Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	Score	Zero	VT	Player
9781	2021-07-08 09:02	MSBuild.exe 79c24ca88c3640690d9bf8476c14c54d Gen1 PE File OS Processor Check PE32 DLL JPEG Format Browser Info Stealer Email Client Info Stealer Malware Cryptocurrency wallets Cryptocurrency suspicious privilege MachineGuid Malicious Traffic Check memory WMI Creates executable files unpack itself Windows utilities Collect installed applications suspicious process AppData folder WriteConsoleW anti-virtualization installed browsers check Windows Browser Email ComputerName DNS	9 Keyword trend analysis Info http://103.153.76.164/we/pri//6.jpg http://103.153.76.164/we/pri//4.jpg http://103.153.76.164/we/pri//2.jpg http://103.153.76.164/we/pri//7.jpg http://103.153.76.164/we/pri/ http://103.153.76.164/we/pri//5.jpg http://103.153.76.164/we/pri//main.php http://103.153.76.164/we/pri//1.jpg http://103.153.76.164/we/pri//3.jpg	1	9.6	M		ZeroCERT

9782	2021-07-08 09:19	01130100370.exe f096b9024bfafa8e3403a13125c0a6a5 RAT Generic Malware SMTP KeyLogger AntiDebug AntiVM PE File .NET EXE PE32 Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware AutoRuns suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted unpack itself Check virtual network interfaces VMware IP Check Windows Browser Email ComputerName DNS Cryptographic key DDNS Software crashed keylogger	2 Keyword trend analysis	4	14.8		42	ZeroCERT

9783	2021-07-08 09:20	document.wiz 41ff9760e3417f85d9096fa4641ba52d RTF File doc AntiDebug AntiVM VirusTotal Malware MachineGuid Malicious Traffic Check memory exploit crash unpack itself Exploit DNS crashed		2	5.2	M	28	ZeroCERT

9784	2021-07-08 09:21	bbins22.exe 6ddefaa934f93d73167d08364a040b40 Generic Malware AntiDebug AntiVM PE File .NET EXE PE32 VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself malicious URLs Windows Cryptographic key crashed			8.0		25	ZeroCERT

9785	2021-07-08 09:22	xx2p14.exe f2cd90ae3b4307b881aa7512a24ff3d2 PWS Loki[b] Loki[m] Generic Malware DNS AntiDebug AntiVM PE File .NET EXE PE32 Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware AutoRuns suspicious privilege MachineGuid Code Injection Check memory Checks debugger buffers extracted unpack itself malicious URLs installed browsers check Windows Browser Email ComputerName DNS Software crashed		1	14.4	M	27	ZeroCERT

9786	2021-07-08 09:24	6011102781032.exe 9e0f0affb0ceabd35d88978d4bd22a79 Generic Malware SMTP KeyLogger AntiDebug AntiVM PE File .NET EXE PE32 Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware AutoRuns suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted unpack itself Check virtual network interfaces VMware IP Check Windows Browser Email ComputerName DNS Cryptographic key DDNS Software crashed keylogger	2 Keyword trend analysis	4	14.4	M	20	ZeroCERT

9787	2021-07-08 09:24	IMG_10791000016.exe dd51db7619839fd3e1cad9bb78c89dda Generic Malware SMTP KeyLogger AntiDebug AntiVM PE File .NET EXE PE32 Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware AutoRuns suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted unpack itself Check virtual network interfaces malicious URLs VMware IP Check Windows Browser Email ComputerName DNS Cryptographic key DDNS Software crashed	2 Keyword trend analysis	4	14.2	M	28	ZeroCERT

9788	2021-07-08 09:26	RTL_7410100122065.exe 3731136fbd99f34ad74f4f00b2d193dc RAT Generic Malware SMTP KeyLogger AntiDebug AntiVM PE File .NET EXE PE32 Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware AutoRuns suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted unpack itself Check virtual network interfaces VMware IP Check Windows Browser Email ComputerName DNS Cryptographic key DDNS Software crashed	2 Keyword trend analysis	4	13.8	M	24	ZeroCERT

