Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Rule	Score	Zero	VT	Player
10756	2021-08-01 09:16	fucksss.txt f3df0715d3b7e11953400f090fa6e9b7 ScreenShot AntiDebug AntiVM VirusTotal Malware Check memory unpack itself					1.4		9	ZeroCERT

10757	2021-08-01 09:16	av_lolllllllllllllllllllllllll... b2968e65b5447366fd62491ad62ef86a ScreenShot AntiDebug AntiVM VirusTotal Malware Check memory unpack itself					1.4		2	ZeroCERT

10758	2021-08-01 09:18	tabhost.exe 2b2019bf18467e9150aeda07acbdd1e8 UPX Malicious Library OS Processor Check PE32 PE File VirusTotal Malware PDB unpack itself					1.8		22	ZeroCERT

10759	2021-08-01 09:19	lv.exe a1ddbca18b0bae182a2c4d233ffda97f NPKI Gen1 Emotet Gen2 Malicious Library UPX Malicious Packer DGA DNS Socket Create Service Sniff Audio Escalate priviledges KeyLogger Code injection HTTP Hijack Network Internet API FTP ScreenShot Http API Steal credential Downloader P2P persistence AntiD VirusTotal Malware Buffer PE AutoRuns Code Injection Check memory Checks debugger buffers extracted Creates executable files unpack itself Windows utilities AppData folder malicious URLs AntiVM_Disk WriteConsoleW VM Disk Size Check Windows		1			10.0		25	ZeroCERT

10760	2021-08-01 09:29	proll.exe 4276b2401eb82019fa72fe3c477f20f4 Generic Malware Themida Packer Malicious Library .NET EXE PE32 PE File Browser Info Stealer FTP Client Info Stealer VirusTotal Malware suspicious privilege Malicious Traffic Check memory Checks debugger buffers extracted unpack itself Checks Bios Collect installed applications Detects VMWare Check virtual network interfaces VMware anti-virtualization installed browsers check Tofsee Windows Browser ComputerName Firmware DNS Cryptographic key Software crashed	2 Keyword trend analysis	3	2		10.2	M	38	ZeroCERT

10761	2021-08-01 09:29	smoke.exe 8b8bd25f4ae51c193f117f15e9bbb888 PWS .NET framework RAT Generic Malware UPX OS Processor Check .NET EXE PE32 PE File Browser Info Stealer FTP Client Info Stealer VirusTotal Malware suspicious privilege Malicious Traffic Check memory Checks debugger buffers extracted unpack itself Collect installed applications Check virtual network interfaces installed browsers check Tofsee Windows Browser ComputerName DNS Cryptographic key Software crashed	2 Keyword trend analysis	3	2		7.0	M	29	ZeroCERT

10762	2021-08-01 09:30	downloaddocument.do c0e07efbb0dd361490426661fe992f6f Emotet Malicious Packer UPX Malicious Library DLL PE32 PE File Dridex TrickBot VirusTotal Malware suspicious privilege Malicious Traffic Checks debugger buffers extracted RWX flags setting unpack itself Check virtual network interfaces suspicious process Kovter ComputerName DNS	4 Keyword trend analysis Info https://138.34.28.219/login.cgi?uri=/index.html - rule_id: 2674 https://38.110.103.113/rob116/TEST22-PC_W617601.E07BB07373A3BB3F491F304B3B719B93/5/file/ https://138.34.28.219/cookiechecker?uri=/rob116/TEST22-PC_W617601.E07BB07373A3BB3F491F304B3B719B93/5/file/ - rule_id: 2675 https://138.34.28.219/index.html - rule_id: 2677	3	2	3	5.8	M	14	ZeroCERT

10763	2021-08-01 09:32	@Stewor.exe 250a5f8df1e6ede5f3853add72080308 PWS .NET framework RAT Generic Malware UPX OS Processor Check .NET EXE PE32 PE File PE64 Browser Info Stealer FTP Client Info Stealer VirusTotal Malware suspicious privilege MachineGuid Malicious Traffic Check memory Checks debugger buffers extracted Creates executable files unpack itself Collect installed applications Check virtual network interfaces installed browsers check Tofsee Windows Browser ComputerName DNS Cryptographic key Software crashed	3 Keyword trend analysis	6	2		9.0	M	29	ZeroCERT

10764	2021-08-01 09:52	build.exe cd99cd64d0deb3fe2aa4919f3abfcd55 RAT Generic Malware PE64 PE File VirusTotal Malware MachineGuid Check memory Checks debugger unpack itself ComputerName crashed					2.4		31	ZeroCERT

10765	2021-08-01 16:04	all_bypassiiiiiiioolll.txt.ps1 98cb6ca6f3fce6bb6566fb69a3f78985 Antivirus unpack itself WriteConsoleW Windows Cryptographic key					0.8			ZeroCERT

10766	2021-08-01 17:13	autodata.exe 05d3ecbebc7492b620bdd443ddec52a1 Generic Malware Malicious Library PE32 PE File DLL VirusTotal Malware AppData folder Remote Code Execution					1.8	M	51	r0d

10767	2021-08-01 17:17	svchost.exe 7a898f78eb97b42d86893276d19f0abf Generic Malware Malicious Library PE32 PE File DLL VirusTotal Malware AppData folder Windows Remote Code Execution	1 Keyword trend analysis	2	1	1	2.0	M	36	r0d

10768	2021-08-01 17:21	nuevo.exe d5c87c83b729c3047d0c9c213dfc8e64 Generic Malware Malicious Library PE32 PE File DLL VirusTotal Malware AppData folder Remote Code Execution					1.8	M	45	r0d

10769	2021-08-01 20:20	ExcUserFault_CMFSyncAgent-2021... 1caf6b8b30618929e154523712a83982 AntiDebug AntiVM Email Client Info Stealer suspicious privilege Checks debugger Creates shortcut unpack itself AntiVM_Disk VM Disk Size Check installed browsers check Browser Email ComputerName					3.8			guest

10770	2021-08-01 20:25	ExcUserFault_CMFSyncAgent-2021... 1caf6b8b30618929e154523712a83982 AntiDebug AntiVM Email Client Info Stealer suspicious privilege Checks debugger Creates shortcut unpack itself AntiVM_Disk VM Disk Size Check installed browsers check Browser Email ComputerName					3.8			guest