Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	Score	Zero	VT	Player
9331	2023-08-12 19:13	doudian8574.exe 11746e92a679b202ffc31a9397db030f Malicious Library UPX PE64 PE File CHM Format OS Processor Check DLL VirusTotal Malware MachineGuid Creates executable files unpack itself Browser DNS	6 Keyword trend analysis Info https://2023816.oss-cn-hangzhou.aliyuncs.com/qd.CHM https://2023816.oss-cn-hangzhou.aliyuncs.com/md.exe https://yts2023811.oss-cn-hangzhou.aliyuncs.com/3.bin https://2023816.oss-cn-hangzhou.aliyuncs.com/hrsgdsb8574wknzms.jpg https://2023815.oss-cn-hangzhou.aliyuncs.com/UnityPlayer.dll https://2023815.oss-cn-hangzhou.aliyuncs.com/ttd.exe	6	5.4	M	28	ZeroCERT

9332	2023-08-12 19:12	isbinzx.exe d60926cbe4de77584ee8e5f7b8268909 Malicious Library PE64 PE File VirusTotal Malware MachineGuid Check memory Checks debugger unpack itself Windows Cryptographic key			2.6	M	32	ZeroCERT

9333	2023-08-12 19:09	YV8xEFq6858Firy.exe ba2b37ae83f07749c8ae0287d5344c90 Emotet Gen1 Hide_EXE PhysicalDrive Generic Malware NSIS .NET framework(MSIL) Downloader UPX Malicious Library Malicious Packer Admin Tool (Sysinternals etc ...) ASPack Antivirus ScreenShot KeyLogger Javascript_Blob Anti_VM AntiDebug AntiVM .NET EXE PE Fil Browser Info Stealer VirusTotal Malware AutoRuns PDB suspicious privilege Code Injection Check memory Checks debugger buffers extracted Creates executable files unpack itself AppData folder installed browsers check Windows Browser			9.8	M	29	ZeroCERT

9334	2023-08-12 19:02	smss.exe 9ae4842303e0ad115bdd254913a4bb21 Emotet HermeticWiper Gen1 Hide_EXE Generic Malware NSIS .NET framework(MSIL) UPX Malicious Library Admin Tool (Sysinternals etc ...) Malicious Packer Downloader ASPack PWS ScreenShot KeyLogger Anti_VM AntiDebug AntiVM .NET EXE PE File PE32 OS Processor Ch VirusTotal Malware AutoRuns PDB suspicious privilege Code Injection Check memory Checks debugger buffers extracted Creates executable files unpack itself AppData folder installed browsers check Windows Browser ComputerName			10.4	M	38	ZeroCERT

9335	2023-08-12 19:02	clip64.dll 4c1e14380f4ba4aa5018e1dc7705b987 Amadey UPX Malicious Library Admin Tool (Sysinternals etc ...) OS Processor Check DLL PE File PE32 PDB Checks debugger unpack itself			0.8	M		ZeroCERT

9336	2023-08-12 19:00	clip64.dll 5bc0153d2973241b72a38c51a2f72116 Amadey UPX Malicious Library Admin Tool (Sysinternals etc ...) OS Processor Check DLL PE File PE32 PDB Checks debugger unpack itself			0.8	M		ZeroCERT

9337	2023-08-12 18:58	djdffvj.exe 6a7b4e0786929ef29e6fe1c8ff75755a UPX Malicious Library OS Processor Check PE File PE32 VirusTotal Malware PDB			2.2	M	41	ZeroCERT

9338	2023-08-12 18:57	photo551.exe 16ca62cfbd303242d39ccc6084c1e6f7 Gen1 Emotet UPX Malicious Library CAB PE File PE32 AutoRuns PDB suspicious privilege Check memory Checks debugger Creates executable files unpack itself Windows utilities Disables Windows Security suspicious process AntiVM_Disk WriteConsoleW VM Disk Size Check Windows Update Remote Code Execution			7.0	M		ZeroCERT

9339	2023-08-12 18:56	2222222.exe 4ce7297247872bc04141ffb84d1220d0 Generic Malware Antivirus .NET EXE PE File PE32 VirusTotal Malware powershell Buffer PE suspicious privilege Code Injection Check memory Checks debugger buffers extracted Creates shortcut unpack itself powershell.exe wrote suspicious process Windows ComputerName Cryptographic key crashed			9.6	M	36	ZeroCERT

9340	2023-08-12 18:56	11111.exe 71f5c9fd9164173cb2bcbff0b14087ba Client SW User Data Stealer Backdoor RemcosRAT browser info stealer Generic Malware Google Chrome User Data Downloader Antivirus Create Service Socket Escalate priviledges PWS Sniff Audio DNS ScreenShot Internet API KeyLogger AntiDebug AntiVM .NET EXE PE VirusTotal Malware powershell Buffer PE suspicious privilege Code Injection Check memory Checks debugger buffers extracted Creates shortcut unpack itself suspicious process malicious URLs Windows ComputerName DNS Cryptographic key DDNS crashed keylogger		2	13.8	M	48	ZeroCERT

9341	2023-08-12 18:54	ikmerozx.exe e93d755480c85eed3031653a3ed477c9 .NET framework(MSIL) PE64 .NET EXE PE File VirusTotal Malware Check memory Checks debugger unpack itself			2.2	M	33	ZeroCERT

9342	2023-08-12 18:54	file.exe d5fbc84f128e2f19c3ec80b201475c3a UPX Malicious Library OS Processor Check PE File PE32 VirusTotal Malware PDB Remote Code Execution			2.2	M	32	ZeroCERT

9343	2023-08-12 18:52	cred64.dll 18cd6fceb5601ba45c40b33d28a87f92 Browser Login Data Stealer UPX Malicious Library OS Processor Check DLL PE64 PE File VirusTotal Malware PDB Checks debugger installed browsers check Browser ComputerName crashed			2.4	M	43	ZeroCERT

9344	2023-08-12 18:52	file.exe 3d6110a0f3f8ae7db70afe657b2e9369 UPX Malicious Library OS Processor Check PE File PE32 VirusTotal Malware PDB Remote Code Execution			2.2	M	35	ZeroCERT

9345	2023-08-12 18:42	bld-upd-stbl.lnk 9490cee7073ee4f47dcb8caadfc1817d Generic Malware Antivirus AntiDebug AntiVM GIF Format VirusTotal Malware powershell suspicious privilege Code Injection Check memory Checks debugger Creates shortcut unpack itself powershell.exe wrote suspicious process WriteConsoleW Windows ComputerName Cryptographic key	1 Keyword trend analysis		4.8		13	ZeroCERT