popup

Submissions

No Date Request Urls Hosts IDS Rule Score Zero VT Player Etc
1051 2020-07-28 13:31 http://www.nalara1220.o-r.kr/  

c032bb944d6fba21799bd5a4df5b6122


Code Injection Creates executable files RWX flags setting unpack itself Windows utilities Windows DNS 		6 2 3.6

1052 2020-07-28 13:31 http://www.nalara1220.o-r.kr/  

c032bb944d6fba21799bd5a4df5b6122


Code Injection Creates executable files unpack itself Windows utilities Windows DNS 		6 2 3.2

1053 2020-07-28 13:34 http://www.nalara1220.o-r.kr/  

c032bb944d6fba21799bd5a4df5b6122


Code Injection Creates executable files unpack itself Windows utilities Windows DNS 		6 2 3.2

1054 2020-07-28 13:34 http://www.nalara1220.o-r.kr/  

c032bb944d6fba21799bd5a4df5b6122


Code Injection Creates executable files unpack itself Windows utilities Windows DNS 		6 2 3.2

1055 2020-07-28 13:36 http://www.nalara1220.o-r.kr/  

c032bb944d6fba21799bd5a4df5b6122


Code Injection Creates executable files unpack itself Windows utilities Windows DNS 		6 2 3.2

1056 2020-07-28 13:36 http://www.nalara1220.o-r.kr/  

c032bb944d6fba21799bd5a4df5b6122


Code Injection Creates executable files unpack itself Windows utilities Windows DNS 		6 2 3.2

1057 2020-07-28 13:38 putty.exe  

6fa14b3b1c54a26f0b9bbcd2f6b45899


Remote Code Execution 		0.8 M

1058 2020-07-28 13:41 TouchEn_nxKey_32bit.exe  

38e9393d6d801a71019d0bac4d77da4a


VirusTotal Malware AutoRuns suspicious privilege Code Injection Check memory Creates executable files unpack itself Windows utilities AppData folder malicious URLs AntiVM_Disk sandbox evasion VM Disk Size Check Windows ComputerName Remote Code Execution 		9.6 2

1059 2020-07-28 13:42 UniSignCRSV3Setup.exe  

3bc8fa98ea99c1d05756ab42799a8ba0


VirusTotal Malware AutoRuns Check memory Checks debugger Creates executable files unpack itself Checks Bios Detects VirtualBox Detects VMWare AppData folder malicious URLs AntiVM_Disk sandbox evasion VMware anti-virtualization VM Disk Size Check Windows ComputerName crashed 		10.4 5

1060 2020-07-28 13:55 INQUIRY AND CATALOGS.exe  

c8d3124da2597ed5622840c8129bd6f6


VirusTotal Malware Check memory Checks debugger ICMP traffic unpack itself malicious URLs WriteConsoleW DNS 		1 5.4 61

1061 2020-07-28 13:59 qx9768421h7129173938.exe  

8d8013e9caed8b7fdad536c0b7b493dc


VirusTotal Malware Malicious Traffic unpack itself sandbox evasion Windows Advertising ComputerName DNS Cryptographic key 		1 1 4.8 M 6

1062 2020-07-28 14:01 c5thz04025.exe  

97563106fce67ac0045ca410b16cde95


VirusTotal Malware Malicious Traffic unpack itself malicious URLs sandbox evasion Windows Advertising ComputerName DNS Cryptographic key 		1 1 6.4 17

1063 2020-07-28 14:02 INQUIRY AND CATALOGS.exe  

c8d3124da2597ed5622840c8129bd6f6


njRAT VirusTotal Malware AutoRuns suspicious privilege Check memory Checks debugger ICMP traffic unpack itself Windows utilities malicious URLs WriteConsoleW Windows ComputerName DNS 		1 7.6 61

1064 2020-07-28 14:02 zOG68.exe  

89dcb6e9910e3d034b2e7fb9f670ef07


VirusTotal Malware AutoRuns unpack itself Auto service malicious URLs AntiVM_Disk sandbox evasion VM Disk Size Check human activity check Windows Advertising ComputerName DNS Cryptographic key 		2 2 8.4 7

1065 2020-07-28 14:03 qx9768421h7129173938.exe  

8d8013e9caed8b7fdad536c0b7b493dc


VirusTotal Malware Malicious Traffic unpack itself malicious URLs sandbox evasion Windows Advertising ComputerName DNS Cryptographic key 		1 1 5.6 M 6

keyword