiDebug AntiVM PE File .NET EXE PE32 Malware suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted unpack itself crashed	2 Keyword trend analysis	5		8.4		ZeroCERT

9321	2021-06-25 08:47	l90t.msi 33351949749d92f0c1fc87e7529e59d5 MSOffice File PE File PE32 suspicious privilege Check memory Checks debugger unpack itself Windows utilities AntiVM_Disk VM Disk Size Check Windows ComputerName				3.6		ZeroCERT

9322	2021-06-25 08:47	desktop.exe 132409e6519ff98e86740cdb6a353711 PWS .NET framework email stealer Generic Malware Admin Tool (Sysinternals etc ...) Malicious Library DNS Socket Escalate priviledges KeyLogger Code injection Downloader persistence AntiDebug AntiVM PE File .NET EXE PE32 PDB MachineGuid Code Injection Check memory Checks debugger buffers extracted WMI unpack itself Windows utilities suspicious process WriteConsoleW Windows ComputerName DNS Cryptographic key crashed		1		10.6		ZeroCERT

9323	2021-06-25 08:49	AuthenticationCode-3139821.doc 54b6d7cd8137b1d76ee21be9cf81a480 VBA_macro Antivirus MSOffice File Vulnerability Malware powershell suspicious privilege Malicious Traffic Check memory Checks debugger Creates shortcut Creates executable files unpack itself powershell.exe wrote Check virtual network interfaces suspicious process WriteConsoleW Windows ComputerName DNS Cryptographic key Downloader	2 Keyword trend analysis	6		10.0	M	ZeroCERT

9324	2021-06-25 08:49	Cons.exe b19420967dfc223658a907a58a59a563 PWS Loki[b] Loki[m] AsyncRAT backdoor .NET framework Ave Maria WARZONE RAT Generic Malware Antivirus DNS KeyLogger ScreenShot AntiDebug AntiVM PE File .NET EXE PE32 powershell suspicious privilege Check memory Checks debugger Creates shortcut unpack itself Windows utilities suspicious process WriteConsoleW Windows ComputerName Cryptographic key		1		6.0		ZeroCERT

9325	2021-06-25 08:53	CUTE3532.EXE d41ed89e802f03dd13dd93b68b1a2053 Emotet Gen1 Gen2 AntiDebug AntiVM PE File PE32 DLL GIF Format OS Processor Check MachineGuid Code Injection Check memory Checks debugger Creates shortcut Creates executable files unpack itself AppData folder AntiVM_Disk WriteConsoleW VM Disk Size Check installed browsers check Browser ComputerName				4.8		ZeroCERT

9326	2021-06-25 08:54	x2-uninstaller.exe 00bfa3c934764701b60c3ab6da2bb440 AsyncRAT backdoor Generic Malware PE File PE64 suspicious privilege MachineGuid Check memory Checks debugger unpack itself Windows utilities suspicious process WriteConsoleW Windows ComputerName				3.0		ZeroCERT

9327	2021-06-25 08:54	AuthenticationCode-3139821.doc 54b6d7cd8137b1d76ee21be9cf81a480 VBA_macro Antivirus MSOffice File Vulnerability Malware powershell suspicious privilege Malicious Traffic Check memory Checks debugger Creates shortcut Creates executable files unpack itself powershell.exe wrote Check virtual network interfaces suspicious process WriteConsoleW Windows ComputerName DNS Cryptographic key Downloader	2 Keyword trend analysis	5		10.0	M	ZeroCERT

9328	2021-06-25 08:55	sm.exe 53bf6d96ef2717b36e20b37a94890435 AsyncRAT backdoor PWS .NET framework Ave Maria WARZONE RAT Generic Malware Antivirus DGA DNS SMTP Socket Create Service Sniff Audio Escalate priviledges KeyLogger Code injection Internet API ScreenShot Downloader AntiDebug AntiVM PE File .NET EXE PE32 powershell suspicious privilege Code Injection Check memory Checks debugger buffers extracted Creates shortcut Creates executable files unpack itself suspicious process malicious URLs WriteConsoleW Windows ComputerName DNS Cryptographic key crashed keylogger		2		17.0		ZeroCERT

9329	2021-06-25 08:56	coevRM2v.exe 2e4f2c48b719e102842ddab792e229b8 PE File PE64 OS Processor Check unpack itself crashed				0.8		ZeroCERT

9330	2021-06-25 08:59	nvdia.exe 41bb874f7fcd9f510c2f732550ebc21e AsyncRAT backdoor PWS .NET framework Generic Malware Malicious Library PE File .NET EXE OS Processor Check PE32 Check memory Checks debugger unpack itself DNS				1.4		ZeroCERT