Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Score	Zero	VT	Player
10981	2021-08-06 09:38	securebagzx.exe 5c8b1b0d88414006b7fe036730c95e9a Generic Malware Admin Tool (Sysinternals etc ...) Antivirus Socket Escalate priviledges KeyLogger Code injection HTTP Internet API ScreenShot Http API AntiDebug AntiVM .NET EXE PE File PE32 Browser Info Stealer VirusTotal Email Client Info Stealer Malware powershell suspicious privilege Code Injection Check memory Checks debugger buffers extracted Creates shortcut Creates executable files unpack itself powershell.exe wrote suspicious process AppData folder AntiVM_Disk sandbox evasion WriteConsoleW VM Disk Size Check Windows Browser Email ComputerName Cryptographic key				14.2	M	24	ZeroCERT

10982	2021-08-06 09:40	77KpMaGlUit8zQl.exe 3cbb3413f0326aba622bee17f556a293 RAT Generic Malware .NET EXE PE File PE32 VirusTotal Malware Check memory Checks debugger unpack itself crashed				2.6	M	47	ZeroCERT

10983	2021-08-06 09:42	vbc.exe ccedd914fbe08e1b2812df96dc74278e UPX Malicious Library AntiDebug AntiVM PE File PE32 FormBook Malware download VirusTotal Malware PDB suspicious privilege Code Injection Malicious Traffic Checks debugger buffers extracted unpack itself Remote Code Execution	4 Keyword trend analysis Info http://www.sergrtr.com/otcl/?uVjH=mBDnt/Gh8erpdJmR5LUsgS6AYomiYv6KKx4Ciy1VWZ+lm+O2aYdlFCHe7BXtcsumDYUDE2bt&R2Mxt=MjOp3dr0kBhPCb6P http://www.vidacocktails.com/otcl/?uVjH=rypAyBghX+oRSAWiWZi6HXfSOOQXpfwEtRIEbFlRCYHxrojr5D9YoFHDjuuw3w1SPlmQfBvX&R2Mxt=MjOp3dr0kBhPCb6P http://www.lenatwo.com/otcl/?uVjH=jjpdYGPxaq0GEExKffhLJbVQdJjKexSz1KEBGQRYOyI7/Bdn/luiGJqh0JO76VQxmlxEikAe&R2Mxt=MjOp3dr0kBhPCb6P http://www.fussionpromos.com/otcl/?uVjH=R6pBimEX126Y/7jz26NSIB+pAf+iSCkbIcynLs+ia55rI8fnMgFdof6zFKq4BsG3kSXOUZFo&R2Mxt=MjOp3dr0kBhPCb6P	8	1	8.4	M	49	ZeroCERT

10984	2021-08-06 09:44	pdf_document_s233322.html 7f5b73f875f7eb6444f724e8c5ebcb04 Antivirus AntiDebug AntiVM MSOffice File Code Injection RWX flags setting exploit crash unpack itself Windows utilities Tofsee Windows Exploit DNS crashed			2	3.8	M		ZeroCERT

10985	2021-08-06 09:46	VVZMYLHaSOcblqo.exe a9aa5cc96156193b9e742b2b05c111b9 PWS Loki[b] Loki[m] Generic Malware UPX DNS Socket KeyLogger HTTP Internet API ScreenShot Http API AntiDebug AntiVM .NET EXE PE File PE32 Malware download Azorult VirusTotal Malware MachineGuid Code Injection Malicious Traffic Check memory Checks debugger buffers extracted unpack itself malicious URLs Windows ComputerName Cryptographic key	1 Keyword trend analysis	2	1	10.2	M	30	ZeroCERT

10986	2021-08-06 09:49	vbc.exe 1421f8b770cb41d7b33fe2e80c6691e9 UPX Malicious Library AntiDebug AntiVM PE File PE32 FormBook Malware download VirusTotal Malware PDB suspicious privilege Code Injection Malicious Traffic Checks debugger buffers extracted unpack itself	2 Keyword trend analysis	5	1	8.2	M	46	ZeroCERT

10987	2021-08-06 09:53	6Dy0Bg4B9kkMsak.exe 103d1cc218855c90217da5eab8cf7761 PWS .NET framework Generic Malware UPX Admin Tool (Sysinternals etc ...) .NET EXE PE File PE32 VirusTotal Malware Check memory Checks debugger unpack itself crashed				2.6	M	48	ZeroCERT

10988	2021-08-06 09:55	kill$.exe 6b351a94a1b2da234cd920dfbf7499af UPX Malicious Library Antivirus Anti_VM DGA DNS Socket Create Service Sniff Audio Escalate priviledges KeyLogger Code injection HTTP Internet API FTP ScreenShot Http API Steal credential Downloader P2P AntiDebug AntiVM PE64 PE File VirusTotal Malware suspicious privilege Code Injection Check memory WMI Creates executable files Windows utilities suspicious process WriteConsoleW shadowcopy delete Windows ComputerName				8.2	M	40	ZeroCERT

10989	2021-08-06 09:55	KVxnEZMWrmek1i6.exe 71b6febdaccea66e739ead121613814a Generic Malware UPX .NET EXE PE File PE32 VirusTotal Malware Check memory Checks debugger unpack itself ComputerName				2.6	M	42	ZeroCERT

