Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	Rule	Score	Zero	VT	Player
9946	2021-07-13 09:43	promise.exe d456785831584055bd3c9c9fd0b4670d PWS .NET framework RAT Generic Malware Admin Tool (Sysinternals etc ...) PE File PE32 .NET EXE VirusTotal Malware Check memory Checks debugger unpack itself				1.8		16	ZeroCERT

9947	2021-07-13 09:43	can.exe ebb56a6e94862c64dd204246376819f8 Generic Malware Admin Tool (Sysinternals etc ...) PE File PE32 .NET EXE VirusTotal Malware Check memory Checks debugger unpack itself				2.0		25	ZeroCERT

9948	2021-07-13 09:45	newApps.exe 1d3ee4783ce7a30a7fd422f5abe7ba25 NPKI Generic Malware Antivirus PE64 PE File PE32 DLL .NET DLL VirusTotal Malware powershell suspicious privilege MachineGuid Check memory Checks debugger buffers extracted Creates shortcut Creates executable files unpack itself Windows utilities powershell.exe wrote suspicious process AppData folder Windows ComputerName Cryptographic key				8.6		36	ZeroCERT

9949	2021-07-13 09:47	3loyaSLADo1ZNLp.exe 6446daba47a6a46d3f10a1c3504223d0 Generic Malware PE File PE32 .NET EXE VirusTotal Malware Check memory Checks debugger unpack itself crashed				2.6		41	ZeroCERT

9950	2021-07-13 09:50	myfile.exe c7364193b982c090d8426630dab87226 RedLine Stealer Admin Tool (Sysinternals etc ...) Code injection ScreenShot persistence AntiDebug AntiVM PE File PE32 DLL OS Processor Check VirusTotal Malware Buffer PE PDB Code Injection Checks debugger buffers extracted Creates executable files unpack itself AppData folder Remote Code Execution				8.6		24	ZeroCERT

9951	2021-07-13 09:51	BIOPASS RAT.exe eb66dcd416436e0589a4e4db48c6deaf PE File PE32 VirusTotal Malware Check memory				1.6		35	ZeroCERT

9952	2021-07-13 09:52	merok.exe 53c69feedfd8ecfb3b5d88d051151d21 Malicious Library PE File PE32 DLL VirusTotal Malware Check memory Creates executable files AppData folder				2.6		28	ZeroCERT

9953	2021-07-13 09:54	backdoor.exe a905e8ec7c21e72ecec790fab54a114a PE File PE32 VirusTotal Malware Check memory DNS		1		3.2		34	ZeroCERT

9954	2021-07-13 09:54	9663.exe de57b50ddeb32383574874af224b2a98 PE64 PE File OS Processor Check VirusTotal Malware unpack itself crashed				1.8		30	ZeroCERT

9955	2021-07-13 09:56	file.exe eb88d83376bb414d84f3242103b351ef PWS Loki[b] Loki[m] Generic Malware DNS Socket AntiDebug AntiVM PE File PE32 .NET EXE Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware suspicious privilege MachineGuid Code Injection Malicious Traffic Check memory Checks debugger buffers extracted unpack itself malicious URLs installed browsers check Browser Email ComputerName DNS Software crashed	1 Keyword trend analysis	1	1	13.4	M	22	ZeroCERT

9956	2021-07-13 09:58	server.exe ee759b97c88356e23b04afa427c6cb94 Rebhip PE32 PE File MSOffice File VirusTotal Malware RWX flags setting unpack itself Disables Windows Security Windows crashed				4.2		50	r0d

9957	2021-07-13 10:09	9663.exe de57b50ddeb32383574874af224b2a98 Generic Malware PE64 OS Processor Check PE File VirusTotal Malware RWX flags setting unpack itself ComputerName		1		2.6		30	r0d

9958	2021-07-13 10:16	backdoor.exe a905e8ec7c21e72ecec790fab54a114a Generic Malware Malicious Packer UPX PE32 PE File VirusTotal Malware Check memory DNS		1		3.2		34	r0d

9959	2021-07-13 10:23	BIOPASS RAT.exe eb66dcd416436e0589a4e4db48c6deaf Generic Malware UPX PE32 PE File VirusTotal Malware				1.4		33	r0d

9960	2021-07-13 10:38	0712_1535841550.doc 116c69c018829ee0342b177523161cd4 VBA_macro UPX MSOffice File OS Processor Check unpack itself				1.6			guest