Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	Rule	Score	Zero	VT	Player
9976	2021-07-13 18:01	qOwCKaSXeZMljlf.exe 2dab0d745c246721391b048cedf0dc0e Generic Malware Admin Tool (Sysinternals etc ...) PE32 PE File .NET EXE VirusTotal Malware Check memory Checks debugger unpack itself crashed				2.2		23	ZeroCERT

9977	2021-07-13 18:02	dll.jpg a081999ab017d1f1354d235391cb521c Ave Maria WARZONE RAT UPX Antivirus PE32 PE File OS Processor Check VirusTotal Malware powershell AutoRuns suspicious privilege Code Injection Check memory Checks debugger Creates shortcut unpack itself powershell.exe wrote suspicious process AntiVM_Disk WriteConsoleW VM Disk Size Check Windows ComputerName Remote Code Execution Cryptographic key		2		9.8		56	ZeroCERT

9978	2021-07-13 18:04	vbc.exe ca7b3646f761b2095fda351b5a735d0d PWS .NET framework Generic Malware Admin Tool (Sysinternals etc ...) PE32 PE File .NET EXE VirusTotal Malware Check memory Checks debugger unpack itself crashed				2.2		20	ZeroCERT

9979	2021-07-13 18:04	DoublesidePassport.jpg.lnk 041cc53c6152bc5ac0ada6fb7cb12bb4 UPX AntiDebug AntiVM GIF Format PE32 PE File OS Processor Check JPEG Format VirusTotal Malware Code Injection Check memory WMI Creates shortcut Creates executable files RWX flags setting unpack itself Windows utilities suspicious process AppData folder WriteConsoleW Windows ComputerName				7.8		14	ZeroCERT

9980	2021-07-13 18:06	setup_c.exe 6ca76d8eaf1ec1e760ac41c0b1386d07 Generic Malware Anti_VM PE32 PE File VirusTotal Malware Check memory Checks debugger unpack itself Checks Bios Detects VirtualBox Detects VMWare suspicious process WriteConsoleW VMware anti-virtualization Windows ComputerName Firmware crashed				7.6		20	ZeroCERT

9981	2021-07-13 18:06	DNBAeYMT2WEKoZK.exe 8499ede977c860b8c6c07776081a3dea PWS Loki[b] Loki[m] .NET framework Generic Malware Admin Tool (Sysinternals etc ...) DNS Socket AntiDebug AntiVM PE32 PE File .NET EXE Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware suspicious privilege MachineGuid Code Injection Malicious Traffic Check memory Checks debugger buffers extracted unpack itself malicious URLs AntiVM_Disk VM Disk Size Check installed browsers check Windows Browser Email ComputerName DNS Cryptographic key Software crashed	1 Keyword trend analysis	1	1	13.8	M	37	ZeroCERT

9982	2021-07-13 18:08	ConsoleApp6.exe b46c2cfc05bc1e8fe659d143ccf77375 AgentTesla PWS .NET framework RAT browser info stealer Generic Malware Google Chrome User Data Antivirus Socket Create Service Sniff Audio Escalate priviledges KeyLogger Code injection Downloader AntiDebug AntiVM PE32 PE File .NET EXE VirusTotal Malware powershell AutoRuns suspicious privilege Code Injection Check memory Checks debugger buffers extracted Creates shortcut Creates executable files unpack itself suspicious process WriteConsoleW Windows ComputerName DNS Cryptographic key DDNS crashed keylogger		2		13.8		25	ZeroCERT

9983	2021-07-13 18:10	000628389672_1.xlsm be08be775737dbd2ef07cd65b3c95d7e VBA_macro VirusTotal Malware unpack itself				1.6		9	ZeroCERT

9984	2021-07-13 18:11	270c3859591599642bd15167765246... 270c3859591599642bd15167765246e3 Ficker Stealer UPX PE32 PE File Browser Info Stealer FTP Client Info Stealer VirusTotal Malware Cryptocurrency wallets Cryptocurrency MachineGuid Check memory ICMP traffic Collect installed applications sandbox evasion anti-virtualization IP Check installed browsers check Ransomware Browser ComputerName Software	1 Keyword trend analysis	4		8.8	M	60	ZeroCERT

9985	2021-07-13 18:29	umbr.exe f9d986194bfbc6d9e56e62a7e6f3f1f7 RAT Process Kill Generic Malware UPX FindFirstVolume CryptGenKey Http API Steal credential ScreenShot AntiDebug AntiVM PE32 PE File OS Processor Check Device_File_Check .NET EXE VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger buffers extracted Creates executable files unpack itself AntiVM_Disk suspicious TLD VM Disk Size Check Windows Cryptographic key	1 Keyword trend analysis	2	1	8.4	M	48	guest

9986	2021-07-14 07:24	vato.js d5cb6592fb3cb1e72b2cff6fca5f3528 Antivirus VirusTotal Malware powershell AutoRuns suspicious privilege Check memory Checks debugger WMI Creates shortcut ICMP traffic unpack itself Windows utilities Check virtual network interfaces suspicious process WriteConsoleW Windows ComputerName Cryptographic key		3		8.6		17	ZeroCERT

9987	2021-07-14 07:31	2206.dotm 196977d3c5e6d635fdd60ac4d9f5e127 VBA_macro Vulnerability VirusTotal Malware unpack itself	1 Keyword trend analysis	1		3.8		5	ZeroCERT

9988	2021-07-14 07:34	................................. d50bdf90927dc53f961c0d4fd864b978 RTF File doc AntiDebug AntiVM Malware MachineGuid Malicious Traffic Check memory exploit crash unpack itself Exploit DNS crashed	3 Keyword trend analysis	5		5.4			ZeroCERT

9989	2021-07-14 07:44	svch.exe f9bc884d392b1cf3476d36733d443bea PWS .NET framework Generic Malware Admin Tool (Sysinternals etc ...) PE32 PE File .NET EXE Check memory Checks debugger unpack itself				1.2			ZeroCERT

9990	2021-07-14 07:44	mad.zip 2dd394b649d386e88e6d6da28be926d5 VirusTotal Malware				0.6		19	ZeroCERT