Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Score	Zero	VT	Player
10021	2023-07-25 19:08	scandk464646464.exe 87b5d7e79ba17f3819a61ec39099defd AgentTesla Generic Malware Antivirus SMTP KeyLogger AntiDebug AntiVM .NET EXE PE File PE32 Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware powershell Buffer PE AutoRuns suspicious privilege Code Injection Check memory Checks debugger buffers extracted Creates shortcut Creates executable files unpack itself Windows utilities Check virtual network interfaces suspicious process AppData folder IP Check Tofsee Windows Browser Email ComputerName Cryptographic key Software crashed keylogger	1 Keyword trend analysis	7	3	18.6	M	28	ZeroCERT

10022	2023-07-25 19:03	scandav8886464.exe 66bb82ee05fc13737b1d72237c5a82b6 SMTP KeyLogger AntiDebug AntiVM .NET EXE PE File PE32 Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware AutoRuns suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself Windows utilities Check virtual network interfaces suspicious process IP Check Tofsee Windows Browser Email ComputerName Cryptographic key Software crashed keylogger	1 Keyword trend analysis	7	3	15.4	M	30	ZeroCERT

10023	2023-07-25 19:01	dewrww7a1z.exe 171411305a3172ab22696c63e445ef64 RedLine stealer RedLine Infostealer RedlineStealer UPX Malicious Library .NET framework(MSIL) Confuser .NET PWS AntiDebug AntiVM OS Processor Check PE File PE32 .NET EXE Browser Info Stealer RedLine Malware download FTP Client Info Stealer Malware Buffer PE PDB suspicious privilege Code Injection Check memory Checks debugger buffers extracted WMI Creates executable files unpack itself Collect installed applications AppData folder malicious URLs WriteConsoleW installed browsers check Stealer Windows Browser ComputerName DNS Cryptographic key Software crashed		3	1	15.2	M		ZeroCERT

10024	2023-07-25 19:01	scandavf465456.exe 7561b44d45254e3faf0c81218ac75ade SMTP KeyLogger AntiDebug AntiVM .NET EXE PE File PE32 Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware AutoRuns suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself Windows utilities Check virtual network interfaces suspicious process IP Check Tofsee Windows Browser Email ComputerName DNS Cryptographic key Software crashed keylogger	1 Keyword trend analysis	8	3	15.6	M	35	ZeroCERT

10025	2023-07-25 18:59	scanyo4648646.exe 8e2c26151d6255d8c5ce929f15fc94c3 SMTP KeyLogger AntiDebug AntiVM .NET EXE PE File PE32 Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware AutoRuns suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself Windows utilities Check virtual network interfaces suspicious process IP Check Tofsee Windows Browser Email ComputerName Cryptographic key Software crashed keylogger	1 Keyword trend analysis	7	3	15.6	M	40	ZeroCERT

10026	2023-07-25 18:59	scanhe4464684685.exe 0a08e5cf3a784baa123a28f555d44a0d SMTP KeyLogger AntiDebug AntiVM .NET EXE PE File PE32 Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware AutoRuns suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself Windows utilities Check virtual network interfaces suspicious process IP Check Tofsee Windows Browser Email ComputerName Cryptographic key Software crashed keylogger	1 Keyword trend analysis	7	3	14.8	M	39	ZeroCERT

10027	2023-07-25 18:57	scand548226.exe 92899ca104e6ac22954956977522eebb RedLine stealer PWS AntiDebug AntiVM BitCoin .NET EXE PE File PE32 VirusTotal Malware AutoRuns Code Injection Check memory Checks debugger buffers extracted Creates executable files ICMP traffic unpack itself Windows utilities Check virtual network interfaces suspicious process AppData folder Windows ComputerName DNS Cryptographic key		1		13.4	M	37	ZeroCERT

10028	2023-07-25 18:57	scanna46464.exe 0f853625fbfedb9bdd3760252644c8fa SMTP KeyLogger AntiDebug AntiVM .NET EXE PE File PE32 Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware AutoRuns suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself Windows utilities Check virtual network interfaces suspicious process IP Check Tofsee Windows Browser Email ComputerName Cryptographic key Software crashed keylogger	1 Keyword trend analysis	7	3	14.6	M	54	ZeroCERT

10029	2023-07-25 18:56	scanjo4564864654.exe e114ee8f34fd485647c0512aef82153b Generic Malware WebCam Antivirus KeyLogger AntiDebug AntiVM .NET EXE PE File PE32 VirusTotal Malware powershell Buffer PE suspicious privilege Code Injection Check memory Checks debugger buffers extracted Creates shortcut unpack itself suspicious process AntiVM_Disk VM Disk Size Check Windows ComputerName Cryptographic key crashed keylogger				12.8	M	29	ZeroCERT

10030	2023-07-25 18:55	scangur46468464.exe 30f4b0670b2cd0d54ec80173fc5b87a4 SMTP KeyLogger AntiDebug AntiVM .NET EXE PE File PE32 Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware AutoRuns suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself Windows utilities Check virtual network interfaces suspicious process IP Check Tofsee Windows Browser Email ComputerName Cryptographic key Software crashed keylogger	1 Keyword trend analysis	7	3	14.4	M	37	ZeroCERT

10031	2023-07-25 18:53	scandav44686.exe ad81a4455bc146b9f755af0de4ccf07b SMTP KeyLogger AntiDebug AntiVM .NET EXE PE File PE32 Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware AutoRuns suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself Windows utilities Check virtual network interfaces suspicious process IP Check Tofsee Windows Browser Email ComputerName Cryptographic key Software crashed keylogger	1 Keyword trend analysis	7	3	15.0	M	36	ZeroCERT

10032	2023-07-25 18:53	scandav8444461.exe ff5fec4a83b38cec5781ca7184e098b5 SMTP KeyLogger AntiDebug AntiVM .NET EXE PE File PE32 Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware AutoRuns suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself Windows utilities Check virtual network interfaces suspicious process IP Check Tofsee Windows Browser Email ComputerName Cryptographic key Software crashed keylogger	1 Keyword trend analysis	7	3	14.4	M	39	ZeroCERT

10033	2023-07-25 18:50	scania54646.exe e1f944688e00a6753e1dfa4e5d8a7670 Generic Malware Antivirus PWS AntiDebug AntiVM .NET EXE PE File PE32 VirusTotal Malware AutoRuns suspicious privilege Code Injection Check memory Checks debugger buffers extracted Creates shortcut Creates executable files unpack itself Windows utilities suspicious process AppData folder WriteConsoleW Windows ComputerName Cryptographic key				12.8	M	52	ZeroCERT

10034	2023-07-25 18:50	IBLIBLIBLIBLIBLUBLUBUBIBLIBLIB... 6042e77faf4b55ffab673816405d31b6 MS_RTF_Obfuscation_Objects RTF File doc Malware download VirusTotal Malware Malicious Traffic buffers extracted exploit crash Windows Exploit DNS crashed	1 Keyword trend analysis	3	5 Info ET INFO Executable Download from dotted-quad Host ET MALWARE Likely Evil EXE download from dotted Quad by MSXMLHTTP M1 ET POLICY PE EXE or DLL Windows file download HTTP ET MALWARE Likely Evil EXE download from dotted Quad by MSXMLHTTP M2 ET HUNTING SUSPICIOUS Dotted Quad Host MZ Response	5.2	M	30	ZeroCERT

10035	2023-07-25 18:50	wininit.exe 80e388433ae9dbb6a379d1700285136a .NET EXE PE File PE32 VirusTotal Malware PDB Check memory Checks debugger unpack itself				2.4	M	34	ZeroCERT