Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	Rule	Score	Zero	VT	Player
9406	2023-08-15 10:40	crypted.exe 97ec989085e99d2df0426b73620812b0 UPX Malicious Library Malicious Packer AntiDebug AntiVM OS Processor Check PE File PE32 VirusTotal Malware Code Injection Check memory buffers extracted unpack itself Collect installed applications sandbox evasion WriteConsoleW anti-virtualization installed browsers check Browser ComputerName DNS	1 Keyword trend analysis	1		10.4	M	52	ZeroCERT

9407	2023-08-15 10:39	EGK.vbs 6b1d1a7455742408ac22e8d243998296 Generic Malware Antivirus Hide_URL PowerShell VirusTotal Malware powershell suspicious privilege Check memory Checks debugger buffers extracted Creates shortcut unpack itself Windows utilities Check virtual network interfaces suspicious process WriteConsoleW Windows ComputerName Cryptographic key	3 Keyword trend analysis	3		8.8	M	2	ZeroCERT

9408	2023-08-15 10:36	ewrqqfaaa.exe 3798e6dae3df606799111b63bf54aad9 UPX Malicious Packer OS Processor Check PE File PE32 VirusTotal Malware Checks debugger Remote Code Execution				1.6	M	14	ZeroCERT

9409	2023-08-15 10:35	C1pNaIqyfDshEdy.exe c36113ac380951204651c549f3eab824 Formbook NSIS UPX Malicious Library ASPack PE File PE32 OS Processor Check DLL VirusTotal Malware suspicious privilege Malicious Traffic Check memory Creates executable files unpack itself AppData folder	4 Keyword trend analysis Info http://www.foreverenamored.com/s27k/?jPg8=K0JmOqXr9HCtj2qTWz3wm1ISclVIfppkL5EMoSSMyzeFhY/mEgvox6BxsSrLYXaYq3j87tFB&0rn=WHrpcFC0d - rule_id: 35578 http://www.recetasfaciles.online/s27k/?jPg8=IP+gCJr4i0UK4WoLUFibm9NvX6KUa6cqerNF0fRTUawEz/u35uLTKVzQ6VGTVmNLPMnAirAk&0rn=WHrpcFC0d http://www.amitravel.info/s27k/?jPg8=YmgXLomuRRyTNUFYOSs0S8Nfvo95Vs+Z6enyvD/2a16SVN4BDc3+Cwr4kMuk0uzccTKbOYcD&0rn=WHrpcFC0d http://www.blkfence.com/s27k/?jPg8=rkgaiCJU3/PxhQ34LZviyD3FUF4aIN30Rtnx7Sh2laJQr1EMwvmKNq6J82ijchkqGalg+gl9&0rn=WHrpcFC0d	8	1	4.6	M	40	ZeroCERT

9410	2023-08-15 10:33	chrme.exe 5b04c44af744f95bf670840cea457616 ASPack PE File PE32 VirusTotal Malware suspicious privilege sandbox evasion Browser ComputerName Remote Code Execution				3.6	M	23	ZeroCERT

9411	2023-08-14 17:36	PeriodicalConiform.exe 43bbed8db3d574acd479bb95fdaeb89f UPX Malicious Library OS Processor Check PE File PE32 VirusTotal Malware PDB				2.2	M	48	ZeroCERT

9412	2023-08-14 17:33	smss.exe 5e70d5ff581e40445e432f6ade284716 UPX Malicious Library OS Processor Check PE File PE32 VirusTotal Malware unpack itself Remote Code Execution				2.0	M	29	ZeroCERT

9413	2023-08-14 16:49	capetown.hta 60c5404627e66d12644251117cd52cbd Generic Malware Antivirus AntiDebug AntiVM PowerShell MSOffice File VirusTotal Malware powershell suspicious privilege MachineGuid Code Injection Check memory Checks debugger Creates shortcut exploit crash unpack itself Windows utilities powershell.exe wrote suspicious process WriteConsoleW Windows Exploit ComputerName DNS Cryptographic key crashed				9.2		16	ZeroCERT

9414	2023-08-14 16:16	us-en(DOWNLOAD).url 0dcc09dbbfc8d4bcc64ca2f0f253435f AntiDebug AntiVM VirusTotal Malware powershell suspicious privilege MachineGuid Code Injection Malicious Traffic Check memory Checks debugger Creates shortcut unpack itself Windows utilities powershell.exe wrote suspicious process Windows ComputerName DNS Cryptographic key	4 Keyword trend analysis	1		7.0	M	2	ZeroCERT

9415	2023-08-14 16:13	AnimalCrossing2.exe 629f8ea6367bc269bd13799d249d7b5c Generic Malware UPX Malicious Library Malicious Packer OS Processor Check PE64 PE File VirusTotal Malware PDB				0.8		2	ZeroCERT

9416	2023-08-14 16:13	ChromeSetup.exe a749181226fd23b67b6ec15300b97812 Formbook .NET framework(MSIL) AntiDebug AntiVM .NET EXE PE File PE32 VirusTotal Malware PDB suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted unpack itself Windows Cryptographic key	2 Keyword trend analysis Info http://www.dublinsroofer.com/my28/?tZU0=51zqh11ZnE0J95jzs/wGDEJtELzJg9P8LLhHidBFbDs0I39E36di5y94pzpzHyK8vzrJeU0w&Ult8E=GTgPPha8eTY4W8 - rule_id: 28398 http://www.gosudz.com/my28/?tZU0=qUtydObMUN7Fj4w9E1UvCsmRCbQjxNciMIpu4gfCqo7caq11JF3yTkSDU9EEaskz9ywKFjqa&Ult8E=GTgPPha8eTY4W8	5	1	8.4	M	23	ZeroCERT

9417	2023-08-14 16:10	deliver.exe 74f60e1108c9b787f688b9b6fdbc3834 Malicious Packer Anti_VM PE64 .NET EXE PE File VirusTotal Malware Check memory Checks debugger unpack itself				1.4		16	ZeroCERT

9418	2023-08-14 16:10	capetown.hta 60c5404627e66d12644251117cd52cbd VirusTotal Malware crashed	1 Keyword trend analysis			0.8		16	ZeroCERT

9419	2023-08-14 15:48	ENG-LOCAL.lnk bd025379416edb9bfc6836e390261cd7 Generic Malware Antivirus AntiDebug AntiVM GIF Format VirusTotal Malware powershell suspicious privilege Code Injection Check memory Checks debugger Creates shortcut unpack itself powershell.exe wrote suspicious process WriteConsoleW Windows ComputerName Cryptographic key	1 Keyword trend analysis			4.8		14	ZeroCERT

9420	2023-08-14 10:22	qd.CHM fbb2bf38067cca4ba0f7a2dc3edfcdc8 AntiDebug AntiVM CHM Format VirusTotal Malware MachineGuid Code Injection Check memory				2.2		21	ZeroCERT