10990	2021-08-06 09:57	BuXTaVVWA5WdvtU.exe 7c5e5f9ba055d8124f78cc32cd02d70f PWS .NET framework Generic Malware UPX Admin Tool (Sysinternals etc ...) .NET EXE PE File PE32 VirusTotal Malware Check memory Checks debugger unpack itself crashed				2.6	M	41	ZeroCERT

10991	2021-08-06 10:00	YCUMy7OsLy2HRs6.exe ed6c05676795aec8b92b73201c000b3b PWS .NET framework Generic Malware Admin Tool (Sysinternals etc ...) SMTP KeyLogger AntiDebug AntiVM .NET EXE PE File PE32 VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself malicious URLs Windows ComputerName Cryptographic key crashed				9.8	M	33	ZeroCERT

10992	2021-08-06 10:01	pscueWLrAI893Mm.exe 028af3720307d853716bfa0f438a0746 Generic Malware Admin Tool (Sysinternals etc ...) AntiDebug AntiVM .NET EXE PE File PE32 FormBook Malware download VirusTotal Malware suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted unpack itself Windows Cryptographic key	12 Keyword trend analysis Info http://www.mylove4tees.com/aqu2/?9r4P2=9ws66imtgg3T3b9kOnthfi50Nu6P9IVW/TE+7j+Pbvzlz2d9z3p7URmmP+8NozKSwRBm4C3L&EjU4Sz=gdMTVRIPlB http://www.income-academy.net/aqu2/ http://www.barrieratxfence.info/aqu2/?9r4P2=lXd4zSUgCC+Gjsky/2vKTrlJaFfVYkpLux/MwnR2z2M4YDrYm4lj055+c6MS0ib3/EWLUfQU&EjU4Sz=gdMTVRIPlB http://www.grandfinishremodeling.com/aqu2/ http://www.sharperimege.com/aqu2/?9r4P2=kVL+er5siNlB7pe1dLZS/sGAoq3svs4UfEDtCPtiHJKEfyVztMafNvCw4QsKRCCzR1PEWQeU&EjU4Sz=gdMTVRIPlB http://www.sharperimege.com/aqu2/ http://www.mylove4tees.com/aqu2/ http://www.golloctror.com/aqu2/ http://www.barrieratxfence.info/aqu2/ http://www.golloctror.com/aqu2/?9r4P2=4uR/nYjgwVtYQYbEgqLfVeOvQ0g/0VggqoBfHm1YELVh/dVGB1YhVcaz8p3nfDlAqMtpxI2v&EjU4Sz=gdMTVRIPlB http://www.grandfinishremodeling.com/aqu2/?9r4P2=NRZUopoDI9LJwLB83JD0yzozs/oGQMk+mwWEPr2pPkzgK4yBOGRtKPbgK/BnV+66QBsVMhyW&EjU4Sz=gdMTVRIPlB http://www.income-academy.net/aqu2/?9r4P2=yTaVLqrhN05vYiJqrghKhV1kwkPK3wCJaLMYrf/MNipjQST+eEaDoRfCXS8xMdNgXSn1AdLb&EjU4Sz=gdMTVRIPlB	13 Info www.golloctror.com(199.59.242.153) www.grandfinishremodeling.com(216.239.32.21) www.myuspace.com() www.barrieratxfence.info(72.1.32.168) www.income-academy.net(104.21.30.11) www.sharperimege.com(107.163.207.203) www.mylove4tees.com(184.168.131.241) 216.239.38.21 - phishing 184.168.131.241 - mailcious 72.1.32.168 107.163.207.203 199.59.242.153 - mailcious 104.21.30.11	1	10.0	M	52	ZeroCERT

10993	2021-08-06 10:02	plot-114.exe c54342185881953b5e36fe05f977cc00 Generic Malware Admin Tool (Sysinternals etc ...) Antivirus Socket Downloader AntiDebug AntiVM .NET EXE PE File PE32 VirusTotal Malware powershell Buffer PE suspicious privilege Code Injection Check memory Checks debugger buffers extracted Creates shortcut unpack itself powershell.exe wrote suspicious process WriteConsoleW Windows ComputerName DNS Cryptographic key		1		13.4	M	30	ZeroCERT

10994	2021-08-06 10:04	h0AuDqUVLDrtpzq.exe d25813cffd6ecbdbcff30e73538c706c RAT Generic Malware UPX Admin Tool (Sysinternals etc ...) .NET EXE PE File PE32 VirusTotal Malware Check memory Checks debugger unpack itself crashed				2.6	M	47	ZeroCERT

10995	2021-08-06 10:07	lLwIMX6OKZZo7VL.exe e3edc417be072edc95357b41c5901d75 Generic Malware Admin Tool (Sysinternals etc ...) SMTP KeyLogger AntiDebug AntiVM .NET EXE PE File PE32 Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted unpack itself Check virtual network interfaces VMware IP Check Tofsee Windows Browser Email ComputerName DNS Cryptographic key DDNS Software crashed	2 Keyword trend analysis	6	5	15.2	M	35	ZeroCERT