Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Rule	Score	Zero	VT	Player
10396	2023-07-12 07:33	win.exe 4db28116d59c1667b312039549196abb UPX Malicious Library PE File PE32 DLL PNG Format VirusTotal Malware Check memory Creates executable files unpack itself AppData folder					2.4	M	22	ZeroCERT

10397	2023-07-12 07:33	KHW.exe 9fba2532f5509e75359b0b5adbad9da6 PWS SMTP KeyLogger AntiDebug AntiVM .NET EXE PE File PE32 Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware AutoRuns PDB suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself Check virtual network interfaces IP Check Tofsee Windows Browser Email ComputerName DNS Cryptographic key Software crashed		4	4		14.0		38	ZeroCERT

10398	2023-07-12 07:32	wins.exe 5ee9e77231b275cafb560643b6254ef2 Generic Malware Antivirus .NET EXE PE File PE32 VirusTotal Malware powershell PDB suspicious privilege Code Injection Check memory Checks debugger Creates shortcut unpack itself Windows utilities powershell.exe wrote suspicious process WriteConsoleW Windows ComputerName Cryptographic key					8.0		20	ZeroCERT

10399	2023-07-12 07:29	lt2.1.exe 86faedbcbc10593066fe8bfe81eecb0a .NET framework(MSIL) .NET EXE PE File PE32 VirusTotal Malware Check memory Checks debugger unpack itself					2.2		33	ZeroCERT

10400	2023-07-11 18:54	USDT.exe b9ade4e25308a1bfe4a8e4d9433937ba AntiDebug AntiVM MSOffice File Code Injection RWX flags setting exploit crash unpack itself Windows utilities Tofsee Windows Exploit DNS crashed		3	2		3.8			ZeroCERT

10401	2023-07-11 18:51	worldperform.exe 5b5fd4b5ce374372b49e7cc0da6f0e4c Gen1 Emotet Malicious Library UPX Malicious Packer .NET framework(MSIL) CAB PE64 PE File OS Processor Check .NET EXE PE32 VirusTotal Malware AutoRuns PDB Check memory Checks debugger Creates executable files unpack itself Check virtual network interfaces AppData folder Tofsee Windows Remote Code Execution Cryptographic key		2	2		5.6	M	21	ZeroCERT

10402	2023-07-11 18:45	fub23489bgf8uy32bf23%27r.exe 909570c37d5cd3165461458d9cd60c4b UPX Malicious Library PE File PE32 VirusTotal Malware Check memory Checks debugger unpack itself crashed					2.0	M	24	ZeroCERT

10403	2023-07-11 18:43	MGH.exe 2ca0fd657c122f59abb813053a610478 .NET framework(MSIL) SMTP KeyLogger AntiDebug AntiVM .NET EXE PE File PE32 Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware AutoRuns PDB suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself Check virtual network interfaces IP Check Tofsee Windows Browser Email ComputerName DNS Cryptographic key Software crashed		4	4		12.8	M	22	ZeroCERT

10404	2023-07-11 15:02	Apppdfread.msi c328b1c0c6809ae49d020d353bcc843a Generic Malware Malicious Library Antivirus OS Processor Check CAB MSOffice File Malware download NetWireRC VirusTotal Malware suspicious privilege Check memory Checks debugger unpack itself AntiVM_Disk VM Disk Size Check human activity check BitRAT ComputerName DNS		1	2		3.2		2	ZeroCERT

10405	2023-07-11 10:06	Lst.exe 163d4e2d75f8ce6c838bab888bf9629c Gen1 UPX Malicious Library Malicious Packer Anti_VM OS Processor Check PE64 PE File DLL ZIP Format VirusTotal Malware Check memory Creates executable files crashed					2.6		44	ZeroCERT

10406	2023-07-11 10:05	into.txt.vbs 77b99c19d7f1d83eba555f7415a70986 Generic Malware Antivirus VirusTotal Malware powershell suspicious privilege Check memory Checks debugger buffers extracted Creates shortcut unpack itself Check virtual network interfaces suspicious process WriteConsoleW Windows ComputerName DNS Cryptographic key	1 Keyword trend analysis	2	2		8.0	M	4	ZeroCERT

10407	2023-07-11 10:05	rev.bat 4986cda33d79aa6d6034cd666895dd09 Generic Malware Downloader Antivirus Create Service Socket P2P DGA Steal credential Http API Escalate priviledges PWS Sniff Audio HTTP DNS ScreenShot Code injection Internet API FTP KeyLogger AntiDebug AntiVM Malware download NetWireRC VirusTotal Malware powershell suspicious privilege Code Injection Check memory Checks debugger Creates shortcut unpack itself Windows utilities suspicious process WriteConsoleW Tofsee BitRAT Windows ComputerName DNS Cryptographic key	2 Keyword trend analysis	3	3	1	7.6		3	ZeroCERT

10408	2023-07-11 10:04	SysdiagHelp.bat f4987b97440b898fd438b292a5fdab17 Generic Malware Downloader Antivirus Create Service Escalate priviledges Socket P2P DGA Steal credential Http API PWS Sniff Audio HTTP DNS ScreenShot Code injection Internet API FTP KeyLogger AntiDebug AntiVM Malware download NetWireRC VirusTotal Malware powershell suspicious privilege Code Injection Check memory Checks debugger Creates shortcut unpack itself Windows utilities powershell.exe wrote suspicious process WriteConsoleW Tofsee BitRAT Windows ComputerName DNS Cryptographic key	2 Keyword trend analysis	3	3	1	7.0		9	ZeroCERT

10409	2023-07-11 09:39	h.html 1c87f3cd6fb4a0197977a9d7365a5e09 Generic Malware Antivirus AntiDebug AntiVM PowerShell powershell suspicious privilege MachineGuid Code Injection Check memory Checks debugger Creates shortcut RWX flags setting unpack itself Windows utilities powershell.exe wrote Check virtual network interfaces suspicious process Tofsee Windows ComputerName Cryptographic key	1 Keyword trend analysis	2	1		10.0			ZeroCERT

10410	2023-07-11 09:38	bv6.jpg.ps1 8f1d7cb8f3b9b72dd69fc451fca11a64 Generic Malware Antivirus powershell Check memory unpack itself Check virtual network interfaces WriteConsoleW Tofsee Windows ComputerName Cryptographic key	2 Keyword trend analysis	2	1		3.0	M		ZeroCERT