popup

Submissions

No Date Request Urls Hosts IDS Rule Score Zero VT Player Etc
10726 2021-07-31 13:29 WrI1MkLCElXhhWQ.exe  

ea5a1e2c89dcac0afafaec73a375cd60


Generic Malware UPX Admin Tool (Sysinternals etc ...) Antivirus SMTP KeyLogger AntiDebug AntiVM .NET EXE PE32 PE File VirusTotal Malware powershell suspicious privilege Code Injection Check memory Checks debugger buffers extracted Creates shortcut unpack itself powershell.exe wrote suspicious process WriteConsoleW Windows ComputerName DNS Cryptographic key 		2 1 9.6 M 29 ZeroCERT

10727 2021-07-31 13:29 fontSessionRuntimehostNetrevie...  

cd16a74d1fe82b5a8f6d6f5f8d3c66c8


RAT Generic Malware Malicious Packer UPX OS Processor Check .NET EXE PE32 PE File VirusTotal Malware AutoRuns suspicious privilege MachineGuid Malicious Traffic Check memory Checks debugger unpack itself Check virtual network interfaces AntiVM_Disk VM Disk Size Check Windows ComputerName DNS crashed 		1 1 6.0 M 33 ZeroCERT

10728 2021-07-31 13:31 eth.exe  

d61d129ac47f4e08c22fac1689660b2a


Malicious Library PE32 PE File VirusTotal Malware Check memory unpack itself crashed 		1.8 M 23 ZeroCERT

10729 2021-07-31 13:32 mine.exe  

84249000b4b29f797de4c662eb539df1


RAT Generic Malware PSW Bot LokiBot ZeusBot UPX Malicious Library DGA DNS Socket Create Service Sniff Audio Escalate priviledges KeyLogger Code injection HTTP Internet API FTP ScreenShot Http API Steal credential Downloader P2P AntiDebug AntiVM PE64 PE Fi VirusTotal Malware MachineGuid Code Injection Malicious Traffic Check memory Checks debugger buffers extracted Creates executable files unpack itself Windows utilities suspicious process WriteConsoleW Windows ComputerName crashed 		2 4 8.4 M 34 ZeroCERT

10730 2021-07-31 13:33 shell.exe  

258f0036061a9731caa635d83928c721


Malicious Packer PE32 PE File VirusTotal Malware unpack itself DNS 		1 3.6 M 53 ZeroCERT

10731 2021-07-31 13:35 vbc.exe  

265e29e0038861005a5faf3141d104f6


PWS .NET framework Generic Malware UPX Admin Tool (Sysinternals etc ...) .NET EXE PE32 PE File VirusTotal Malware Check memory Checks debugger unpack itself 		2.0 M 23 ZeroCERT

10732 2021-07-31 13:35 PlsWnEU2.exe  

c922041b69d35a08c16829ccafeeaa22


PWS .NET framework BitCoin Generic Malware UPX Admin Tool (Sysinternals etc ...) AntiDebug AntiVM .NET EXE PE32 PE File VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself Check virtual network interfaces Windows Cryptographic key 		1 9.4 M 21 ZeroCERT

10733 2021-07-31 13:36 lv.exe  

036bee46548f543c263666d864125a60


Malicious Library PE32 PE File VirusTotal Malware Creates executable files RWX flags setting unpack itself 		4.0 M 56 guest

10734 2021-07-31 13:43 xmr.exe  

00aae2e7365a2a916fef8b8c9c626e87


Malicious Library PE32 PE File VirusTotal Malware Check memory unpack itself crashed 		1.6 M 17 ZeroCERT

10735 2021-07-31 13:43 07-20-21INVOICES.exe  

bdcdb05af6a2ac95bb13857ab6b6debc


UPX Malicious Library AntiDebug AntiVM OS Processor Check PE32 PE File VirusTotal Malware Buffer PE PDB suspicious privilege Code Injection Checks debugger buffers extracted unpack itself Windows DNS DDNS keylogger 		2 1 11.4 26 ZeroCERT

10736 2021-07-31 13:44 inhack.exe  

dba5b6afcc96a1f12eaeb6ae2b241318


Generic Malware .NET EXE PE32 PE File Check memory Checks debugger unpack itself 		0.8 M ZeroCERT

10737 2021-07-31 13:44 YTtraffic.exe  

a8e0bf583fb1385b5e0d9590c821eb13


PWS .NET framework RAT Generic Malware UPX OS Processor Check .NET EXE PE32 PE File Browser Info Stealer FTP Client Info Stealer VirusTotal Malware suspicious privilege Malicious Traffic Check memory Checks debugger buffers extracted unpack itself Collect installed applications Check virtual network interfaces installed browsers check Tofsee Windows Browser ComputerName DNS Cryptographic key Software crashed 		2 3 2 7.0 M 23 ZeroCERT

10738 2021-07-31 13:45 askinstall40.exe  

a68f69dfce1e9e0d29ba408228bf92d0


Gen2 Trojan_PWS_Stealer NPKI Emotet RAT Credential User Data Generic Malware Malicious Packer UPX Malicious Library SQLite Cookie Admin Tool (Sysinternals etc ...) Anti_VM Antivirus ASPack OS Processor Check PE32 PE File ELF PNG Format PE64 DLL MSOffice Browser Info Stealer VirusTotal Malware PDB suspicious privilege MachineGuid Code Injection Malicious Traffic Checks debugger WMI Creates executable files ICMP traffic exploit crash unpack itself Windows utilities suspicious process AppData folder WriteConsoleW installed browsers check Tofsee Ransomware Windows Exploit Browser ComputerName Remote Code Execution crashed 		3 8 1 2 12.0 M 42 ZeroCERT

10739 2021-07-31 13:46 clip.exe  

e6ed552b84d437e90031f9fc3d41b62a


UPX Malicious Library Admin Tool (Sysinternals etc ...) DGA DNS Socket Create Service Sniff Audio Escalate priviledges KeyLogger Code injection HTTP Internet API FTP ScreenShot Http API Steal credential Downloader P2P AntiDebug AntiVM PE32 PE File Emotet VirusTotal Malware Buffer PE AutoRuns Code Injection buffers extracted Creates executable files RWX flags setting unpack itself Windows utilities suspicious process WriteConsoleW Tofsee Windows ComputerName 		3 4 1 9.6 M 26 ZeroCERT

10740 2021-07-31 13:47 112233.exe  

0602d74b76caa2200b12f83c8a77b617


NPKI Malicious Library DGA DNS Socket Create Service Sniff Audio Escalate priviledges KeyLogger Code injection HTTP Hijack Network Internet API FTP ScreenShot Http API Steal credential Downloader P2P persistence AntiDebug AntiVM PE32 PE File PNG Format OS Browser Info Stealer VirusTotal Malware Buffer PE suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted WMI Creates executable files ICMP traffic unpack itself Windows utilities Collect installed applications Check virtual network interfaces suspicious process malicious URLs AntiVM_Disk WriteConsoleW VM Disk Size Check installed browsers check Tofsee Windows Browser ComputerName Cryptographic key crashed 		3 7 1 15.4 M 34 ZeroCERT

keyword