Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Rule	Score	Zero	VT	Player
11041	2021-08-09 09:54	32c96ec2c8d3bf05761aef2c8fd76b... 4412eaa3c2dbe82ac9cf982b1229548d UPX Malicious Library PE File PE32 VirusTotal Malware Check memory Windows crashed					2.2	M	34	ZeroCERT

11042	2021-08-09 09:54	32c96ec2c8d3bf05761aef2c8fd76b... 2e0536d1276836fac3ed7eb664148319 UPX Malicious Library PE File PE32 VirusTotal Malware Check memory					1.4	M	35	ZeroCERT

11043	2021-08-09 09:54	@JuicyFruicy1.exe b1ebcd72d3bbfa1066b8ecc33ea33c13 RAT PWS .NET framework Generic Malware UPX OS Processor Check .NET EXE PE File PE32 PE64 Browser Info Stealer FTP Client Info Stealer VirusTotal Malware AutoRuns suspicious privilege MachineGuid Malicious Traffic Check memory Checks debugger buffers extracted Creates executable files unpack itself Windows utilities Collect installed applications Check virtual network interfaces suspicious process suspicious TLD WriteConsoleW installed browsers check Tofsee Windows Browser ComputerName DNS Cryptographic key Software crashed	3 Keyword trend analysis	7	4		10.8	M	45	ZeroCERT

11044	2021-08-09 09:57	askinstall5.exe 4e5c8938ed644daec8e14035d1f13bbe Gen2 Trojan_PWS_Stealer NPKI Emotet RAT Credential User Data Generic Malware UPX Malicious Packer Malicious Library SQLite Cookie Admin Tool (Sysinternals etc ...) Anti_VM ASPack Antivirus OS Processor Check PE File PE32 ELF PNG Format PE64 DLL MSOffic Browser Info Stealer VirusTotal Malware PDB suspicious privilege MachineGuid Code Injection Malicious Traffic Checks debugger WMI Creates executable files exploit crash unpack itself Windows utilities suspicious process AppData folder WriteConsoleW installed browsers check Tofsee Ransomware Windows Exploit Browser ComputerName Remote Code Execution crashed	4 Keyword trend analysis	8	1	3	11.2	M	48	ZeroCERT

11045	2021-08-09 09:58	lv.exe 79070b764d73af227405bb43ff7400db NPKI Emotet Gen1 Gen2 Malicious Library UPX Malicious Packer DGA DNS Socket Create Service Sniff Audio Escalate priviledges KeyLogger Code injection HTTP Hijack Network Internet API FTP ScreenShot Http API Steal credential Downloader P2P persistence AntiD VirusTotal Malware AutoRuns Code Injection Check memory Checks debugger Creates executable files unpack itself Windows utilities AppData folder malicious URLs AntiVM_Disk WriteConsoleW VM Disk Size Check Windows		1			6.6	M	25	ZeroCERT

11046	2021-08-09 09:59	vbc.exe 5da37b461ae4c329da6de8b9bc35709b UPX Malicious Library AntiDebug AntiVM PE File PE32 FormBook Malware download VirusTotal Malware PDB suspicious privilege Code Injection Malicious Traffic Checks debugger buffers extracted unpack itself Remote Code Execution	1 Keyword trend analysis	7	1		9.4	M	44	ZeroCERT

11047	2021-08-09 10:01	kuma.exe b3c7b511cf32bf3f7b7b1c930c1220d7 UPX Malicious Library OS Processor Check PE File PE32 VirusTotal Malware AutoRuns suspicious privilege Malicious Traffic Creates executable files unpack itself suspicious TLD Windows DNS	1 Keyword trend analysis	3	2		5.8	M	53	ZeroCERT

11048	2021-08-09 10:01	askinstall55.exe fe3a923be44c84946428582f6022cd0d Gen2 Trojan_PWS_Stealer NPKI Emotet RAT Credential User Data Generic Malware UPX Malicious Packer Malicious Library SQLite Cookie Admin Tool (Sysinternals etc ...) Anti_VM ASPack Antivirus OS Processor Check PE File PE32 ELF PNG Format PE64 DLL MSOffic Browser Info Stealer VirusTotal Malware PDB suspicious privilege MachineGuid Code Injection Malicious Traffic Checks debugger WMI Creates executable files exploit crash unpack itself Windows utilities suspicious process AppData folder WriteConsoleW installed browsers check Tofsee Ransomware Windows Exploit Browser ComputerName Remote Code Execution crashed	4 Keyword trend analysis	8	1	3	11.2	M	53	ZeroCERT

11049	2021-08-09 10:01	Slipstream.exe dedfaa24909d03522a814068f9c00d5d RAT BitCoin Generic Malware AntiDebug AntiVM .NET EXE PE File PE32 Browser Info Stealer FTP Client Info Stealer VirusTotal Malware suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted unpack itself Collect installed applications Check virtual network interfaces installed browsers check Tofsee Windows Browser ComputerName DNS Cryptographic key Software crashed	2 Keyword trend analysis	3	2		11.8	M	47	ZeroCERT

