Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Rule	Score	Zero	VT	Player
9481	2021-06-29 13:58	https://iiieyehealth.com/fonts... c1e8bc30e17bc7cd06df15bba279d05e DGA DNS Socket Create Service Sniff Audio HTTP Escalate priviledges KeyLogger FTP Hijack Network Code injection Http API Internet API Steal credential ScreenShot Downloader P2P persistence AntiDebug AntiVM PNG Format MSOffice File JPEG Format VirusTotal Malware Code Injection RWX flags setting exploit crash unpack itself Windows utilities malicious URLs Tofsee Windows Exploit DNS crashed		2	2		4.8			ZeroCERT

9482	2021-06-29 14:21	1624810178_ConsoleApp14.exe 78ffbcb5604f64bcc771df787cc31144 Generic Malware Antivirus DNS Socket HTTP Code injection Http API Internet API ScreenShot Downloader AntiDebug AntiVM .NET EXE PE32 PE File powershell suspicious privilege Code Injection Check memory Checks debugger buffers extracted Creates shortcut unpack itself powershell.exe wrote suspicious process AppData folder Windows ComputerName Cryptographic key crashed					9.8			ZeroCERT

9483	2021-06-29 14:24	estudiante.exe 5aad89d35ec7e782a1efc68441f98bcc RAT PWS .NET framework Generic Malware Admin Tool (Sysinternals etc ...) .NET EXE PE32 PE File VirusTotal Malware PDB MachineGuid Check memory Checks debugger unpack itself DNS					3.4		54	ZeroCERT

9484	2021-06-29 18:00	vbc.exe 09a781424dc28340d0112c5e4f77ac3e PWS Loki[b] Loki[m] DNS Escalate priviledges ScreenShot AntiDebug AntiVM PE32 PE File DLL VirusTotal Malware Code Injection Check memory buffers extracted Creates executable files unpack itself AppData folder malicious URLs DNS					9.0		31	ZeroCERT

9485	2021-06-29 18:00	bobbyx.exe 809f5ef52ba6431e9b9f7e241aa28117 RAT Generic Malware UPX Antivirus SMTP KeyLogger AntiDebug AntiVM .NET EXE PE32 PE File Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware powershell suspicious privilege Code Injection Check memory Checks debugger buffers extracted Creates shortcut unpack itself Disables Windows Security powershell.exe wrote Check virtual network interfaces suspicious process WriteConsoleW Tofsee Windows Browser Email ComputerName DNS Cryptographic key Software crashed keylogger	2 Keyword trend analysis	2	3		15.2		17	ZeroCERT

9486	2021-06-29 18:02	kdotx.exe b4875742c65a0257bdbbc915a083d73f RAT Generic Malware UPX Antivirus SMTP KeyLogger AntiDebug AntiVM .NET EXE PE32 PE File Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware powershell suspicious privilege Code Injection Check memory Checks debugger buffers extracted Creates shortcut unpack itself Disables Windows Security powershell.exe wrote Check virtual network interfaces suspicious process WriteConsoleW Tofsee Windows Browser Email ComputerName DNS Cryptographic key Software crashed keylogger	2 Keyword trend analysis	2	3		15.2		17	ZeroCERT

9487	2021-06-29 18:02	RepIB.exe 37ddaa9df30fbfac88ef5cfaf07cb017 Process Kill CryptGenKey FindFirstVolume UPX OS Processor Check PE32 Device_File_Check PE File VirusTotal Malware Checks debugger unpack itself Tofsee Windows DNS	2 Keyword trend analysis	2	2	1	2.2	M	19	ZeroCERT

9488	2021-06-29 18:04	vbc.exe a4ae0e5abc9cac3a9957410ca9e1ee7b RAT Generic Malware Admin Tool (Sysinternals etc ...) Malicious Library SMTP KeyLogger AntiDebug AntiVM .NET EXE PE32 PE File VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself Windows ComputerName Cryptographic key crashed					9.0		26	ZeroCERT

9489	2021-06-29 18:04	scvhost.exe 660c335fba05fcad93cc95786e25d75a RAT PWS .NET framework Generic Malware .NET EXE PE32 PE File VirusTotal Malware Check memory Checks debugger unpack itself ComputerName DNS					2.8		11	ZeroCERT

9490	2021-06-29 18:06	2q22po.png 3052104aae0be113dda27e92ba77da55 VirusTotal Malware					0.8		21	ZeroCERT

9491	2021-06-29 18:07	wininit.exe 4e22ad2f93f96bc4490ded7fa02a2ee9 RAT PWS .NET framework Generic Malware .NET EXE PE32 PE File VirusTotal Malware Check memory Checks debugger unpack itself ComputerName DNS					3.0		20	ZeroCERT

9492	2021-06-29 18:08	1spga5.ico d24f9baab815c7a3ff7968d843e6d1b9 VirusTotal Malware					0.4		8	ZeroCERT

9493	2021-06-29 20:07	waads.bin 72e4f355907b6c91e6f8508d102bd896 Malicious Library PE32 PE File RWX flags setting unpack itself ComputerName DNS	2 Keyword trend analysis	1		2	2.6	M	59	guest

9494	2021-06-30 10:14	Protecteded.exe db77d643f56c5e832b3b67492debaedd AntiDebug AntiVM PE32 PE File Malware download NetWireRC VirusTotal Malware Buffer PE suspicious privilege Code Injection Check memory buffers extracted RWX flags setting unpack itself BitRAT Windows ComputerName Remote Code Execution DNS DDNS crashed keylogger		2	3		10.4		50	ZeroCERT

9495	2021-06-30 10:17	microD.exe 325a3a8efc176a27303e00597e138274 Generic Malware SMTP KeyLogger AntiDebug AntiVM .NET EXE PE32 PE File VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself Windows ComputerName DNS crashed		1			10.4		23	ZeroCERT