Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Score	Zero	VT	Player
10231	2021-07-20 08:23	.svchost.exe 08730cdd286a4c9d46b38bb6545ac311 Generic Malware UPX Malicious Packer PE File PE32 VirusTotal Malware Check memory RWX flags setting unpack itself ComputerName				1.8	M	11	ZeroCERT

10232	2021-07-20 08:25	PREVENTIVO RICHIESTO (2).exe 72d9c62e4483519df1303fe0c46d16aa PE File PE32 VirusTotal Malware RWX flags setting unpack itself				1.6		21	ZeroCERT

10233	2021-07-20 08:25	RICHIESTA DI OFFERTA.exe 73bb5c4b690b8d6df88d6bc18fb3a553 PE File PE32 VirusTotal Malware RWX flags setting unpack itself				1.6		26	ZeroCERT

10234	2021-07-20 09:39	dontTouch.exe 818a64d619f6bbdbc4d68ff7411b6418 PWS/Dexter UPX Malicious Library PE File OS Processor Check PE32 VirusTotal Malware Check memory DNS		1		2.0		55	r0d

10235	2021-07-20 09:47	ComparePlus.dll b3a8c88297daecdb9b0ac54a3c107797 Lazarus Family UPX Malicious Library PE File OS Processor Check PE32 DLL VirusTotal Malware Checks debugger unpack itself crashed				1.8		30	r0d

10236	2021-07-20 11:16	ComparePlus.dll b3a8c88297daecdb9b0ac54a3c107797 Lazarus Family UPX Malicious Library PE File OS Processor Check PE32 DLL VirusTotal Malware Checks debugger unpack itself				1.6		30	r0d

10237	2021-07-20 11:22	ComparePlus.dll b3a8c88297daecdb9b0ac54a3c107797 Lazarus Family UPX Malicious Library PE File OS Processor Check PE32 DLL VirusTotal Malware Checks debugger unpack itself				1.6		30	r0d

10238	2021-07-20 14:48	RICHIESTA DI OFFERTA.exe 73bb5c4b690b8d6df88d6bc18fb3a553 Generic Malware Malicious Packer PE File PE32 VirusTotal Malware RWX flags setting unpack itself				1.6		26	r0d

10239	2021-07-20 15:43	update.exe 44b42e92ffe33907c539d1135bb05239 Generic Malware PE32 PE File Emotet VirusTotal Malware AutoRuns suspicious privilege Code Injection buffers extracted RWX flags setting unpack itself Disables Windows Security AntiVM_Disk sandbox evasion VM Disk Size Check Windows ComputerName crashed				9.0	M	57	r0d

10240	2021-07-20 20:14	new.exe 7b0e68ea17fa8f075f107673db3a3d76 Generic Malware Admin Tool (Sysinternals etc ...) PE32 .NET EXE PE File VirusTotal Malware Check memory Checks debugger unpack itself crashed				2.2	M	46	ZeroCERT

10241	2021-07-20 20:14	lipster.exe c64a220c7bc93f564bbf61643bcd7669 UPX PE32 OS Processor Check PE File VirusTotal Malware PDB unpack itself				2.4	M	33	ZeroCERT

10242	2021-07-20 20:16	father.exe 67a819b5e19ed9246ad1846ca8949444 Generic Malware UPX SMTP KeyLogger AntiDebug AntiVM PE32 .NET EXE PE File VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself Windows utilities suspicious process WriteConsoleW Windows ComputerName Cryptographic key crashed				10.6	M	33	ZeroCERT

10243	2021-07-20 20:16	okitooo.exe d28ebc3a8492ad81a5241356c3f8f799 PWS .NET framework RAT Generic Malware Admin Tool (Sysinternals etc ...) SMTP KeyLogger AntiDebug AntiVM PE32 OS Processor Check .NET EXE PE File VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself Windows utilities suspicious process WriteConsoleW Windows ComputerName Cryptographic key crashed				10.8		15	ZeroCERT

10244	2021-07-20 20:18	jammit.exe 1eef4e00023f2fff7e25d920b09be925 Generic Malware UPX PE32 .NET EXE PE File VirusTotal Malware Check memory Checks debugger unpack itself				2.2	M	37	ZeroCERT

10245	2021-07-20 20:19	vbc.exe 97f88b87d0c0abb2a153e3e1e4cc07af PWS .NET framework RAT Generic Malware AntiDebug AntiVM PE32 OS Processor Check .NET EXE PE File VirusTotal Malware suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted unpack itself Windows DNS Cryptographic key	10 Keyword trend analysis Info http://www.birworld.com/gno4/ http://www.pawfectweddingday.com/gno4/?4hIPNx=q1DetQwdceRPWoytmhQ4nwfD+Z4EH5xXw2Ctr7u5RyW6HsSuiO9ckxpYxxO1za4hJkczZyUl&nfut_N=xPJx_6PP http://www.woodburybankruptcylawyer.com/gno4/?4hIPNx=IX00HVZE6wNbZHoXEB5NAw0ghhV/6sfnbQoOE50bd3DvkQc+f/6CS20MU3b9Ys97YVAzlRrq&nfut_N=xPJx_6PP http://www.pawfectweddingday.com/gno4/ http://www.wholeitaly.com/gno4/ http://www.birworld.com/gno4/?4hIPNx=7Bwa5rl2dbMxzce1f9bdhEV4tVywZ6cDJS3P1JuiERFNLVrtvFTVSz7FmGC37GENo4kdSeM/&nfut_N=xPJx_6PP http://www.woodburybankruptcylawyer.com/gno4/ http://www.ilearn-online.net/gno4/ http://www.wholeitaly.com/gno4/?4hIPNx=E0wmqjZ/tSyoDlBP4LYhfYpkZeQjBGQBk3/BLkEL7fo+9SBw3/N4xVcwHlHHqW/od4t3AXIt&nfut_N=xPJx_6PP http://www.ilearn-online.net/gno4/?4hIPNx=3B2cNDucHr8z5Q1kju7M0bYTMmXODI/oRPM2NCfflpIYpoZfCkz+7l9iNcaIcgUCcEMAmp3f&nfut_N=xPJx_6PP	11 Info www.pegasusmustang.icu() www.birworld.com(172.67.186.196) www.wholeitaly.com(3.143.123.90) www.pawfectweddingday.com(66.235.200.121) www.ilearn-online.net(85.233.160.22) www.woodburybankruptcylawyer.com(52.58.78.16) 66.235.200.121 104.21.36.66 52.58.78.16 - mailcious 85.233.160.22 13.59.53.244 - mailcious	1	9.6	M	29	ZeroCERT