Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	Rule	Score	Zero	VT	Player
10006	2021-07-14 09:11	5uNJuFIVFadgqwX.exe e162c8dde1f4af57f79e48b4157d6a70 Generic Malware Admin Tool (Sysinternals etc ...) PE32 PE File .NET EXE VirusTotal Malware Check memory Checks debugger unpack itself crashed				2.4		38	ZeroCERT

10007	2021-07-14 09:12	vbc.exe d2e7122631ac9f750960485c665b4745 PWS Loki[b] Loki[m] Malicious Library DNS AntiDebug AntiVM PE32 PE File DLL Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware suspicious privilege MachineGuid Code Injection Malicious Traffic Check memory buffers extracted Creates executable files AppData folder malicious URLs AntiVM_Disk VM Disk Size Check installed browsers check Browser Email ComputerName Software	1 Keyword trend analysis	2		11.4		32	ZeroCERT

10008	2021-07-14 09:13	askinstall52.exe 4ff8f654186c2158e0c15e9982314562 Gen2 Trojan_PWS_Stealer NPKI BitCoin Credential User Data Generic Malware UPX SQLite Cookie Anti_VM DGA DNS Socket Create Service Sniff Audio HTTP Escalate priviledges KeyLogger FTP Code injection Http API Internet API Steal credential ScreenShot Downlo Browser Info Stealer VirusTotal Malware PDB suspicious privilege Code Injection Malicious Traffic Checks debugger WMI Creates executable files exploit crash unpack itself Windows utilities suspicious process malicious URLs WriteConsoleW installed browsers check Windows Exploit Browser ComputerName Remote Code Execution crashed	4 Keyword trend analysis	8	2	11.4	M	49	ZeroCERT

10009	2021-07-14 09:14	KD9.exe 23d9524d5f5d9aac977efbd995c260d3 PWS Loki[b] Loki[m] PE32 PE File Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware suspicious privilege MachineGuid Malicious Traffic Check memory installed browsers check Browser Email ComputerName DNS Software crashed	1 Keyword trend analysis	1	1	7.8	M	62	ZeroCERT

10010	2021-07-14 09:15	5WaCxjg34Runo2C.exe 8b61ca6d1254da43b8643d478acf485f PWS Loki[b] Loki[m] Generic Malware Admin Tool (Sysinternals etc ...) DNS AntiDebug AntiVM PE32 PE File .NET EXE Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware suspicious privilege MachineGuid Code Injection Malicious Traffic Check memory Checks debugger buffers extracted unpack itself malicious URLs AntiVM_Disk VM Disk Size Check installed browsers check Windows Browser Email ComputerName DNS Cryptographic key Software crashed	1 Keyword trend analysis	1	1	13.6	M	23	ZeroCERT

10011	2021-07-14 09:17	aa.exe e6a9ebd149db011d65fc795e0139f10c PWS .NET framework Generic Malware Admin Tool (Sysinternals etc ...) PE32 PE File .NET EXE VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger unpack itself Windows Cryptographic key crashed				5.4		29	ZeroCERT

10012	2021-07-14 09:19	TevTevMov.exe afe991223509972cd5b38ee963f8f6b5 PWS .NET framework RAT Generic Malware KeyLogger AntiDebug AntiVM PE32 PE File .NET EXE VirusTotal Malware suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted unpack itself Check virtual network interfaces WriteConsoleW Windows DNS crashed	1 Keyword trend analysis	3		13.0		21	ZeroCERT

10013	2021-07-14 09:21	RFQ_1220274_SH0601201.exe 1b18358d1e1982a92ffbfebc76a24b4b PWS .NET framework Generic Malware Admin Tool (Sysinternals etc ...) PE32 PE File .NET EXE VirusTotal Malware Check memory Checks debugger unpack itself				2.2		33	ZeroCERT

