Submissions

No Date Request Urls Hosts IDS Rule Score Zero VT Player Etc
11041 2023-08-03 10:14 Regasm.exe  

11918dee7fc7db0c4b2c9bee96e9f9d9


UPX Malicious Library PE File PE32 DLL VirusTotal Malware Check memory Creates executable files unpack itself AppData folder
2.4 21 ZeroCERT

11042 2023-08-03 10:14 yPcjvliXpKoFFc.exe  

8e285d434922e63d303da4e3639fe13c


Malicious Library PE64 PE File VirusTotal Malware MachineGuid Check memory Checks debugger unpack itself
2.2 M 21 ZeroCERT

11043 2023-08-02 20:51 dx9_overlay.dll  

b820ca941ae4e895d4e172de1605a1fd


UPX Malicious Library OS Processor Check DLL PE File PE32 VirusTotal Malware PDB Check memory crashed
1.0 M 2 ZeroCERT

11044 2023-08-02 20:51 data64_2.exe  

6cd65c568257694ab3ec9912419d202e


UPX AntiDebug AntiVM .NET EXE PE File PE32 GIF Format VirusTotal Malware Buffer PE AutoRuns PDB suspicious privilege Code Injection Check memory Checks debugger buffers extracted Creates shortcut Creates executable files unpack itself Windows ComputerName Remote Code Execution
10.8 30 ZeroCERT

11045 2023-08-02 17:09 taskmaskamd.exe  

89e9bc7a5d97370a0f4a35041a54a696


Amadey Themida Packer UPX Malicious Library MPRESS Admin Tool (Sysinternals etc ...) PWS SMTP AntiDebug AntiVM PE File PE32 PE64 OS Processor Check JPEG Format Browser Info Stealer RedLine Malware download Amadey FTP Client Info Stealer VirusTotal Malware Microsoft Buffer PE AutoRuns suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted WMI Creates executable files RWX flags setting unpack itself Windows utilities Collect installed applications Check virtual network interfaces suspicious process AppData folder WriteConsoleW human activity check installed browsers check Tofsee Stealer Windows Browser ComputerName DNS Cryptographic key Software crashed
6 6 12 2 20.6 M 47 ZeroCERT

11046 2023-08-02 17:06 rdpcllp.exe  

768200a76def472e675539094047bed9


Themida Packer UPX Admin Tool (Sysinternals etc ...) PE64 PE File VirusTotal Malware unpack itself Windows Remote Code Execution crashed
3.0 M 37 ZeroCERT

11047 2023-08-02 17:04 x-admins.exe  

1bdfa5d4db8f961fb85677c4d8bb64f4


UPX PE File PE32 VirusTotal Malware Check virtual network interfaces Tofsee Windows keylogger
5 3 1 4.2 M 21 ZeroCERT

11048 2023-08-02 17:04 obizx.exe  

745174884165278ca284212180544a17


Formbook .NET framework(MSIL) AntiDebug AntiVM .NET EXE PE File PE32 FormBook Malware download VirusTotal Malware PDB suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted unpack itself
1 4 1 8.2 M 29 ZeroCERT

11049 2023-08-02 17:02 texaszx.exe  

4a42f9817aaaee146c4454259baf1333


PWS KeyLogger AntiDebug AntiVM .NET EXE PE File PE32 Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware PDB suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself Check virtual network interfaces IP Check Tofsee Browser Email ComputerName Software crashed
2 2 10.2 M 21 ZeroCERT

11050 2023-08-02 17:01 texaszx.doc  

4988698644f51b49860d75366bd0da92


MS_RTF_Obfuscation_Objects RTF File doc Malware download VirusTotal Malware Malicious Traffic exploit crash unpack itself IP Check Tofsee Windows Exploit DNS crashed
1 3 7 4.6 M 18 ZeroCERT

11051 2023-08-02 17:00 obizx.doc  

0ca8f60433aa28b78dc0d301b7884df3


MS_RTF_Obfuscation_Objects RTF File doc Malware download VirusTotal Malware Malicious Traffic RWX flags setting exploit crash Windows Exploit DNS crashed
2 4 5 4.6 M 30 ZeroCERT

11052 2023-08-02 17:00 Invoice_RVSJKAM02GH_pdf.lnk  

ca4756de93f1356c73c37d5ce1e64405


GIF Format Malware download VirusTotal Email Client Info Stealer Malware VBScript Creates shortcut unpack itself Check virtual network interfaces WriteConsoleW Email DNS
1 1 2 3.0 M 4 ZeroCERT

11053 2023-08-02 16:59 taskmask.exe  

f8f7c8c4cc25ba49c5b591aab8bfdc04


UPX Malicious Library PWS SMTP AntiDebug AntiVM OS Processor Check PE File PE32 Browser Info Stealer RedLine Malware download FTP Client Info Stealer VirusTotal Malware Microsoft Buffer PE suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted WMI unpack itself Collect installed applications Check virtual network interfaces WriteConsoleW installed browsers check Tofsee Stealer Windows Browser ComputerName DNS Cryptographic key Software crashed
1 3 3 13.2 39 ZeroCERT

11054 2023-08-02 16:57 fntWRciEqcSHEdy.exe  

319bc79bf9d98e769dbb2c3a5140524b


Malicious Library PE64 PE File VirusTotal Malware Check memory Checks debugger unpack itself
1.8 M 18 ZeroCERT

11055 2023-08-02 16:57 j1neaa.bat  

1551e43ba5cc0468ffa4d54d29870ac0


Downloader Create Service Socket P2P DGA Steal credential Http API Escalate priviledges PWS Sniff Audio HTTP DNS ScreenShot Code injection Internet API FTP KeyLogger AntiDebug AntiVM suspicious privilege Code Injection Check memory Checks debugger Creates shortcut unpack itself Windows utilities suspicious process WriteConsoleW Windows ComputerName Cryptographic key
4.0 ZeroCERT