Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Score	Zero	VT	Player
10261	2023-09-23 19:04	eae04e28d321627908712bb23d1d47... eae04e28d321627908712bb23d1d4799 Malicious Library UPX Malicious Packer PE File PE32 .NET EXE Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware suspicious privilege Check memory Checks debugger unpack itself Browser Email ComputerName Software crashed				4.4		45	ZeroCERT

10262	2023-09-23 18:58	aa.xll.exe f1b91fdbcd062031687e2766ab6773b6 Generic Malware PE File DLL PE64 VirusTotal Malware MachineGuid Check memory Checks debugger RWX flags setting unpack itself suspicious process WriteConsoleW				3.4	M	37	ZeroCERT

10263	2023-09-23 09:47	Clipper.exe a8336c9284c9ef94e43c872a9d851745 PE File PE32 .NET EXE VirusTotal Malware Malicious Traffic Check memory Checks debugger buffers extracted unpack itself Check virtual network interfaces IP Check Tofsee Tor ComputerName	4 Keyword trend analysis Info http://ip-api.com/line?fields=query,country,city http://eternityms33k74r7iuuxfda4sqsiei3o3lbtr5cpalf6f4skszpruad.onion.nz/clp/7c418373ff8d4e30b27ec3685695bf8a?install=1&wallets=&user=dGVzdDIy&comp=VEVTVDIyLVBD&ip=MTc1LjIwOC4xMzQuMTUy&country=U291dGggS29yZWE%3D&city=U29uZ3BhLWd1 https://onion.nz/onion-site-connection-error/ https://eternityms33k74r7iuuxfda4sqsiei3o3lbtr5cpalf6f4skszpruad.onion.nz/clp/7c418373ff8d4e30b27ec3685695bf8a?install=1&wallets=&user=dGVzdDIy&comp=VEVTVDIyLVBD&ip=MTc1LjIwOC4xMzQuMTUy&country=U291dGggS29yZWE%3D&city=U29uZ3BhLWd1	6	2	4.8		50	ZeroCERT

10264	2023-09-23 09:46	Miner.exe b286969b55a9dbb7c7fb450772107ac1 PE File PE64 VirusTotal Malware		2		1.6		45	ZeroCERT

10265	2023-09-23 09:44	Rat.exe f8c994f9200f4155e881ab90ab1598a7 Malicious Library PE File PE64 VirusTotal Malware RWX flags setting unpack itself ComputerName Remote Code Execution DNS		1	1	5.2		55	ZeroCERT

10266	2023-09-23 09:44	Stealer.exe 841ce3b003ee2d41c5c6b53a983f31c1 .NET framework(MSIL) PE File PE32 .NET EXE VirusTotal Malware MachineGuid Check memory Checks debugger unpack itself				2.2		50	ZeroCERT

10267	2023-09-23 09:44	rh_0.4.9rc1.exe c5c64755f463c91c92f516b3214c5b37 Malicious Library UPX PE File PE32 OS Processor Check VirusTotal Malware WMI RWX flags setting unpack itself ComputerName DNS crashed		1		6.0	M	58	ZeroCERT

10268	2023-09-23 09:42	LummaC2.exe c2ffa5554a8f784cca5476aa87f575e8 Malicious Library UPX Malicious Packer PE File PE32 OS Processor Check VirusTotal Malware				1.8	M	38	ZeroCERT

10269	2023-09-23 09:41	Dropper1.exe 5bdab56a23cabe2a7d38338ba91ecba3 Malicious Library Admin Tool (Sysinternals etc ...) UPX PE File PE32 MZP Format OS Processor Check VirusTotal Malware unpack itself Tofsee ComputerName Remote Code Execution		3	2	1.4	M	5	ZeroCERT

10270	2023-09-23 09:40	d3xi5rws2ffuli.exe 52c2f13a9fa292d1f32439dde355ff71 Malicious Library UPX PWS SMTP AntiDebug AntiVM PE File PE32 OS Processor Check Browser Info Stealer RedLine Malware download FTP Client Info Stealer VirusTotal Malware Microsoft Buffer PE suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself Collect installed applications installed browsers check Stealer Windows Browser ComputerName DNS Cryptographic key Software crashed		1	4	11.0	M	47	ZeroCERT

10271	2023-09-23 09:39	Dropper.exe a5bad49c2447d6c4b7367803a505cb39 Malicious Library Admin Tool (Sysinternals etc ...) UPX PE File PE32 MZP Format OS Processor Check VirusTotal Malware unpack itself Tofsee ComputerName Remote Code Execution		3	2	1.4		4	ZeroCERT

10272	2023-09-23 09:38	Bypass.bat 08c880b1f0b63680b7bdd78408bdceda Generic Malware Downloader Antivirus UPX Create Service Socket P2P DGA Steal credential Http API Escalate priviledges PWS Sniff Audio HTTP DNS ScreenShot Code injection Internet API FTP KeyLogger AntiDebug AntiVM ZIP Format PE File PE32 VirusTotal Malware Malicious Traffic Check memory buffers extracted Windows utilities suspicious process AppData folder WriteConsoleW Windows Remote Code Execution DNS	1 Keyword trend analysis	1	4	4.4		12	ZeroCERT

10273	2023-09-23 09:37	App1234.exe e8a7ed6986b1178188c27b9761f39762 Generic Malware Malicious Library UPX Malicious Packer PE File PE32 OS Processor Check PNG Format ZIP Format Browser Info Stealer VirusTotal Email Client Info Stealer Malware MachineGuid Malicious Traffic Check memory buffers extracted WMI Check virtual network interfaces AntiVM_Disk VM Disk Size Check Tofsee Windows Browser Email ComputerName DNS	3 Keyword trend analysis	7	2	6.6		29	ZeroCERT

10274	2023-09-23 09:36	2ac82382-33f7-4490-a91d-e3cfe4... 3403cb537d8e1e6257068d3189705050 Gen1 Emotet Generic Malware Malicious Library UPX AntiDebug AntiVM PE File PE32 OS Processor Check CAB Malware download NetWireRC RevengeRAT VirusTotal Malware AutoRuns Code Injection Check memory Checks debugger WMI Creates executable files unpack itself AppData folder AntiVM_Disk anti-virtualization VM Disk Size Check Windows ComputerName DNS DDNS crashed		2	2	8.4	M	47	ZeroCERT

10275	2023-09-23 09:36	WhiteCrypt.exe c4d37e5aeffecf5dd8728a71d204dca1 RedLine Infostealer UltraVNC Malicious Library UPX PE File PE32 OS Processor Check VirusTotal Malware PDB suspicious privilege Check memory Checks debugger WMI unpack itself anti-virtualization Windows ComputerName Cryptographic key crashed				5.4	M	36	ZeroCERT