Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Rule	Score	Zero	VT	Player
11056	2021-08-09 11:26	cc.exe 3694ac62d90c1e9f89145f324dc0e204 UPX Malicious Library DGA DNS Socket Create Service Sniff Audio Escalate priviledges KeyLogger Code injection HTTP Internet API FTP ScreenShot Http API Steal credential Downloader P2P AntiDebug AntiVM PE File PE32 VirusTotal Malware AutoRuns Code Injection buffers extracted Creates executable files RWX flags setting unpack itself Windows utilities suspicious process WriteConsoleW Tofsee Windows ComputerName	2 Keyword trend analysis	2	1	1	10.0		15	ZeroCERT

11057	2021-08-09 11:28	sys.exe e4ec80c2fd3c010788215a45cd7569dc UPX Malicious Library OS Processor Check PE File PE32 VirusTotal Malware					1.0		11	ZeroCERT

11058	2021-08-09 11:28	mz.exe 05484e3762e29ecdc0ac0fe66b518b35 UPX Malicious Library OS Processor Check PE File PE32 VirusTotal Malware AutoRuns suspicious privilege Malicious Traffic Creates executable files unpack itself Windows DNS		2	2		5.4	M	49	ZeroCERT

11059	2021-08-09 11:28	360sd.dll 6168ff8527adff76a81c1e8017aa6278 UPX OS Processor Check DLL PE File PE32 VirusTotal Malware					0.4		8	ZeroCERT

11060	2021-08-09 11:30	2.exe 294fab1523dc3b50cbcc120e67946a5b UPX Malicious Library OS Processor Check PE File PE32 VirusTotal Malware AutoRuns suspicious privilege Malicious Traffic Creates executable files unpack itself Windows DNS		2	2		5.4	M	55	ZeroCERT

11061	2021-08-09 12:27	ethminer.exe 85214830d6e4d6490651ddf1a0bc91c4 CoinMiner QuickMiner UPX Malicious Library PE64 OS Processor Check PE File VirusTotal Malware					1.0		23	ZeroCERT

11062	2021-08-09 13:29	360sd.dll 6168ff8527adff76a81c1e8017aa6278 Generic Malware UPX Admin Tool (Sysinternals etc ...) OS Processor Check DLL PE File PE32 VirusTotal Malware					0.4	M	8	r0d

11063	2021-08-09 17:15	readerdc_en_ka_cra_install.exe d20ea08fef3b921c8f7c716f29281110 PE File PE32 PNG Format VirusTotal Malware Check memory buffers extracted RWX flags setting unpack itself Check virtual network interfaces AntiVM_Disk VM Disk Size Check Tofsee Remote Code Execution crashed	1 Keyword trend analysis	2	1		4.0		1	guest

11064	2021-08-09 19:02	alfile.exe cc350161b58a017e09a9a50288ae3fc5 UPX Malicious Library OS Processor Check PE File PE32 VirusTotal Malware PDB unpack itself					2.2	M	42	ZeroCERT

11065	2021-08-09 19:02	vbc.exe 16356f898fdabb8b38a5351676bb0799 RAT Generic Malware UPX Admin Tool (Sysinternals etc ...) SMTP KeyLogger AntiDebug AntiVM .NET EXE PE File PE32 Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted unpack itself Check virtual network interfaces Tofsee Windows Browser Email ComputerName Cryptographic key Software crashed	1 Keyword trend analysis	2	1	1	11.8	M	15	ZeroCERT

11066	2021-08-09 19:04	sam.exe a719cd4c4453d777428de8038805b297 PWS .NET framework Generic Malware Admin Tool (Sysinternals etc ...) SMTP KeyLogger AntiDebug AntiVM .NET EXE PE File PE32 VirusTotal Malware AutoRuns suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself Windows utilities suspicious process WriteConsoleW Windows ComputerName Cryptographic key crashed					12.0	M	24	ZeroCERT

11067	2021-08-09 19:04	skp.exe 359780d66d0e8a4ec780199a5a3b0455 PWS .NET framework Generic Malware Admin Tool (Sysinternals etc ...) SMTP KeyLogger AntiDebug AntiVM .NET EXE PE File PE32 VirusTotal Malware AutoRuns suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself Windows utilities suspicious process WriteConsoleW Windows ComputerName Cryptographic key crashed					12.4		14	ZeroCERT

11068	2021-08-09 19:06	musik.exe d8e7f97bd29186b5aa3c1020519f0187 PWS .NET framework Generic Malware Admin Tool (Sysinternals etc ...) SMTP KeyLogger AntiDebug AntiVM .NET EXE PE File PE32 VirusTotal Malware AutoRuns suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself Windows utilities suspicious process WriteConsoleW Windows ComputerName Cryptographic key crashed					12.6		28	ZeroCERT

11069	2021-08-09 19:06	omas.exe ebd09a6f7d0b227b72d5c4a4a67cc464 PWS .NET framework Generic Malware Admin Tool (Sysinternals etc ...) SMTP KeyLogger AntiDebug AntiVM .NET EXE PE File PE32 VirusTotal Malware AutoRuns suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself Windows utilities suspicious process WriteConsoleW Windows ComputerName Cryptographic key crashed					12.4		17	ZeroCERT

11070	2021-08-09 19:08	jojo.exe 970b659d4ac41f366cdfdd480f80f204 PWS .NET framework Generic Malware Admin Tool (Sysinternals etc ...) SMTP KeyLogger AntiDebug AntiVM .NET EXE PE File PE32 VirusTotal Malware AutoRuns suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself Windows utilities suspicious process WriteConsoleW Windows ComputerName Cryptographic key crashed					12.6	M	29	ZeroCERT