Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	Rule	Score	Zero	VT	Player
9496	2023-08-14 07:41	build666.exe 328064b232879fe34864e9c6d88608ed Vidar UPX Malicious Library Anti_VM OS Processor Check PE File PE32 Malware MachineGuid Malicious Traffic Creates executable files unpack itself ComputerName DNS crashed	4 Keyword trend analysis	5	1	3.4	M		ZeroCERT

9497	2023-08-14 07:38	kaman.exe ca500bce560719b0cd2cfbe3716028d3 UPX Malicious Library AntiDebug AntiVM OS Processor Check PE File PE32 DLL PDB Code Injection Checks debugger Creates executable files unpack itself AppData folder Remote Code Execution				3.4			ZeroCERT

9498	2023-08-14 02:25	usbkdp adf713f2c1eb97a952412457c4eb310d AntiDebug AntiVM Email Client Info Stealer Code Injection Check memory Checks debugger unpack itself installed browsers check Browser Email				3.2			guest

9499	2023-08-14 02:10	ssh-keygen.txt 7ce66b739995fd30cec1a25636f2579a ScreenShot AntiDebug AntiVM Check memory unpack itself				1.0			guest

9500	2023-08-12 19:18	ikmerozx.doc 75bd1384535d144dac3817b457526119 MS_RTF_Obfuscation_Objects RTF File doc VirusTotal Malware Malicious Traffic exploit crash unpack itself Exploit DNS crashed	1 Keyword trend analysis	1		4.4	M	29	ZeroCERT

9501	2023-08-12 19:16	31839b57a4f11171d6abc8bbc4451e... b2e91cdd0e1c97efec540f2f60472d94 UPX Malicious Library OS Processor Check PE File PE32 VirusTotal Malware PDB				2.0	M	39	ZeroCERT

9502	2023-08-12 19:15	oncestatistic.exe 7f84503a1a12b3edb0da052aad05e49c Gen1 Emotet Malicious Library .NET framework(MSIL) CAB PE64 PE File .NET EXE PE32 VirusTotal Malware AutoRuns PDB Check memory Checks debugger Creates executable files unpack itself Check virtual network interfaces AppData folder Windows Remote Code Execution DNS		2		6.2	M	33	ZeroCERT

9503	2023-08-12 19:14	toolspub2.exe a76e515e1150c903070a1eb1b2d216c0 UPX Malicious Library AntiDebug AntiVM OS Processor Check PE File PE32 VirusTotal Malware PDB				3.0	M	36	ZeroCERT

9504	2023-08-12 19:13	doudian8574.exe 11746e92a679b202ffc31a9397db030f Malicious Library UPX PE64 PE File CHM Format OS Processor Check DLL VirusTotal Malware MachineGuid Creates executable files unpack itself Browser DNS	6 Keyword trend analysis Info https://2023816.oss-cn-hangzhou.aliyuncs.com/qd.CHM https://2023816.oss-cn-hangzhou.aliyuncs.com/md.exe https://yts2023811.oss-cn-hangzhou.aliyuncs.com/3.bin https://2023816.oss-cn-hangzhou.aliyuncs.com/hrsgdsb8574wknzms.jpg https://2023815.oss-cn-hangzhou.aliyuncs.com/UnityPlayer.dll https://2023815.oss-cn-hangzhou.aliyuncs.com/ttd.exe	6		5.4	M	28	ZeroCERT

9505	2023-08-12 19:12	isbinzx.exe d60926cbe4de77584ee8e5f7b8268909 Malicious Library PE64 PE File VirusTotal Malware MachineGuid Check memory Checks debugger unpack itself Windows Cryptographic key				2.6	M	32	ZeroCERT

9506	2023-08-12 19:09	YV8xEFq6858Firy.exe ba2b37ae83f07749c8ae0287d5344c90 Emotet Gen1 Hide_EXE PhysicalDrive Generic Malware NSIS .NET framework(MSIL) Downloader UPX Malicious Library Malicious Packer Admin Tool (Sysinternals etc ...) ASPack Antivirus ScreenShot KeyLogger Javascript_Blob Anti_VM AntiDebug AntiVM .NET EXE PE Fil Browser Info Stealer VirusTotal Malware AutoRuns PDB suspicious privilege Code Injection Check memory Checks debugger buffers extracted Creates executable files unpack itself AppData folder installed browsers check Windows Browser				9.8	M	29	ZeroCERT

9507	2023-08-12 19:02	smss.exe 9ae4842303e0ad115bdd254913a4bb21 Emotet HermeticWiper Gen1 Hide_EXE Generic Malware NSIS .NET framework(MSIL) UPX Malicious Library Admin Tool (Sysinternals etc ...) Malicious Packer Downloader ASPack PWS ScreenShot KeyLogger Anti_VM AntiDebug AntiVM .NET EXE PE File PE32 OS Processor Ch VirusTotal Malware AutoRuns PDB suspicious privilege Code Injection Check memory Checks debugger buffers extracted Creates executable files unpack itself AppData folder installed browsers check Windows Browser ComputerName				10.4	M	38	ZeroCERT

9508	2023-08-12 19:02	clip64.dll 4c1e14380f4ba4aa5018e1dc7705b987 Amadey UPX Malicious Library Admin Tool (Sysinternals etc ...) OS Processor Check DLL PE File PE32 PDB Checks debugger unpack itself				0.8	M		ZeroCERT

9509	2023-08-12 19:00	clip64.dll 5bc0153d2973241b72a38c51a2f72116 Amadey UPX Malicious Library Admin Tool (Sysinternals etc ...) OS Processor Check DLL PE File PE32 PDB Checks debugger unpack itself				0.8	M		ZeroCERT

9510	2023-08-12 18:58	djdffvj.exe 6a7b4e0786929ef29e6fe1c8ff75755a UPX Malicious Library OS Processor Check PE File PE32 VirusTotal Malware PDB				2.2	M	41	ZeroCERT