Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	Score	VT	Player
10096	2021-07-15 11:58	.svchost.exe fcfb0ec70f1419ede8a534cc95cb61e9 UPX PE32 PE File VirusTotal Malware RWX flags setting unpack itself			1.6	26	ZeroCERT

10097	2021-07-15 11:59	file3.exe 047166d4c80ac20a450319ad026f691c RedLine Stealer UPX PE32 PE File OS Processor Check VirusTotal Malware PDB unpack itself			2.4	35	ZeroCERT

10098	2021-07-15 13:29	customer3.exe 2dedc3dfa09be884b673da3fc23b14be UPX PE64 PE File OS Processor Check VirusTotal Malware PDB MachineGuid buffers extracted unpack itself crashed	1 Keyword trend analysis	2	2.6	2	ZeroCERT

10099	2021-07-15 14:15	.svchost.exe fcfb0ec70f1419ede8a534cc95cb61e9 Generic Malware Malicious Packer UPX PE32 PE File VirusTotal Malware RWX flags setting unpack itself			1.6	28	r0d

10100	2021-07-15 14:39	xmrig.exe 84cbc72865b542c646bd89bb9430e7d1 UPX PE64 PE File OS Processor Check VirusTotal Malware unpack itself			1.8	42	ZeroCERT

10101	2021-07-15 15:20	xmrig.exe 84cbc72865b542c646bd89bb9430e7d1 CoinMiner XMRig Miner UPX PE File PE64 OS Processor Check VirusTotal Malware unpack itself			1.8	42	r0d

10102	2021-07-15 15:45	smss.exe bd624b07e8e5650e1fac4fe0d91a9db0 RedLine Stealer UPX PE File OS Processor Check PE32 PDB unpack itself			1.4		guest

10103	2021-07-15 17:36	smss.exe bd624b07e8e5650e1fac4fe0d91a9db0 RedLine Stealer UPX PE File OS Processor Check PE32 PDB unpack itself			1.4		guest

10104	2021-07-15 17:53	Invoice%20865978%20from%20Quic... 17740d73d9ddbd8d456916749e894e8e VBA_macro MSOffice File VirusTotal Malware Check memory unpack itself suspicious process	10 Keyword trend analysis Info http://insiderushings.com:8088/fonts/file10.bin http://fasteasyupdates.com:8088/js/file6.bin http://webservicesamazin.com:8088/styles/file11.bin http://insiderushings.com:8088/vendors/file3.bin http://webservicesamazin.com:8088/fonts/file10.bin http://paymentadvisry.com:8088/styles/file12.bin http://paymentadvisry.com:8088/fonts/file6.bin http://jeromfastsolutions.com:8088/img/file1.bin http://insiderushings.com:8088/css/file7.bin http://insiderushings.com:8088/tpls/file10.bin	8	2.4	21	ZeroCERT

10105	2021-07-15 17:53	Invoice%20562472%20from%20Quic... 0f18ed8bbd5eb168a13a5a32ff859682 VBA_macro MSOffice File PE File PE32 VirusTotal Malware Check memory buffers extracted Creates executable files unpack itself suspicious process Windows crashed	1 Keyword trend analysis	2	4.4	18	ZeroCERT

10106	2021-07-15 17:54	Quotation%20request%20%26%20PO... ba82d0f330926a6702524b27136ba420 Escalate priviledges KeyLogger AntiDebug AntiVM VirusTotal Malware suspicious privilege Check memory Checks debugger unpack itself			2.2	15	ZeroCERT

10107	2021-07-15 17:55	Invoice%20406629%20from%20Quic... fd76309837faedb5323fb4457db18cdd VBA_macro MSOffice File PE File PE32 VirusTotal Malware Check memory buffers extracted Creates executable files unpack itself suspicious process Windows crashed	1 Keyword trend analysis	2	4.6	21	ZeroCERT

10108	2021-07-15 17:57	BIO.dotm 8a7686430d9ad2832e8a4c3992186b36 VBA_macro Antivirus AntiDebug AntiVM powershell suspicious privilege Code Injection Check memory Checks debugger Creates shortcut unpack itself Check virtual network interfaces suspicious process WriteConsoleW Windows ComputerName Cryptographic key	1 Keyword trend analysis	2	8.6		ZeroCERT

10109	2021-07-15 17:58	y.exe c52399bf41e20558230a4703dce2d0fb Gen1 Gen2 UPX PE File PE32 DLL OS Processor Check Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware Cryptocurrency wallets Cryptocurrency MachineGuid Malicious Traffic Check memory Creates executable files unpack itself Windows utilities Collect installed applications suspicious process AppData folder sandbox evasion WriteConsoleW anti-virtualization installed browsers check Ransomware Windows Browser Email ComputerName Software	1 Keyword trend analysis	2	11.6	58	ZeroCERT

10110	2021-07-15 17:59	Invoice%2084525529%20from%20Qu... 07943f0184a722946ed0f74b804448bf VBA_macro MSOffice File PE File PE32 VirusTotal Malware Check memory buffers extracted Creates executable files unpack itself suspicious process Windows crashed	1 Keyword trend analysis	2	3.8	19	ZeroCERT