Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Rule	Score	Zero	VT	Player
10246	2023-09-23 19:34	Black.exe 55e9b1518973a808c7b567fe3ad52153 RedLine Infostealer RedLine stealer UPX .NET framework(MSIL) Confuser .NET PE File PE32 .NET EXE OS Processor Check VirusTotal Malware Check memory Checks debugger unpack itself Windows DNS Cryptographic key		1			3.8	M	54	ZeroCERT

10247	2023-09-23 19:32	aktivosexeeeeeee.exe 626babe1d3377fe912f28488866fd891 .NET framework(MSIL) PE File PE32 .NET EXE Browser Info Stealer VirusTotal Email Client Info Stealer Malware PDB suspicious privilege Check memory Checks debugger unpack itself Browser Email ComputerName crashed					4.0	M	26	ZeroCERT

10248	2023-09-23 19:30	Green.exe 4d6a1026728059cb4259537c95ba4abf RedLine Infostealer RedLine stealer UPX .NET framework(MSIL) Confuser .NET PE File PE32 .NET EXE OS Processor Check VirusTotal Malware Check memory Checks debugger unpack itself Windows DNS Cryptographic key		1			3.8	M	52	ZeroCERT

10249	2023-09-23 19:30	Blue.exe 307a68077f059e5ea634795ce6f2f9ca RedLine Infostealer RedLine stealer UPX .NET framework(MSIL) Confuser .NET PE File PE32 .NET EXE OS Processor Check VirusTotal Malware Check memory Checks debugger unpack itself Windows DNS Cryptographic key		1			3.8	M	53	ZeroCERT

10250	2023-09-23 19:30	qasx.vbs 5b2229d9e2c1e56a5ad88f560b059956 Generic Malware Antivirus Hide_URL PowerShell VirusTotal Malware powershell suspicious privilege Check memory Checks debugger buffers extracted Creates shortcut unpack itself Check virtual network interfaces suspicious process WriteConsoleW Tofsee Windows ComputerName Cryptographic key	3 Keyword trend analysis	3	1		8.4		3	ZeroCERT

10251	2023-09-23 19:28	nsi85.exe a1bc2664e9c74a561ad7d36735914d61 RedLine stealer Gen1 Emotet Browser Login Data Stealer task schedule Malicious Library UPX ASPack Http API PWS HTTP Internet API AntiDebug AntiVM PE File PE32 CAB DLL OS Processor Check Browser Info Stealer RedLine Malware download FTP Client Info Stealer VirusTotal Malware Microsoft AutoRuns PDB suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted WMI Creates executable files unpack itself Collect installed applications AppData folder AntiVM_Disk VM Disk Size Check installed browsers check Stealc Stealer Windows Browser ComputerName Remote Code Execution DNS Cryptographic key Software crashed	1 Keyword trend analysis	2	7 Info ET MALWARE [ANY.RUN] Win32/Stealc Checkin (POST) ET HUNTING GENERIC SUSPICIOUS POST to Dotted Quad with Fake Browser 1 ET INFO Microsoft net.tcp Connection Initialization Activity ET MALWARE Redline Stealer TCP CnC Activity ET MALWARE [ANY.RUN] RedLine Stealer Related (MC-NMF Authorization) ET MALWARE Redline Stealer TCP CnC - Id1Response ET MALWARE Redline Stealer Activity (Response)	1	16.4	M	40	ZeroCERT

10252	2023-09-23 19:28	DV.exe 974cf9781ee4c391d8c78f68247e1b18 PE File ftp PE64 VirusTotal Malware unpack itself					2.0	M	49	ZeroCERT

10253	2023-09-23 19:28	94.228.169.123 a2fb0b0d34d71073cd037e872d40ea14 Generic Malware PE File DLL PE64 VirusTotal Malware					1.0	M	33	ZeroCERT

10254	2023-09-23 19:26	LicenseChecker.exe 9fdc64ec19b88144c87e10004a7ebebd PE File PE32 .NET EXE ftp VirusTotal Malware AutoRuns suspicious privilege MachineGuid Check memory Checks debugger Creates executable files unpack itself Windows utilities suspicious process AppData folder WriteConsoleW Windows					6.4	M	41	ZeroCERT

10255	2023-09-23 19:26	Yellow.exe c164b7fe11a08a813729f746b87d5337 RedLine Infostealer RedLine stealer UPX .NET framework(MSIL) Confuser .NET PE File PE32 .NET EXE OS Processor Check VirusTotal Malware Check memory Checks debugger unpack itself Windows DNS Cryptographic key		1			3.8	M	44	ZeroCERT

10256	2023-09-23 19:23	couzineeeeeeeeeeeeee.exe ea7cb34198de808f03b70a26fc884b12 .NET framework(MSIL) PE File PE32 .NET EXE Browser Info Stealer VirusTotal Email Client Info Stealer Malware PDB suspicious privilege Check memory Checks debugger unpack itself Browser Email ComputerName crashed					4.2	M	35	ZeroCERT

10257	2023-09-23 19:23	c.exe efa3ba876e6958864306ff625b9d74a1 Malicious Library UPX PE File PE32 OS Processor Check VirusTotal Malware unpack itself Remote Code Execution					1.8	M	29	ZeroCERT

10258	2023-09-23 19:21	PLV.exe ac5a067a49c0347a26cb08dbf77f45b2 PE File PE64 VirusTotal Malware unpack itself					2.0	M	50	ZeroCERT

10259	2023-09-23 19:21	Gray.exe 98633738065af5b71b373985df27dad8 RedLine Infostealer RedLine stealer UPX .NET framework(MSIL) Confuser .NET PE File PE32 .NET EXE OS Processor Check VirusTotal Malware Check memory Checks debugger unpack itself Windows DNS Cryptographic key		1			3.8		53	ZeroCERT

10260	2023-09-23 19:18	aa.xll a2fb0b0d34d71073cd037e872d40ea14 Generic Malware PE File DLL PE64 VirusTotal Malware					1.0	M	33	ZeroCERT