11050	2021-08-09 10:03	askinstall5.exe df5c5f0768e8d2f554467b930afda09c UPX Malicious Library PE File PE32 VirusTotal Malware PDB unpack itself Remote Code Execution					2.8	M	40	ZeroCERT

11051	2021-08-09 10:08	askinstall54.exe 09bbb3e275b933030e970564ac22fe77 Gen2 Trojan_PWS_Stealer NPKI BitCoin Credential User Data Generic Malware UPX Malicious Packer Malicious Library SQLite Cookie Anti_VM DGA DNS Socket Create Service Sniff Audio Escalate priviledges KeyLogger Code injection HTTP Internet API FTP ScreenS Browser Info Stealer VirusTotal Malware PDB suspicious privilege Code Injection Malicious Traffic Checks debugger WMI Creates executable files ICMP traffic exploit crash unpack itself Windows utilities suspicious process malicious URLs WriteConsoleW installed browsers check Tofsee Windows Exploit Browser ComputerName Remote Code Execution crashed	4 Keyword trend analysis	8	1	3	12.2	M	49	ZeroCERT

11052	2021-08-09 10:31	empty_q1ylzu.hta.html f700771a4157e26361ddb27921b6674c AntiDebug AntiVM MSOffice File MachineGuid Code Injection Check memory RWX flags setting exploit crash unpack itself Windows utilities suspicious process Tofsee Windows Exploit DNS crashed	10 Keyword trend analysis Info https://za.schoolplus.pk/availability/condition/completion/lang/en/zf1TdZ47Z.php https://employee.homesupportandcareinc.com/application/Gk9I8xiDfl.php https://hr.clientbook.co.uk/front_assets/css/plugins/hover-effect/css/oFaRBXje2M7r4D.php https://assettagger.saleseos.com/Classes/PHPExcel/Shared/JAMA/examples/nnfH9djf7ieGT.php https://deepsource.in/ncsitebuilder/css/flag-icon-css/flags/1x1/8wNk3GOASeBjjFa.php https://loans.uhuruloans.com/wp-includes/sodium_compat/namespaced/Core/ChaCha20/vC7yShwVw4.php https://athletesusa.co.uk/wp-content/plugins/wordfence/images/icons/B1tLAqOFWL0XN0.php https://pompeevfx.in/scripts/KrkdMDi4.php https://ebanking.hentostreasury.com/account/UYU7Z0biaiL.php https://rupinis.club/amcerp/public/integration/select2/css/L34ZRoB1qcP.php	2	2		5.2			ZeroCERT

11053	2021-08-09 10:32	logo_w7ka3.hta.html a4bc9811de784a760790de7bb5028e15 AntiDebug AntiVM MSOffice File MachineGuid Code Injection Check memory exploit crash unpack itself Windows utilities suspicious process Tofsee Windows Exploit DNS crashed	10 Keyword trend analysis Info https://shops.simply4u.in/demo/1/Solapur/Chicken-Shop/error/etodrhFXVA.php https://investigacion.seguridadypc.com.mx/wp-includes/sodium_compat/namespaced/Core/ChaCha20/vBYypdC2U.php https://pompeevfx.in/scripts/KrkdMDi4.php https://pizzaplus.com.ng/wp-content/themes/twentytwentyone/template-parts/content/UweT0tlVUgDx.php https://maasaifarms.com/wp-content/plugins/all-in-one-wp-migration/lib/controller/J1byieGYJ.php https://hr.clientbook.co.uk/front_assets/css/plugins/hover-effect/css/oFaRBXje2M7r4D.php https://ebanking.hentostreasury.com/account/UYU7Z0biaiL.php https://mayolid.saddleprime.com/wp-content/plugins/wpforms-lite/src/Access/NJGs1yX6LMhuk.php https://rupinis.club/amcerp/public/integration/select2/css/L34ZRoB1qcP.php https://sbz1.world-inter.com/img/icons/8p28h4AJ2Fn.php	2	2		4.8			ZeroCERT

11054	2021-08-09 10:42	spamer.exe 05df5711f2ac455d0e0a8954056d50f9 Gen1 Generic Malware UPX Malicious Library Anti_VM PE64 OS Processor Check PE File DLL VirusTotal Malware Check memory Creates executable files					2.2		36	ZeroCERT

11055	2021-08-09 11:26	svhost.exe 48fe2a425a5c393ecec9d4b00c3b6431 RAT Generic Malware PE64 PE File VirusTotal Malware AutoRuns suspicious privilege MachineGuid Malicious Traffic Check memory Checks debugger buffers extracted Creates executable files unpack itself Windows utilities Check virtual network interfaces suspicious process WriteConsoleW Tofsee Windows ComputerName	1 Keyword trend analysis	4	1		7.6		31	ZeroCERT