Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Rule	Score	Zero	VT	Player
9646	2023-08-08 18:52	file.exe a1e9bdbabd0a6e1065ad0c87c56d1300 UPX Malicious Library OS Processor Check PE File PE32 VirusTotal Malware unpack itself					1.6	M	25	ZeroCERT

9647	2023-08-08 18:50	smss.exe 0945e91513b403d503ec58b7e52f9451 LokiBot Socket PWS DNS AntiDebug AntiVM .NET EXE PE File PE32 Browser Info Stealer LokiBot Malware download FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware c&c PDB suspicious privilege MachineGuid Code Injection Malicious Traffic Check memory Checks debugger buffers extracted unpack itself malicious URLs installed browsers check Browser Email ComputerName DNS Software	1 Keyword trend analysis	1	7 Info ET MALWARE LokiBot User-Agent (Charon/Inferno) ET MALWARE LokiBot Checkin ET MALWARE LokiBot Request for C2 Commands Detected M1 ET MALWARE LokiBot Request for C2 Commands Detected M2 ET MALWARE LokiBot Application/Credential Data Exfiltration Detected M1 ET MALWARE LokiBot Application/Credential Data Exfiltration Detected M2 ET MALWARE LokiBot Fake 404 Response		14.0	M	21	ZeroCERT

9648	2023-08-08 18:50	smss.exe e923ec2b220878f6f9f80ce6efbf9166 UPX Malicious Library OS Processor Check PE File PE32 VirusTotal Malware unpack itself					1.6	M	25	ZeroCERT

9649	2023-08-08 18:48	ntoskrnl.exe aad4399dbd35d6aa67335c724fcf91c9 UPX .NET framework(MSIL) Malicious Library OS Processor Check .NET EXE PE File PE32 VirusTotal Malware Check memory Checks debugger unpack itself					2.0	M	45	ZeroCERT

9650	2023-08-08 18:48	Tuwio.exe 4abf4307d3c34c700ba5f3bfcc9d8fbe PE64 PE File VirusTotal Malware suspicious privilege MachineGuid Check memory Checks debugger unpack itself Windows ComputerName Cryptographic key					3.4	M	46	ZeroCERT

9651	2023-08-08 18:47	Alligator_Gamers.exe 5c3d28d428bb30d59eb8ff498540a5d8 Gen1 UPX Malicious Library Malicious Packer OS Processor Check PE File PE32 DLL Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware Cryptocurrency wallets Cryptocurrency Telegram MachineGuid Malicious Traffic Check memory WMI Creates executable files unpack itself Collect installed applications sandbox evasion anti-virtualization installed browsers check Tofsee Browser Email ComputerName DNS Software	5 Keyword trend analysis	5	4		11.0		43	ZeroCERT

9652	2023-08-08 18:46	isuhgb.exe 0ccc74c374d8c7ce89bce94b6134090d task schedule UPX WinRAR Malicious Library AntiDebug AntiVM OS Processor Check PE File PE32 .NET EXE PDB suspicious privilege Code Injection Check memory Checks debugger buffers extracted Creates executable files unpack itself AppData folder WriteConsoleW Remote Code Execution crashed					7.6			ZeroCERT

9653	2023-08-08 18:44	test.exe 65c06c0404ce69f08491b0f868e0b635 AsyncRAT task schedule Downloader UPX .NET framework(MSIL) Malicious Library Malicious Packer Create Service Socket P2P DGA Steal credential Http API Escalate priviledges PWS Sniff Audio HTTP DNS ScreenShot Code injection Internet API FTP KeyLogger AntiDe VirusTotal Malware AutoRuns Code Injection Windows utilities suspicious process AppData folder WriteConsoleW Windows ComputerName					4.8	M	48	ZeroCERT

9654	2023-08-08 18:43	loki.exe 3cf88d419652e5fc43ec8983fa501618 Malicious Library PE File PE32 VirusTotal Malware PDB					2.0	M	34	ZeroCERT

9655	2023-08-08 18:43	UpdateSvc.exe 089428711dddec20eabf7732eea8fb8d Generic Malware .NET framework(MSIL) Antivirus .NET EXE PE File PE32 VirusTotal Malware suspicious privilege Check memory Checks debugger unpack itself WriteConsoleW Ransomware Windows ComputerName					5.4	M	35	ZeroCERT

9656	2023-08-08 18:43	ark.exe 57c8002e35b846998d5543c6d45b0422 .NET framework(MSIL) Admin Tool (Sysinternals etc ...) .NET EXE PE File PE32 VirusTotal Malware PDB Check memory Checks debugger unpack itself Windows ComputerName Cryptographic key crashed					3.2	M	19	ZeroCERT

9657	2023-08-08 18:42	RFQ-EUF5089.exe fcb4a32e656f4aa3d890f85d902835b8 PWS KeyLogger AntiDebug AntiVM .NET EXE PE File PE32 Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware Telegram PDB suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself Check virtual network interfaces IP Check Tofsee Windows Browser Email ComputerName DNS Software crashed keylogger		4	4		11.4	M	25	ZeroCERT

9658	2023-08-08 18:40	my.exe 19122289de675e7d76857845c98da6db UPX Malicious Library MZP Format PE File PE32 Browser Info Stealer Malware download VirusTotal Malware Cryptocurrency wallets Cryptocurrency Malicious Traffic Check memory buffers extracted unpack itself Collect installed applications sandbox evasion installed browsers check Ransomware Lumma Stealer Browser ComputerName Remote Code Execution Firmware	3 Keyword trend analysis	2	1	3	8.4	M	20	ZeroCERT

9659	2023-08-08 09:30	Avast.exe 7735f97175abb2da0cfce029d211dc66 PE64 PE File Malware download Amadey VirusTotal Malware Malicious Traffic unpack itself DNS	1 Keyword trend analysis	4	2		3.8	M	46	ZeroCERT

9660	2023-08-08 09:23	DigitalPulse.exe f0ba8b6ab407e8c0c70f78d5f7cf14a1 Generic Malware UPX Malicious Library OS Processor Check MZP Format PE File PE32 PE64 VirusTotal Malware Checks debugger unpack itself AppData folder					2.0	M	6	ZeroCERT