Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Rule	Score	Zero	VT	Player
9736	2021-07-07 10:25	wocmr.exe 2320dc2bbca2b3c45573d259f7b77e5d Ficker Stealer PE File PE32 VirusTotal Malware PDB unpack itself					2.4		39	ZeroCERT

9737	2021-07-07 10:29	autosubplayer.exe df2b42645e6baf88259767f9ddbd2afc PE File PE32 DLL VirusTotal Malware Check memory Creates executable files unpack itself AppData folder					2.6		12	ZeroCERT

9738	2021-07-07 10:47	iSkype.exe 32b68872c41087ad35079e2f3d23375b Generic Malware PE64 PE File VirusTotal Malware suspicious privilege MachineGuid Check memory Checks debugger unpack itself					2.6	M	29	ZeroCERT

9739	2021-07-07 10:47	ConsoleApp2.exe e19685fb5d65e400f2dc9f6af799e637 NPKI RAT Generic Malware Antivirus PE64 PE File VirusTotal Malware powershell AutoRuns suspicious privilege MachineGuid Code Injection Check memory Checks debugger Creates shortcut Creates executable files unpack itself suspicious process Windows ComputerName DNS Cryptographic key crashed					11.6	M	11	ZeroCERT

9740	2021-07-07 10:49	.wininit.exe f3153f7aeae742a3c3280adf4678ddbc PWS .NET framework RAT Generic Malware Admin Tool (Sysinternals etc ...) PE File .NET EXE PE32 VirusTotal Malware Check memory Checks debugger unpack itself crashed					2.2	M	24	ZeroCERT

9741	2021-07-07 10:54	bin.exe bb6606ce042276a5f9948112ad29bf45 Loki PWS Loki[b] Loki[m] .NET framework RAT Generic Malware Admin Tool (Sysinternals etc ...) DNS Socket AntiDebug AntiVM PE File .NET EXE PE32 Browser Info Stealer LokiBot Malware download FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware c&c suspicious privilege MachineGuid Code Injection Malicious Traffic Check memory Checks debugger buffers extracted unpack itself malicious URLs AntiVM_Disk VM Disk Size Check installed browsers check Windows Browser Email ComputerName DNS Cryptographic key Software	1 Keyword trend analysis	2	7 Info ET MALWARE LokiBot User-Agent (Charon/Inferno) ET MALWARE LokiBot Checkin ET MALWARE LokiBot Application/Credential Data Exfiltration Detected M1 ET MALWARE LokiBot Application/Credential Data Exfiltration Detected M2 ET MALWARE LokiBot Request for C2 Commands Detected M1 ET MALWARE LokiBot Request for C2 Commands Detected M2 ET MALWARE LokiBot Fake 404 Response	1	14.0	M	37	ZeroCERT

9742	2021-07-07 10:57	putty.exe 15ed4f691afcde785b6aabbf53ad6c60 PWS .NET framework Generic Malware Malicious Packer SMTP KeyLogger AntiDebug AntiVM PE File .NET EXE PE32 VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger buffers extracted Creates executable files unpack itself Windows utilities suspicious process AppData folder WriteConsoleW Windows ComputerName crashed					13.2	M	23	ZeroCERT

9743	2021-07-07 10:57	microC.exe ed445c25db258c1b48eb141ea92f3c0f PWS .NET framework Generic Malware Malicious Packer DNS AntiDebug AntiVM PE File .NET EXE PE32 VirusTotal Malware Buffer PE AutoRuns suspicious privilege MachineGuid Code Injection Check memory Checks debugger buffers extracted unpack itself human activity check Windows ComputerName DNS DDNS	1 Keyword trend analysis	6	1		12.6	M	32	ZeroCERT

9744	2021-07-07 10:58	vbc.exe cab88a8e7eaece20697b6afb947f5a0c PWS .NET framework North Korea RAT Gen2 Emotet Gen1 Generic Malware NSIS Admin Tool (Sysinternals etc ...) Anti_VM UPX PE File PE32 OS Processor Check .NET EXE VirusTotal Malware AutoRuns Check memory Checks debugger Creates executable files unpack itself AppData folder installed browsers check Windows Browser crashed					4.4	M	59	ZeroCERT

9745	2021-07-07 10:59	mazx.exe 59420de7ed3a5745c831732deb9252b9 PWS .NET framework NetWire RAT Generic Malware Admin Tool (Sysinternals etc ...) PE File .NET EXE PE32 VirusTotal Malware Check memory Checks debugger unpack itself crashed					2.2	M	23	ZeroCERT

9746	2021-07-07 11:01	serologs.jpg 66be55da9e2ab05f8452bf8a3de2707c Generic Malware PE File PE32 VirusTotal Malware					1.0	M	31	ZeroCERT

9747	2021-07-07 11:02	microa.exe db6d1eadf3bfc69ac72965056c2c742c AgentTesla RAT browser info stealer Generic Malware Google Chrome User Data Socket Create Service Sniff Audio Escalate priviledges KeyLogger Code injection Downloader AntiDebug AntiVM PE File .NET EXE PE32 VirusTotal Malware AutoRuns suspicious privilege Code Injection Check memory Checks debugger buffers extracted Creates executable files unpack itself suspicious process Windows DNS Cryptographic key crashed					14.0	M	30	ZeroCERT

9748	2021-07-07 11:02	119.exe 13cf6e639bd4d6c7478f438e001beec7 PE File PE32 VirusTotal Malware AutoRuns ICMP traffic unpack itself Auto service Check virtual network interfaces sandbox evasion Windows DNS		1			5.6	M	23	ZeroCERT

9749	2021-07-07 11:12	vbc.exe 4ca1ad18feda08e8b63af40d2614a0d5 Generic Malware Admin Tool (Sysinternals etc ...) PE File .NET EXE PE32 VirusTotal Malware Check memory Checks debugger unpack itself DNS crashed					2.6	M	16	ZeroCERT

9750	2021-07-07 11:13	lv.exe 2bbe120484c44e5502b7dc05d04a52de Ficker Stealer NPKI Gen1 Gen2 UPX Malicious Library DGA DNS Socket Create Service Sniff Audio HTTP Escalate priviledges KeyLogger FTP Hijack Network Code injection Http API Internet API Steal credential ScreenShot Downloader P2P persistence AntiDebug Anti VirusTotal Malware Code Injection Check memory Checks debugger Creates executable files unpack itself Windows utilities suspicious process AppData folder malicious URLs AntiVM_Disk WriteConsoleW VM Disk Size Check Windows		1			7.6	M	43	ZeroCERT