Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Rule	Score	Zero	VT	Player
10546	2021-07-27 09:24	3003.exe 1609d18c06f71cd892d6fb524ecfc2ad Gen2 UPX Malicious Library PE32 PE File OS Processor Check DLL VirusTotal Malware MachineGuid Malicious Traffic Check memory Checks debugger buffers extracted WMI Creates executable files unpack itself AppData folder sandbox evasion IP Check Tofsee ComputerName	5 Keyword trend analysis	10 Info ol.gamegame.info(172.67.200.215) - mailcious live.goatgame.live(104.21.70.98) - malware google.vrthcobj.com(34.97.69.225) - mailcious by.dirfgame.com(172.67.215.92) - mailcious ip-api.com(208.95.112.1) 172.67.200.215 34.97.69.225 - mailcious 208.95.112.1 104.21.78.28 - mailcious 172.67.222.125 - malware	2	2	7.2	M	24	ZeroCERT

10547	2021-07-27 09:26	.svchost.exe 264a4f1da5163ba11190d5b3cab35418 Generic Malware Malicious Packer UPX PE32 PE File VirusTotal Malware RWX flags setting unpack itself					1.4		16	ZeroCERT

10548	2021-07-27 09:28	filler_6DEr4X.png 98cba5d4e3bc55750e6716b3d952e375 Malicious Library PE32 DLL PE File VirusTotal Malware					1.2		22	ZeroCERT

10549	2021-07-27 09:28	13.dll 63922c2487337188b76e721d86ba1a4f Malicious Library PE32 DLL PE File VirusTotal Malware					1.2		21	ZeroCERT

10550	2021-07-27 09:28	11.dll ebdfd39f4b9ab189cd32b271db4bb3ac Malicious Library PE32 DLL PE File VirusTotal Malware					1.2		21	ZeroCERT

10551	2021-07-27 09:37	report 07.21.doc 1d614c41e99a9cd6749eedff96c0bb0f AntiDebug AntiVM VirusTotal Malware Code Injection Check memory RWX flags setting unpack itself suspicious process Interception		2			6.6		10	ZeroCERT

10552	2021-07-27 09:44	11.dll ebdfd39f4b9ab189cd32b271db4bb3ac Dridex Generic Malware Malicious Library PE32 DLL PE File VirusTotal Malware					1.2	M	21	r0d

10553	2021-07-27 09:47	13.dll 63922c2487337188b76e721d86ba1a4f Dridex Generic Malware Malicious Library PE32 DLL PE File VirusTotal Malware					1.2	M	21	r0d

10554	2021-07-27 11:20	sqlite.dll f7c2849c7a99577986f62500808413de Gen2 UPX Malicious Library PE32 OS Processor Check DLL PE File VirusTotal Malware Checks debugger unpack itself crashed					1.2		9	ZeroCERT

10555	2021-07-27 11:52	M0031.cab beb963a9b929bf9617af474087e9f848 Escalate priviledges KeyLogger AntiDebug AntiVM suspicious privilege Check memory Checks debugger unpack itself					1.6			ZeroCERT

10556	2021-07-27 16:27	tukur.exe 74cc8791ab49d471328eef8127c493ed PWS .NET framework Generic Malware Admin Tool (Sysinternals etc ...) PE32 .NET EXE PE File VirusTotal Malware Check memory Checks debugger unpack itself crashed					2.6	M	51	guest

10557	2021-07-27 17:55	arinzex.exe f014241e8c93d4dbafb85339eae88015 PWS .NET framework RAT Generic Malware Admin Tool (Sysinternals etc ...) PE32 .NET EXE PE File VirusTotal Malware Check memory Checks debugger unpack itself crashed					2.2	M	28	ZeroCERT

10558	2021-07-27 17:56	nputty.exe 2d5e1b62b58404ac5040f7454b9a73fe Generic Malware DNS AntiDebug AntiVM PE32 .NET EXE PE File VirusTotal Malware Buffer PE suspicious privilege MachineGuid Code Injection Check memory Checks debugger buffers extracted unpack itself Windows utilities suspicious process malicious URLs WriteConsoleW human activity check Windows ComputerName crashed		4			14.8		14	ZeroCERT

10559	2021-07-27 17:58	ordergoz.exe 51b772a457b8697400bb70e6cca34ffb PWS .NET framework RAT Generic Malware Admin Tool (Sysinternals etc ...) PE32 .NET EXE PE File VirusTotal Malware Check memory Checks debugger unpack itself crashed					2.2	M	20	ZeroCERT

10560	2021-07-27 17:58	odogwux.exe 9c0421b87aa0703d72fe9b405938eecc RAT Generic Malware Admin Tool (Sysinternals etc ...) PE32 .NET EXE PE File VirusTotal Malware Check memory Checks debugger unpack itself crashed					1.6	M	18	ZeroCERT