Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Rule	Score	Zero	VT	Player
10456	2021-07-23 17:24	system.exe d533a598386654e53cfc0ddf48e6e6f7 njRAT backdoor Generic Malware PE32 .NET EXE PE File VirusTotal Malware DNS DDNS		3			3.8		52	ZeroCERT

10457	2021-07-23 17:25	Product_Specifications_Details... d9ab1bffed2d390d04afa425a7cd6a0b Generic Malware SMTP KeyLogger AntiDebug AntiVM PE32 .NET EXE PE File Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware AutoRuns suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted unpack itself Check virtual network interfaces IP Check Tofsee Windows Browser Email ComputerName DNS Cryptographic key DDNS Software crashed	2 Keyword trend analysis	5	3		14.2		41	ZeroCERT

10458	2021-07-23 17:27	OneDrivenwt2.exe 09983f8a77b8aec0f5fb58adccf88a38 njRAT backdoor Generic Malware PE32 .NET EXE PE File Malware download njRAT Malware DNS		3	1		0.6	M		ZeroCERT

10459	2021-07-23 17:29	LongVer.exe 158f91e5817b3bf888b7225bccb7ce83 RAT BitCoin Generic Malware UPX AntiDebug AntiVM PE32 .NET EXE PE File Browser Info Stealer FTP Client Info Stealer VirusTotal Malware PDB suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted unpack itself Collect installed applications Check virtual network interfaces installed browsers check Tofsee Windows Browser ComputerName DNS Cryptographic key Software crashed	2 Keyword trend analysis	3	1		11.8	M	14	ZeroCERT

10460	2021-07-23 17:29	dllhost.exe 8c3b98a8d27573331f86a66a9f8a92dc PWS .NET framework RAT Generic Malware Admin Tool (Sysinternals etc ...) AntiDebug AntiVM PE32 .NET EXE PE File VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself Windows DNS Cryptographic key		3			8.0	M	22	ZeroCERT

10461	2021-07-23 17:31	dllhost.exe 8c3b98a8d27573331f86a66a9f8a92dc PWS .NET framework RAT Generic Malware Admin Tool (Sysinternals etc ...) AntiDebug AntiVM PE32 .NET EXE PE File FormBook Malware download VirusTotal Malware suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted unpack itself Windows DNS Cryptographic key	1 Keyword trend analysis	3	1		9.8	M	22	ZeroCERT

10462	2021-07-23 17:32	askinstall5.exe 3e96a5547c7f923b7262541ba694e0e8 Gen2 Trojan_PWS_Stealer NPKI Emotet RAT Credential User Data Generic Malware Malicious Packer UPX Malicious Library SQLite Cookie Admin Tool (Sysinternals etc ...) Anti_VM Antivirus ASPack PE32 OS Processor Check PE File ELF PNG Format PE64 DLL MSOffice Browser Info Stealer VirusTotal Malware PDB suspicious privilege MachineGuid Code Injection Malicious Traffic Checks debugger WMI Creates executable files exploit crash unpack itself Windows utilities suspicious process AppData folder WriteConsoleW installed browsers check Tofsee Ransomware Windows Exploit Browser ComputerName Remote Code Execution crashed	4 Keyword trend analysis	8	1	2	11.6	M	43	ZeroCERT

10463	2021-07-23 17:35	OneDrivenwt2.exe 825680fcd827a75499de67c7fa7ad684 Generic Malware Malicious Packer PE32 .NET EXE PE File Malware download njRAT VirusTotal Malware PDB suspicious privilege Check memory Checks debugger ICMP traffic unpack itself ComputerName		2	1		4.4	M	30	ZeroCERT

10464	2021-07-23 17:38	Server.exe dce74565e25aa0531c0f40ba8c01b0e0 njRAT backdoor Generic Malware PE32 .NET EXE PE File Malware download njRAT VirusTotal Malware ICMP traffic WriteConsoleW		2	1		2.2	M	61	ZeroCERT

10465	2021-07-23 17:45	askinstall40.exe 68b2aabb0d9f72a93140baed07d9ef16 Gen2 Trojan_PWS_Stealer NPKI BitCoin Credential User Data Generic Malware Malicious Packer UPX Malicious Library SQLite Cookie Anti_VM DGA DNS Socket Create Service Sniff Audio Escalate priviledges KeyLogger Code injection HTTP Internet API FTP ScreenSh Browser Info Stealer VirusTotal Malware PDB suspicious privilege Code Injection Malicious Traffic Checks debugger WMI Creates executable files ICMP traffic exploit crash unpack itself Windows utilities suspicious process malicious URLs WriteConsoleW installed browsers check Tofsee Windows Exploit Browser ComputerName Remote Code Execution crashed	4 Keyword trend analysis	8	1	2	12.6	M	45	ZeroCERT

10466	2021-07-24 21:08	Q76T.dll bf6a524f5543cde20b6fb911edb2a467 Emotet Malicious Packer UPX Malicious Library PE32 OS Processor Check DLL PE File Check memory unpack itself crashed					1.2			guest

10467	2021-07-24 22:43	meta.json ce1c2c908c1689e574e06b79b9e7c34c AntiDebug AntiVM Email Client Info Stealer suspicious privilege Checks debugger Creates shortcut unpack itself AntiVM_Disk VM Disk Size Check installed browsers check Browser Email ComputerName					3.8			guest

10468	2021-07-24 22:47	04365f65a306a3d83219179c00388e... 246a540bc51dbe859ad1853853d1102c AntiDebug AntiVM Email Client Info Stealer suspicious privilege Checks debugger Creates shortcut unpack itself AntiVM_Disk VM Disk Size Check installed browsers check Browser Email ComputerName DNS		1			4.4			guest

10469	2021-07-25 00:00	syswranalyzerbus.exe 185f574f19354dd11d9bc31a3e82d235 Gen2 Gen1 Antivirus Malicious Packer Anti_VM UPX Malicious Library PE32 OS Processor Check PE File PDB Remote Code Execution					0.4			guest

10470	2021-07-25 06:20	C91880B5-5BF6-462E-A5F2-CEC373... f51c188c318b67e298a21dc1bab8d0c2 JPEG Format								guest