Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Score	Zero	VT	Player
9946	2023-10-03 13:15	Jefutyl.exe 823791a9bfed88b3af85698e8f019254 UPX .NET framework(MSIL) PE File PE32 .NET EXE VirusTotal Malware MachineGuid Check memory Checks debugger unpack itself DNS		1		2.8	M	52	ZeroCERT

9947	2023-10-03 13:13	i.exe ed7a716082ba3dc98d49e4ecf6eda9fd SystemBC PE File PE32 VirusTotal Malware DNS		2		1.8	M	40	ZeroCERT

9948	2023-10-03 13:11	audiodgs.exe 26ef5df5466f83b5db24a2a917a62257 .NET framework(MSIL) PWS SMTP KeyLogger AntiDebug AntiVM PE File PE32 .NET EXE Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware PDB suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself Check virtual network interfaces Tofsee Browser Email ComputerName Software crashed		2	2	10.8	M	45	ZeroCERT

9949	2023-10-03 13:09	bin.exe 3fd3a5baf7672d10cc88b3bf9f7c9c34 Malicious Library UPX Http API ScreenShot Internet API AntiDebug AntiVM PE File PE32 OS Processor Check Browser Info Stealer Malware download VirusTotal Malware Cryptocurrency wallets Cryptocurrency Buffer PE Code Injection Malicious Traffic Check memory buffers extracted unpack itself Collect installed applications sandbox evasion installed browsers check Ransomware Lumma Stealer Browser ComputerName Firmware	2 Keyword trend analysis	2	3	13.0	M	48	ZeroCERT

9950	2023-10-03 13:07	Namecheap.vbs 7388c6f4c973e94ddf98cad790bd8a0a Generic Malware Antivirus Hide_URL PowerShell powershell suspicious privilege Check memory Checks debugger buffers extracted Creates shortcut unpack itself Check virtual network interfaces suspicious process WriteConsoleW Tofsee Windows ComputerName Cryptographic key	3 Keyword trend analysis	3	1	8.0	M		ZeroCERT

9951	2023-10-03 13:04	audiodgs.exe bb7de5ae335e010647c6d775a6b5ba65 .NET framework(MSIL) PE File PE32 .NET EXE VirusTotal Malware Buffer PE suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself crashed				6.6	M	40	ZeroCERT

9952	2023-10-03 13:04	toolspub1.exe 607138573a8c8556859e37ba5b6d7655 Malicious Library UPX AntiDebug AntiVM PE File PE32 OS Processor Check VirusTotal Malware PDB Remote Code Execution				2.8	M	36	ZeroCERT

9953	2023-10-03 13:00	client.exe a5b920f34ec75c3f9f006ff689224553 RedLine stealer UPX .NET framework(MSIL) Confuser .NET PE File PE32 .NET EXE OS Processor Check Browser Info Stealer RedLine Malware download FTP Client Info Stealer VirusTotal Malware Microsoft suspicious privilege Malicious Traffic Check memory Checks debugger buffers extracted unpack itself Collect installed applications Check virtual network interfaces installed browsers check Tofsee Stealer Windows Browser ComputerName DNS Cryptographic key Software crashed	1 Keyword trend analysis	3	5 Info SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) ET INFO Microsoft net.tcp Connection Initialization Activity ET MALWARE Redline Stealer TCP CnC Activity ET MALWARE [ANY.RUN] RedLine Stealer Related (MC-NMF Authorization) ET MALWARE Redline Stealer TCP CnC - Id1Response	7.4	M	42	ZeroCERT

9954	2023-10-03 13:00	ioi0ioioooi000ioiooioioi000000... fb96a229f20223b7cb1850628519bb47 MS_RTF_Obfuscation_Objects RTF File doc VirusTotal Malware RWX flags setting exploit crash Tofsee Exploit crashed		2	1	2.8	M	30	ZeroCERT

9955	2023-10-03 12:58	processer.exe 0564dcf513b20d19fcd0ef38c51d6f99 LokiBot UPX Admin Tool (Sysinternals etc ...) .NET framework(MSIL) PWS SMTP KeyLogger AntiDebug AntiVM PE File PE32 .NET EXE Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself Check virtual network interfaces IP Check Tofsee Windows Browser Email ComputerName DNS Cryptographic key Software crashed		2	4	10.6		41	ZeroCERT

9956	2023-10-03 12:58	hipe.exe 6909f15203fad4b8cd743dc9b1488f27 Malicious Library UPX PE File PE32 OS Processor Check VirusTotal Malware PDB Remote Code Execution				1.8	M	38	ZeroCERT

9957	2023-10-03 12:56	IMG_8977390.exe 079df1e8aa1e77f3fa405d6ce7676c23 UPX .NET framework(MSIL) PWS SMTP KeyLogger AntiDebug AntiVM PE File PE32 .NET EXE OS Processor Check Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware Buffer PE AutoRuns suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself Check virtual network interfaces IP Check Tofsee Windows Browser Email ComputerName DNS Cryptographic key Software crashed		4	4	14.0	M	46	ZeroCERT

9958	2023-10-03 12:56	madywarza2.1.exe a8dcae0690c61f8517b877b5191fc388 NSIS Malicious Library UPX PE File PE32 OS Processor Check VirusTotal Malware AutoRuns Check memory Creates executable files unpack itself AppData folder Windows DNS DDNS		1	2	4.4	M	46	ZeroCERT

9959	2023-10-03 12:54	Ifum2.exe a7e5dd9ea31f866fdd0b425165f90915 RedLine stealer Malicious Library UPX AntiDebug AntiVM PE File PE32 OS Processor Check VirusTotal Malware PDB Code Injection Check memory Checks debugger buffers extracted unpack itself WriteConsoleW				7.4	M	44	ZeroCERT

9960	2023-10-03 12:53	download 639dc278f96ff66db8b87de1ea30c4bf Generic Malware PE File PE32 .NET EXE VirusTotal Malware PDB Check memory Checks debugger unpack itself ComputerName				2.8	M	41	ZeroCERT