Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Score	Zero	VT	Player
9721	2023-08-07 08:30	ucejekudcp.exe 2ddbd7e7fdf9bf2edfa375ad6fe2f6f5 UPX Malicious Library AntiDebug AntiVM OS Processor Check PE File PE32 Browser Info Stealer RedLine Malware download FTP Client Info Stealer VirusTotal Malware Microsoft Buffer PE suspicious privilege Code Injection Check memory Checks debugger buffers extracted WMI unpack itself Collect installed applications WriteConsoleW installed browsers check Stealer Windows Browser ComputerName DNS Cryptographic key Software crashed		1	4	12.2	M	50	ZeroCERT

9722	2023-08-07 08:28	ChromeSetup.exe 69f3b318bf7fa0a4d5a94618b1a07db8 .NET framework(MSIL) PWS AntiDebug AntiVM .NET EXE PE File PE32 VirusTotal Malware PDB suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted unpack itself	4 Keyword trend analysis Info http://www.sqlite.org/2019/sqlite-dll-win32-x86-3270000.zip http://www.eturnum.org/et9t/ http://www.sqlite.org/2022/sqlite-dll-win32-x86-3370000.zip http://www.eturnum.org/et9t/?buYdHW=oGB2a62R5hQvo2E9fBkXawOuNKj3Dek6/gk22RSM/jZ849uvwjkHsue2s///UvCqJC6xkWcBqYeWgpc71Q83w80Z1Wi48i4g+hNU7Ic=&jR7x=BLqKfLcQ	6		10.0		46	ZeroCERT

9723	2023-08-07 08:28	latestX.exe bae29e49e8190bfbbf0d77ffab8de59d PE64 PE File VirusTotal Cryptocurrency Miner Malware DNS CoinMiner		5	2	1.6		40	ZeroCERT

9724	2023-08-06 07:24	aa670da169b46589a33e56c43e82c0... 65161d2c495f0eb5d9db9ee7934f81bd							guest

9725	2023-08-06 06:44	2.exe 294fab1523dc3b50cbcc120e67946a5b UPX Malicious Library OS Processor Check PE File PE32 VirusTotal Malware DNS		1		3.4	M	56	guest

9726	2023-08-04 20:38	WinDivert64.rar 9527bbd9b2a3a9865b5f52586a02b958 AntiDebug AntiVM Email Client Info Stealer suspicious privilege Checks debugger Creates shortcut unpack itself installed browsers check Browser Email ComputerName				3.4			guest

9727	2023-08-04 10:27	stell.exe 9e9d3ca2bb0dca4602f6230c63af9885 UPX Malicious Library Malicious Packer OS Processor Check PE64 PE File Browser Info Stealer VirusTotal Email Client Info Stealer Malware Cryptocurrency wallets Cryptocurrency Check memory Checks debugger buffers extracted Creates shortcut unpack itself IP Check installed browsers check Tofsee Ransomware Browser Email ComputerName Trojan Banking DNS		3	3	10.8		27	ZeroCERT

9728	2023-08-04 10:25	buildntai1.exe df0c22316b7b50ee84b60b201fb837ae Gen1 UPX Malicious Library Malicious Packer Anti_VM OS Processor Check PE File PE32 DLL Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware Cryptocurrency wallets Cryptocurrency Telegram MachineGuid Malicious Traffic Check memory WMI Creates executable files unpack itself Collect installed applications sandbox evasion anti-virtualization installed browsers check Tofsee Browser Email ComputerName DNS Software	5 Keyword trend analysis	5	4	10.6	M	58	ZeroCERT

9729	2023-08-04 10:25	clip64.dll 43762ddccb9db44ea9914e448ba3e43e Amadey UPX Admin Tool (Sysinternals etc ...) Malicious Library OS Processor Check DLL PE File PE32 VirusTotal Malware PDB Checks debugger unpack itself				2.0	M	55	ZeroCERT

9730	2023-08-04 10:25	ifpx.exe 892f809cc55547c77cb06de196283340 Malicious Library PE File PE32 VirusTotal Malware PDB Remote Code Execution				2.2	M	30	ZeroCERT

9731	2023-08-04 10:23	srg64.dll 85f8ed9c9f364b28d64e94075896df07 Malicious Library VMProtect DLL PE64 PE File VirusTotal Malware Checks debugger unpack itself DNS		1		3.8		14	ZeroCERT

9732	2023-08-04 10:21	1.exe bb8b0862c3c8ac468a57d9ae32f873f2 UPX Malicious Library OS Processor Check PE File PE32 Browser Info Stealer RedLine Malware download FTP Client Info Stealer VirusTotal Malware Microsoft suspicious privilege Check memory Checks debugger buffers extracted WMI unpack itself Collect installed applications installed browsers check Stealer Windows Browser ComputerName DNS Cryptographic key Software crashed		1	4	7.2	M	20	ZeroCERT

9733	2023-08-04 10:20	77.exe 43a466ea26d18d125bf8af925bb617b7 Malicious Library PE File PE32 VirusTotal Malware PDB Remote Code Execution				2.2	M	32	ZeroCERT

9734	2023-08-04 09:24	lgarsx.pdf 466d18edebd09e5e05d36a6d15d27375 PDF ZIP Format Windows utilities Windows DNS	5 Keyword trend analysis Info http://acroipm2.adobe.com/20/rdr/ENU/win/nooem/none/consumer/277_20_6_20042.zip http://acroipm2.adobe.com/20/rdr/ENU/win/nooem/none/consumer/280_20_6_20042.zip http://acroipm2.adobe.com/20/rdr/ENU/win/nooem/none/consumer/message.zip http://acroipm2.adobe.com/20/rdr/ENU/win/nooem/none/consumer/281_20_6_20042.zip http://acroipm2.adobe.com/20/rdr/ENU/win/nooem/none/consumer/278_20_6_20042.zip	1		2.0	M		ZeroCERT

9735	2023-08-04 09:21	ChromeSetup.exe 690bca3a7bc4f216912a93d45a8fc99c AgentTesla Generic Malware .NET framework(MSIL) Antivirus SMTP KeyLogger AntiDebug AntiVM .NET EXE PE File PE32 Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware AutoRuns PDB suspicious privilege Code Injection Check memory Checks debugger buffers extracted Creates shortcut unpack itself Windows utilities Check virtual network interfaces suspicious process WriteConsoleW IP Check Tofsee Windows Browser Email ComputerName DNS Cryptographic key Software crashed		3	2	15.4	M	30	ZeroCERT