Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	Rule	Score	Zero	VT	Player
10021	2021-07-14 09:32	e.exe 0fb4bef5bfdb5947554383953592c43a PWS .NET framework Generic Malware UPX Admin Tool (Sysinternals etc ...) PE32 PE File .NET EXE VirusTotal Malware Check memory Checks debugger unpack itself crashed				2.2		29	ZeroCERT

10022	2021-07-14 09:34	whesilox.exe 0963e755e3cfb5a068face937603db77 PWS .NET framework Generic Malware Admin Tool (Sysinternals etc ...) SMTP KeyLogger AntiDebug AntiVM PE32 PE File .NET EXE VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself Windows ComputerName Cryptographic key crashed				9.2		32	ZeroCERT

10023	2021-07-14 09:35	jayxz.exe 35c99a4e53661a8d0686ff151e9e77de PWS Loki[b] Loki[m] RAT Generic Malware UPX Antivirus DNS AntiDebug AntiVM PE32 PE File .NET EXE Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware powershell suspicious privilege MachineGuid Code Injection Malicious Traffic Check memory Checks debugger buffers extracted Creates shortcut ICMP traffic unpack itself Disables Windows Security powershell.exe wrote Check virtual network interfaces suspicious process malicious URLs WriteConsoleW installed browsers check Windows Browser Email ComputerName DNS Cryptographic key DDNS Software crashed	5 Keyword trend analysis Info http://abixmaly.duckdns.org/binge/fre.php https://bakercost.gq/liverpool-fc-news/features/steven-gerrard-liverpool-future-dalglish--goal-BCD48140A43B8F6762F616A8914EF87B.html - rule_id: 2699 https://bakercost.gq/liverpool-fc-news/features/steven-gerrard-liverpool-future-dalglish--goal-BCD48140A43B8F6762F616A8914EF87B.html https://bakercost.gq/liverpool-fc-news/features/steven-gerrard-liverpool-future-dalglish--goal-51DA342187BCB1F6D90B866BDF54CF88.html - rule_id: 2699 https://bakercost.gq/liverpool-fc-news/features/steven-gerrard-liverpool-future-dalglish--goal-51DA342187BCB1F6D90B866BDF54CF88.html	6	2	16.8		14	ZeroCERT

10024	2021-07-14 09:36	arinzex.exe d0837c904d09307a05f03c85cb5b5866 PWS .NET framework Generic Malware Admin Tool (Sysinternals etc ...) SMTP KeyLogger AntiDebug AntiVM PE32 PE File .NET EXE VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself Windows ComputerName Cryptographic key crashed				9.0		28	ZeroCERT

10025	2021-07-14 09:37	IQpUtPDHw5swOwt.exe 7e3e555de69761b2b1496b7231f349c8 RAT Generic Malware Malicious Packer UPX SMTP KeyLogger AntiDebug AntiVM PE32 PE File .NET EXE Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself Windows Browser Email ComputerName Cryptographic key Software crashed				10.6		21	ZeroCERT

10026	2021-07-14 09:38	Launcher.hta 99cddec9f4353fb172c93fb22765bd47 VirusTotal Malware Check memory RWX flags setting unpack itself				1.6		19	ZeroCERT

10027	2021-07-14 09:41	wininit.exe 7b68b43f14bff45ad706488b5b3e8414 PWS Loki[b] Loki[m] .NET framework Generic Malware UPX Admin Tool (Sysinternals etc ...) DNS Socket AntiDebug AntiVM PE32 PE File .NET EXE Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware suspicious privilege MachineGuid Code Injection Malicious Traffic Check memory Checks debugger buffers extracted unpack itself malicious URLs AntiVM_Disk VM Disk Size Check installed browsers check Windows Browser Email ComputerName DNS Cryptographic key Software crashed	1 Keyword trend analysis	1	1	14.8	M	36	ZeroCERT

10028	2021-07-14 09:56	0713_4201214266.doc 90f6edec8143a64b6751812aa075ea0f VBA_macro Generic Malware MSOffice File OS Processor Check VirusTotal Malware unpack itself				2.2		11	guest

10029	2021-07-14 10:08	Launcher.hta 99cddec9f4353fb172c93fb22765bd47 VirusTotal Malware Check memory RWX flags setting unpack itself				1.6		19	ZeroCERT

10030	2021-07-14 10:25	Launcher.hta 3a249038fa98f831074385f0d80b1904 AntiDebug AntiVM MSOffice File Code Injection RWX flags setting exploit crash unpack itself Windows utilities Windows Exploit DNS crashed				3.8			ZeroCERT

10031	2021-07-14 15:56	pdllod.dll c2b80fa119a1f182a24569df973f6b44 Dridex PE32 PE File DLL VirusTotal Malware				1.6	M	53	guest

10032	2021-07-14 16:52	vbc.exe 5c36550f6c90d763d53a6971793b3ac7 Generic Malware Admin Tool (Sysinternals etc ...) PE32 PE File .NET EXE VirusTotal Malware Check memory Checks debugger unpack itself				2.2		30	ZeroCERT

10033	2021-07-14 16:53	app.exe e35a0bdb66b37b80c51a1559058e326b PWS .NET framework Generic Malware UPX Admin Tool (Sysinternals etc ...) PE32 PE File OS Processor Check .NET EXE VirusTotal Malware Check memory Checks debugger unpack itself Windows ComputerName Cryptographic key				2.6		32	ZeroCERT

10034	2021-07-14 16:55	ds1.exe 8b9bcacd6ce5341fbbff48122ea11adf PWS .NET framework Generic Malware Malicious Packer AntiDebug AntiVM PE32 PE File .NET EXE VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger buffers extracted Creates executable files unpack itself				8.4		50	ZeroCERT

10035	2021-07-14 16:57	FtxUc19TTX68pGY.exe d63397631fb1e664a3459ddd47e08100 PWS .NET framework Generic Malware Admin Tool (Sysinternals etc ...) PE32 PE File .NET EXE VirusTotal Malware Check memory Checks debugger unpack itself crashed				2.4		36	ZeroCERT