9789	2021-07-08 09:27	TLR_17841011304.exe c2a9f9afa108921e0ddbe5b4d116ef04 RAT Generic Malware AntiDebug AntiVM PE File .NET EXE PE32 VirusTotal Malware AutoRuns suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted unpack itself Windows Cryptographic key crashed	1 Keyword trend analysis	2	9.2	M	32	ZeroCERT

9790	2021-07-08 09:28	ETL_5100006278946.exe fe1c0a4a911151038bf5a3beb5793d5a RAT Generic Malware SMTP KeyLogger AntiDebug AntiVM PE File .NET EXE PE32 Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware AutoRuns suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted unpack itself Check virtual network interfaces VMware IP Check Windows Browser Email ComputerName DNS Cryptographic key DDNS Software crashed keylogger	2 Keyword trend analysis	4	14.4	M	29	ZeroCERT

9791	2021-07-08 09:29	IMG_056029741000.exe c78cd345bff52bfbf2dcf485e1ba8837 RAT Generic Malware SMTP KeyLogger AntiDebug AntiVM PE File .NET EXE PE32 Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware AutoRuns suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted unpack itself Check virtual network interfaces VMware IP Check Windows Browser Email ComputerName DNS Cryptographic key DDNS Software crashed keylogger	2 Keyword trend analysis	4	14.6	M	39	ZeroCERT

9792	2021-07-08 09:30	bin.exe 702b18b0650c0234aae73c200dd00617 Formbook PE File PE32 VirusTotal Malware suspicious privilege Malicious Traffic unpack itself DNS	3 Keyword trend analysis Info http://www.captivatingpower.com/gd5n/?8pp=03bz5JcmLhkK/7VMGmtHlfqgJZRzM8pcHaZCGIrZKaUQFLvPevS4ECc93DGk0zG6ZMfR1508&iB=Ch2p4J_0Id5xu http://www.optiao.club/gd5n/?8pp=5QkX1/gLU4KjhadBhM0SoxDpbWhIrheAxeN0gI31BaKeE9/CXTmiHuZrE3HZvvpc04G5QmS6&iB=Ch2p4J_0Id5xu http://www.tokenizemortgage.com/gd5n/?8pp=FOuzNm5cVvA1hM4ImFxyGIhOCZig314BbzGubiKJsfzRhRk+vE1suSoEpH6Dth31Mco5nG4L&iB=Ch2p4J_0Id5xu	8	3.8	M	51	ZeroCERT

9793	2021-07-08 09:31	explorer.exe 923ec143594a13e3a9585e2d86e7e890 AgentTesla browser info stealer Generic Malware Google Chrome User Data Antivirus Socket Create Service Sniff Audio Escalate priviledges KeyLogger Code injection Downloader AntiDebug AntiVM PE File .NET EXE PE32 VirusTotal Malware powershell AutoRuns suspicious privilege Code Injection Check memory Checks debugger buffers extracted Creates shortcut Creates executable files unpack itself suspicious process WriteConsoleW Windows ComputerName DNS Cryptographic key DDNS crashed keylogger		3	16.8	M	39	ZeroCERT

9794	2021-07-08 09:32	crv.dll 3ddeea156606b2e5d19c86cedf3dec30 Generic Malware PE64 PE File DLL VirusTotal Malware MachineGuid Malicious Traffic Check memory Checks debugger buffers extracted unpack itself DNS	1 Keyword trend analysis	5	3.8	M	10	ZeroCERT

9795	2021-07-08 09:35	achi.exe 1672c564c56f9cab08a5a0fcc4ba8fa8 PWS Loki[b] Loki[m] Generic Malware Admin Tool (Sysinternals etc ...) DNS Socket AntiDebug AntiVM PE File .NET EXE PE32 Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware suspicious privilege MachineGuid Code Injection Malicious Traffic Check memory Checks debugger buffers extracted unpack itself malicious URLs AntiVM_Disk VM Disk Size Check installed browsers check Windows Browser Email ComputerName DNS Cryptographic key Software crashed		2	14.0	M	22	ZeroCERT