10014	2021-07-14 09:24	new.exe b437cc98b3bc62c81485490143beea2c RAT Generic Malware AntiDebug AntiVM PE32 PE File .NET EXE VirusTotal Malware suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted ICMP traffic unpack itself Check virtual network interfaces Windows DNS Cryptographic key crashed	6 Keyword trend analysis Info http://www.thedesertwellness.com/b8eu/?XrFPf4_P=N934qcElQJH6YKUrabhDLzGx2C6+MWKQtnYmiEkSJySfKKrwujljax9yh4toZ60oQjuXThJ6&EzutZl=3fX4 http://www.wc399.com/b8eu/?XrFPf4_P=RgZmDD2LMmJyeL4+w6CE8xqC8HMACG9xbWbEnjs3Agfu1HEJ6pr48va+JhRgqWA6moEote/M&EzutZl=3fX4 http://www.purhenna.com/b8eu/?XrFPf4_P=FvYT2yqFxyMA3v/bEGB+QbqdmvxGWoZU8zI+oiDBMtJrVfJEF3sBXbav09F9mzfFFE+ZlesU&EzutZl=3fX4 http://www.dreamlivehope.com/b8eu/?XrFPf4_P=hb+bmDB0LSb7yHGT3qw/ACv6uLWirMVqcqm4glPaMvkCZEwoTM4dfzuC98JicsLsDlTFdUMJ&EzutZl=3fX4 http://www.1borefruit.com/b8eu/?XrFPf4_P=A4LkB67AN0rT8RFmMquep8c2AsZvn5ORK54hnBFZVpIMXZD2YBNIRfDe8FOwTg2Lg5GqvZMM&EzutZl=3fX4 https://www.bing.com/	18 Info www.thedesertwellness.com(34.98.99.30) www.xamangxcoax.club() www.google.com(142.250.196.100) www.wc399.com(142.111.242.105) www.purhenna.com(184.168.131.241) www.dreamlivehope.com(34.102.136.180) myabsolutebeauty.com(23.227.38.32) www.rstrunk.net() www.laurawmorrow.com() www.1borefruit.com(154.212.109.100) 184.168.131.241 - mailcious 23.227.38.32 - mailcious 13.107.21.200 142.111.242.105 154.212.109.100 142.250.204.68 34.102.136.180 - mailcious 34.98.99.30 - phishing		12.4		45	ZeroCERT

10015	2021-07-14 09:25	339.exe a72bfb946650a4dc5f051f9aa4706a9f UPX PE32 PE File VirusTotal Malware PDB unpack itself Remote Code Execution				2.4		25	ZeroCERT

10016	2021-07-14 09:28	ashleybinx.exe 1d3b665be9a107d7b98129d297daa77c PWS .NET framework Generic Malware Admin Tool (Sysinternals etc ...) PE32 PE File .NET EXE VirusTotal Malware Check memory Checks debugger unpack itself Windows ComputerName Cryptographic key				2.4		26	ZeroCERT

10017	2021-07-14 09:28	FixUpdate.exe 281c83016993820e5d780389a781b7d6 PE32 PE File VirusTotal Malware PDB unpack itself Windows crashed				2.8		39	ZeroCERT

10018	2021-07-14 09:30	v.exe f4f4c4e3afea48dcd636e5d8b1c08703 PWS .NET framework Generic Malware Admin Tool (Sysinternals etc ...) PE32 PE File .NET EXE VirusTotal Malware Check memory Checks debugger unpack itself Windows ComputerName Cryptographic key				2.4		23	ZeroCERT

10019	2021-07-14 09:30	k.exe 2706767fc198317c72d122b9c61ffaee PWS .NET framework Generic Malware Admin Tool (Sysinternals etc ...) PE32 PE File .NET EXE VirusTotal Malware Check memory Checks debugger unpack itself crashed				2.2		22	ZeroCERT

10020	2021-07-14 09:32	s.exe 4423e21c9805c1ff805abf4a2bf3c12e PWS .NET framework RAT Generic Malware Admin Tool (Sysinternals etc ...) PE32 PE File .NET EXE VirusTotal Malware Check memory Checks debugger unpack itself Windows ComputerName Cryptographic key				2.4		23	ZeroCERT