Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Score	Zero	VT	Player
9706	2021-07-06 10:40	ocsp_comodoca_com 4842e206e4cfff2954901467ad54169e AntiDebug AntiVM Email Client Info Stealer Code Injection Check memory Checks debugger unpack itself Browser Email				3.0			Kim.GS

9707	2021-07-06 15:13	G1638.exe 04b9f5df2e34ac08f7226100dfc87497 PWS .NET framework RAT Generic Malware Admin Tool (Sysinternals etc ...) PE File .NET EXE PE32 VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger unpack itself Windows Cryptographic key				5.4		39	Kim.GS

9708	2021-07-06 15:26	MsMpEng.exe 8cc83221870dd07144e63df594c391d9 Antivirus PE File PE32 PDB				0.2			r0d

9709	2021-07-06 15:28	mpsvc.dll a47cf00aedf769d60d58bfe00c0b5421 PE File DLL OS Processor Check PE32				0.4		51	r0d

9710	2021-07-06 15:30	MsMpEng.exe 8cc83221870dd07144e63df594c391d9 BitCoin Antivirus Code injection IRC persistence DGA DNS Socket Create Service Sniff Audio HTTP Escalate priviledges KeyLogger FTP Http API Internet API Steal credential ScreenShot Downloader P2P AntiDebug AntiVM PE File PE32 PDB unpack itself Windows utilities malicious URLs AntiVM_Disk sandbox evasion WriteConsoleW Firewall state off VM Disk Size Check Ransomware Windows Tor ComputerName DNS crashed				11.0			guest

9711	2021-07-06 15:48	mod.jpg bf32d6d01a0dd6802045e154b481175e VirusTotal Malware				1.0	M	30	ZeroCERT

9712	2021-07-06 15:53	CHLbrowser.exe 5574293bc53a6d755fb587f4df812d99 RAT BitCoin Generic Malware AntiDebug AntiVM PE File .NET EXE PE32 Browser Info Stealer VirusTotal Malware suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted unpack itself Collect installed applications Check virtual network interfaces installed browsers check Tofsee Windows Browser ComputerName Cryptographic key crashed	2 Keyword trend analysis	4	2	11.8	M	36	ZeroCERT

9713	2021-07-06 15:58	OLKbrowser.exe 424ce6df3e42cc5ff59d6e13baa138e9 RAT BitCoin Generic Malware AntiDebug AntiVM PE File .NET EXE PE32 MSOffice File Browser Info Stealer VirusTotal Malware suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted RWX flags setting unpack itself Windows utilities Collect installed applications Check virtual network interfaces IP Check installed browsers check Tofsee Windows Browser ComputerName Cryptographic key crashed	5 Keyword trend analysis	12	2	12.2	M	41	ZeroCERT

9714	2021-07-06 15:58	father.jpg a06f97d208b2dce7f5373538d840fe4f OS Processor Check VirusTotal Malware				0.8		28	ZeroCERT

9715	2021-07-06 16:51	G1638.exe 04b9f5df2e34ac08f7226100dfc87497 PWS .NET framework RAT Generic Malware Admin Tool (Sysinternals etc ...) AntiDebug AntiVM PE File .NET EXE PE32 VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself malicious URLs Windows Cryptographic key				8.0		39	r0d

9716	2021-07-06 16:54	recipt.exe 6c50a6be6da2f2cd9d5b47ec5d69bcc5 PWS .NET framework RAT Generic Malware Admin Tool (Sysinternals etc ...) PE File .NET EXE PE32 Check memory Checks debugger unpack itself				1.2			r0d

9717	2021-07-06 17:59	sample20210706-01.xlsm 40253c4885c52237755e64dc8ca6e423 VBA_macro VirusTotal Malware unpack itself DNS				2.2		9	ZeroCERT

