popup

Submissions

No Date Request Urls Hosts IDS Rule Score Zero VT Player Etc
9991 2021-07-14 07:51 run.exe  

5ab6825cfced362802d1f3dd28e904bd


RAT Generic Malware DGA DNS SMTP Socket Create Service Sniff Audio HTTP Escalate priviledges KeyLogger FTP Code injection Http API Internet API Steal credential ScreenShot Downloader P2P persistence Hijack Network AntiDebug AntiVM PE32 PE File .NET EXE PDB suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself malicious URLs Windows Cryptographic key 		2 6.0 13 ZeroCERT

9992 2021-07-14 08:45 mad.zip  

2dd394b649d386e88e6d6da28be926d5

VirusTotal Malware 		0.6 19 ZeroCERT

9993 2021-07-14 08:56 run.exe  

5ab6825cfced362802d1f3dd28e904bd


RAT Generic Malware Http API Steal credential ScreenShot DGA DNS Socket Create Service Sniff Audio HTTP Escalate priviledges KeyLogger FTP Hijack Network Code injection Internet API Downloader P2P persistence SMTP AntiDebug AntiVM PE32 PE File .NET EXE PDB suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself malicious URLs Windows Cryptographic key 		2 6.0 13 ZeroCERT

9994 2021-07-14 08:58 chungx.exe  

40441e12c570b3de968483bb9b04d5ca


AgentTesla PWS .NET framework browser info stealer Generic Malware Google Chrome User Data Admin Tool (Sysinternals etc ...) DGA DNS Socket Create Service Sniff Audio HTTP Escalate priviledges KeyLogger FTP Code injection Http API Internet API Steal crede VirusTotal Malware Buffer PE AutoRuns suspicious privilege Code Injection Check memory Checks debugger buffers extracted Creates executable files unpack itself Windows utilities Disables Windows Security WriteConsoleW Windows Cryptographic key 		11.8 30 ZeroCERT

9995 2021-07-14 08:59 f.exe  

a67a535b7b1bee678d18f80da48bfcb7


PWS .NET framework RAT Generic Malware Admin Tool (Sysinternals etc ...) PE32 PE File .NET EXE VirusTotal Malware Check memory Checks debugger unpack itself 		1.8 17 ZeroCERT

9996 2021-07-14 09:02 crpYSZLkHw0n3SH.exe  

3b2369bdc8d2d7d0712a4e9cfb21e299


PWS .NET framework Generic Malware Admin Tool (Sysinternals etc ...) PE32 PE File .NET EXE VirusTotal Malware Check memory Checks debugger unpack itself crashed 		2.2 20 ZeroCERT

9997 2021-07-14 09:03 P0weOPjsmVN5OCW.exe  

98967ce40ebd4dac5ec4c937b9c755a3


PWS .NET framework Generic Malware Admin Tool (Sysinternals etc ...) Antivirus SMTP KeyLogger AntiDebug AntiVM PE32 PE File .NET EXE VirusTotal Malware powershell suspicious privilege Code Injection Check memory Checks debugger buffers extracted Creates shortcut unpack itself Windows utilities powershell.exe wrote suspicious process WriteConsoleW Windows ComputerName Cryptographic key crashed 		11.8 51 ZeroCERT

9998 2021-07-14 09:04 MT6jNvcjS9TNL0i.exe  

ee729db676cafed8816e6dc660a1b8db


PWS .NET framework Generic Malware Admin Tool (Sysinternals etc ...) PE32 PE File .NET EXE VirusTotal Malware Check memory Checks debugger unpack itself Windows ComputerName Cryptographic key 		2.6 30 ZeroCERT

9999 2021-07-14 09:05 moonmars.png  

818e84e7ff9720097a103e501938df5c


Gen1 Gen2 Emotet UPX PE32 PE File OS Processor Check DLL Malware suspicious privilege Malicious Traffic Checks debugger buffers extracted RWX flags setting unpack itself Check virtual network interfaces suspicious process ComputerName DNS crashed 		4 9 2 7.2 M ZeroCERT

10000 2021-07-14 09:06 frS8UmNq9MyY5Ap.exe  

c641eb251b4384f78fc114c13913f38e


PWS Loki[b] Loki[m] .NET framework Generic Malware Admin Tool (Sysinternals etc ...) DNS Socket AntiDebug AntiVM PE32 PE File .NET EXE Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware suspicious privilege MachineGuid Code Injection Malicious Traffic Check memory Checks debugger buffers extracted unpack itself malicious URLs AntiVM_Disk VM Disk Size Check installed browsers check Windows Browser Email ComputerName DNS Cryptographic key Software crashed 		1 1 1 15.0 M 40 ZeroCERT

10001 2021-07-14 09:07 man.exe  

de71ac4aaadb83cd7d93bd45e3f269aa


PWS .NET framework Generic Malware UPX Admin Tool (Sysinternals etc ...) PE32 PE File .NET EXE VirusTotal Malware Check memory Checks debugger unpack itself DNS crashed 		1 2.8 26 ZeroCERT

10002 2021-07-14 09:08 MaGnTcNpa81Hzbv.exe  

e337c626422b1f2cff45ef6690fef630


PWS .NET framework Generic Malware Admin Tool (Sysinternals etc ...) PE32 PE File .NET EXE VirusTotal Malware Check memory Checks debugger unpack itself Windows ComputerName Cryptographic key 		2.4 20 ZeroCERT

10003 2021-07-14 09:09 mom.exe  

81f5e58bf43dfbcb84fb35a2f5503fc9


PWS .NET framework Generic Malware Admin Tool (Sysinternals etc ...) PE32 PE File .NET EXE VirusTotal Malware Check memory Checks debugger unpack itself crashed 		2.2 22 ZeroCERT

10004 2021-07-14 09:10 Stolen Images Evidence.js  

f49c74df8a4459c23fc53394c3f04279


Antivirus AntiDebug AntiVM PE64 PE File DLL VirusTotal Malware powershell suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted Creates shortcut unpack itself Windows utilities Check virtual network interfaces suspicious process Windows ComputerName Cryptographic key crashed 		2 2 10.0 3 ZeroCERT

10005 2021-07-14 09:11 askinstall51.exe  

694893820b26b4feb1f1e2ed82ec5b36


Gen2 Trojan_PWS_Stealer NPKI BitCoin Credential User Data Generic Malware UPX SQLite Cookie Anti_VM DGA DNS Socket Create Service Sniff Audio HTTP Escalate priviledges KeyLogger FTP Code injection Http API Internet API Steal credential ScreenShot Downlo Browser Info Stealer VirusTotal Malware PDB suspicious privilege Code Injection Malicious Traffic Checks debugger WMI Creates executable files ICMP traffic exploit crash unpack itself Windows utilities suspicious process malicious URLs WriteConsoleW installed browsers check Windows Exploit Browser ComputerName Remote Code Execution crashed 		4 8 2 12.2 M 46 ZeroCERT

keyword