9718	2021-07-06 18:01	60e40fb428612.dll c6bfea479b46b9eb7a69667e0165179f Generic Malware PE File DLL OS Processor Check PE32 VirusTotal Malware PDB unpack itself Tofsee ComputerName crashed	10 Keyword trend analysis Info http://vuredosite.club/grower/tGpatr1IrHVle34MNp_2BwV/BiQncvOCpX/SzgNxHn40ykWRA74M/9WAEuffVHZa1/zmdjfq3GOBC/WrV59k1EKiwPVD/_2B0KCK2JXuSY6lNUqyYK/8_2BqrTPxHaEJ2mo/ucom_2Br8Luache/KZ_2BqyzD72aPqTj2H/Uf1VfcvQM/SbX9eKEQ_2Fne8rlKJhI/cJvEd2AOUMwjRYi4Hwf/_2FyptuW1Np4j_2Bce7JnS/3wn.grow http://auredosite.club/grower/Rra3zlxR7zMWiivWxnvk03/RkV2y9lC_2Bd0/XhNZR8GP/NJZVBBkxMjnjHaCoFOLD1w4/zTfWnbRB6B/8kkiNzbsBgc1INuUM/Uxy_2B_2FM0q/NnEgFt_2B4F/soJn03X60ILS62/2V5OIf_2F_2FLtQpHnrLx/uA_2F4dcNfzkof4b/ADxxOMhs_2Fa50N/IXVPXT743Pv7qUWt9b/b9_2Fjn8T/e.grow http://outlook.com/grower/NGPFCrhlBzT/Jw2TiZi8iifvHo/rqSgG8jqn5QV3VOmrr1nI/_2FsUJsnAdRfYdR7/qLe_2F84lRZZn_2/BmPGdVwBnqQV7OEuXq/xyFIrCvnL/UMwmL0GmidmrTmLNFNcd/P2DKY8iz6cow0mbx_2F/sbJGtbbd_2BGwyI_2Bxw0S/we1LziCYkQ0Cx/_2F0rJ9S/F5wpSAIpNSNFFpRxGE86IR5/pGNpT_2B/dhwihB9uUdXC/0.grow http://auredosite.club/grower/t8AjypHnwO6h71YmbjXGTpx/ej_2B_2F6d/Jdn3yxfUvYN4tijpi/YnqB9ivIS_2F/0p6hTDq2gSB/ZkzTd4Bjgg_2FT/LVJMloJMj2t23Q6E1Typz/o0Doo9aGJccGgJi8/7CHSvWKDHjDG_2B/KvBE_2Fvlc0EgipWY3/UnADWVp5Q/rWwJlVapqZTijZgllzvy/6g9SE1MMzW4S6DRKOkZ/RX6rh1iyxycRcN43/I5V2I.grow http://outlook.com/grower/HifhyQ_2FFA_/2BrB_2FLHP8/6XtvMolaVkbxNG/M87QW6j_2FP_2BvYHNtwk/wfNbuE8KybHLWY5O/SVLd6tAjqwt4I3O/CmoDOXGju5EqxmqADg/SZkchW1YF/eCs7OitMTPagVSYN1ln9/udSEMdxezj42VmEKleq/cmc_2BUQ6tbT7wSAKbXwcE/jF1hnY59qkPpk/JIwZneIZ/DEUHT_2BkDBM9BJJm199Iwa/FkE5uE0.grow http://outlook.com/grower/LbPHPEF4_/2BZMDYmlyUUAIwzdjYlF/IsCiLt23gG2XX0dR8Mg/QIW4lE_2FuyJABPJiQy2_2/BxIjtj_2BJJr_/2BKFSEPm/uM39a7A3gSMfSIZBzC4TJ02/LsKoFEhJ1f/JG7niGi3Pi5y50kbt/gOVmuchXk4qS/sIRcFDw1CZ2/NDEIwheRVvw8JO/MALZOuQCTneqoYkZaMTB7/P_2BRCYmPsNzvA78/UvNGHNdu/PCN.grow http://vuredosite.club/grower/Chfj9hsaDeXs0R/tFsvi_2By9SJewZBpb0ho/e1dMX20jG3CmCVzn/FB3nLwD9e_2BwoA/mC23TtygtmeXn6ZnoJ/_2B4pSfOj/uWXg_2BqYVGC70EyI6VK/Gtsy3x20uUh2oNCMAM_/2BTMM2tKkjS5vFoYlfoTSc/5w4YbRyEZnClB/dc4ckOkR/Jgwj3c91k_2Bt19eFIlYxx8/BB8Nu5Kfv1/g8FSzUzsfW5/OgCiahi.grow https://outlook.office365.com/grower/NGPFCrhlBzT/Jw2TiZi8iifvHo/rqSgG8jqn5QV3VOmrr1nI/_2FsUJsnAdRfYdR7/qLe_2F84lRZZn_2/BmPGdVwBnqQV7OEuXq/xyFIrCvnL/UMwmL0GmidmrTmLNFNcd/P2DKY8iz6cow0mbx_2F/sbJGtbbd_2BGwyI_2Bxw0S/we1LziCYkQ0Cx/_2F0rJ9S/F5wpSAIpNSNFFpRxGE86IR5/pGNpT_2B/dhwihB9uUdXC/0.grow https://outlook.office365.com/grower/HifhyQ_2FFA_/2BrB_2FLHP8/6XtvMolaVkbxNG/M87QW6j_2FP_2BvYHNtwk/wfNbuE8KybHLWY5O/SVLd6tAjqwt4I3O/CmoDOXGju5EqxmqADg/SZkchW1YF/eCs7OitMTPagVSYN1ln9/udSEMdxezj42VmEKleq/cmc_2BUQ6tbT7wSAKbXwcE/jF1hnY59qkPpk/JIwZneIZ/DEUHT_2BkDBM9BJJm199Iwa/FkE5uE0.grow https://outlook.office365.com/grower/LbPHPEF4_/2BZMDYmlyUUAIwzdjYlF/IsCiLt23gG2XX0dR8Mg/QIW4lE_2FuyJABPJiQy2_2/BxIjtj_2BJJr_/2BKFSEPm/uM39a7A3gSMfSIZBzC4TJ02/LsKoFEhJ1f/JG7niGi3Pi5y50kbt/gOVmuchXk4qS/sIRcFDw1CZ2/NDEIwheRVvw8JO/MALZOuQCTneqoYkZaMTB7/P_2BRCYmPsNzvA78/UvNGHNdu/PCN.grow	14	1	2.2		7	ZeroCERT

9719	2021-07-07 07:36	klinch.exe 9a2e1bb9ad6f1ccfeaa4c2c55637ae3b Emotet UPX PE File PE32 VirusTotal Malware Malicious Traffic DNS	1 Keyword trend analysis	1		3.0		30	ZeroCERT

9720	2021-07-07 07:45	azz.exe 00001effb01cec7a867b5ccae0325fe1 PWS .NET framework RAT Generic Malware Admin Tool (Sysinternals etc ...) PE File .NET EXE PE32 VirusTotal Malware Check memory Checks debugger unpack itself				1.8		17	ZeroCERT