Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Score	Zero	VT	Player
11236	2023-07-26 07:54	file.exe cae4ece4402014c0e2527c2a277c6e04 UPX Malicious Library OS Processor Check PE File PE32 VirusTotal Malware unpack itself				1.6	M	25	ZeroCERT

11237	2023-07-26 07:54	ChromeSetup.exe 22866422e864635234b55a5d84fae10c NSIS UPX Malicious Library PE File PE32 OS Processor Check DLL FormBook Malware download VirusTotal Malware suspicious privilege Malicious Traffic Check memory Creates executable files ICMP traffic unpack itself AppData folder	2 Keyword trend analysis	5	1	5.2	M	30	ZeroCERT

11238	2023-07-26 07:52	INIBINBINBINBINBINBINBINIBINIB... de51c804940b6cfd398361b2145f3d3e MS_RTF_Obfuscation_Objects RTF File doc VirusTotal Malware VBScript Malicious Traffic buffers extracted exploit crash unpack itself Tofsee Exploit DNS crashed	1 Keyword trend analysis	3	2	4.6	M	30	ZeroCERT

11239	2023-07-26 07:51	sw9u9z1xm9z43h.exe 9b90639e6d0fe5ca34c15011adc922b1 RedLine stealer RedLine Infostealer RedlineStealer UPX Malicious Library .NET framework(MSIL) Confuser .NET PWS AntiDebug AntiVM OS Processor Check PE File PE32 .NET EXE Browser Info Stealer RedLine Malware download FTP Client Info Stealer VirusTotal Malware Buffer PE PDB suspicious privilege Code Injection Check memory Checks debugger buffers extracted WMI Creates executable files unpack itself Collect installed applications AppData folder malicious URLs WriteConsoleW installed browsers check Stealer Windows Browser ComputerName DNS Cryptographic key Software crashed		2	3	14.4	M	43	ZeroCERT

11240	2023-07-26 07:49	bobbyzx.exe 4c393a4ddc1b9e6307bc172e071d88b7 UPX Malicious Library OS Processor Check PE File PE32 VirusTotal Malware unpack itself				1.6	M	29	ZeroCERT

11241	2023-07-26 07:47	wininit.exe 66a020cc3acbd4f1badbff616662ce02 UPX Malicious Library PE File PE32 DLL VirusTotal Malware Check memory Creates executable files unpack itself AppData folder				2.2		12	ZeroCERT

11242	2023-07-26 07:47	calc.exe ca3048f3c3dfc5345968cbfed67cf23d UPX Malicious Library OS Processor Check PE File PE32 VirusTotal Malware unpack itself				1.6		29	ZeroCERT

11243	2023-07-26 07:45	kkkk.exe 9139f048f1e79aa4b85629c03ecd1c77 RedLine Infostealer RedLine stealer UPX .NET framework(MSIL) Confuser .NET OS Processor Check .NET EXE PE File PE32 Browser Info Stealer RedLine Malware download FTP Client Info Stealer VirusTotal Malware suspicious privilege Check memory Checks debugger buffers extracted unpack itself Collect installed applications installed browsers check Stealer Windows Browser ComputerName DNS Cryptographic key Software crashed		1	3	6.2	M	47	ZeroCERT

11244	2023-07-26 07:45	franktraff.exe 3af762123fb3e732ba82d565b90da272 RedLine Infostealer RedLine stealer UPX .NET framework(MSIL) Confuser .NET OS Processor Check .NET EXE PE File PE32 Browser Info Stealer RedLine Malware download VirusTotal Malware suspicious privilege Check memory Checks debugger buffers extracted unpack itself Collect installed applications installed browsers check Stealer Windows Browser ComputerName DNS Cryptographic key crashed		1	1	5.4		39	ZeroCERT

11245	2023-07-25 19:46	build.exe e71ef2f3f2cd8205edd79c5befa2f36a Generic Malware UPX Malicious Library Malicious Packer OS Processor Check PE64 PE File VirusTotal Malware crashed				1.4	M	52	ZeroCERT

11246	2023-07-25 19:40	DOC7756184861Ͱ.exe 438c0cf9055cd5cec88f31deef18911e NSIS UPX Malicious Library PE File PE32				0.2			ZeroCERT

11247	2023-07-25 19:40	DOC7756184861Ͱ.exe 438c0cf9055cd5cec88f31deef18911e NSIS UPX Malicious Library PE File PE32				0.2			ZeroCERT

11248	2023-07-25 19:19	m4HBom6QaF.exe b4f60407cc688d2327c5bc8dd39c0b00 Malicious Library PE64 PE File VirusTotal Malware Check memory Checks debugger unpack itself				2.0	M	26	ZeroCERT

11249	2023-07-25 19:17	heaoyam78.exe 48761f8b0576e7bed627120ff51b4863 Generic Malware UPX Malicious Library Malicious Packer OS Processor Check PE File PE32 PE64 Browser Info Stealer RedLine Malware download FTP Client Info Stealer VirusTotal Malware suspicious privilege Malicious Traffic Check memory Checks debugger buffers extracted Creates executable files unpack itself Collect installed applications Check virtual network interfaces installed browsers check Stealer Windows Browser ComputerName DNS Cryptographic key Software crashed	1 Keyword trend analysis	2	8 Info ET MALWARE RedLine Stealer TCP CnC net.tcp Init ET MALWARE Redline Stealer TCP CnC Activity ET MALWARE Redline Stealer TCP CnC - Id1Response ET INFO Executable Download from dotted-quad Host ET INFO Packed Executable Download ET POLICY PE EXE or DLL Windows file download HTTP ET INFO Executable Retrieved With Minimal HTTP Headers - Potential Second Stage Download ET HUNTING SUSPICIOUS Dotted Quad Host MZ Response	9.6	M	25	ZeroCERT

11250	2023-07-25 19:08	scandk464646464.exe 87b5d7e79ba17f3819a61ec39099defd AgentTesla Generic Malware Antivirus SMTP KeyLogger AntiDebug AntiVM .NET EXE PE File PE32 Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware powershell Buffer PE AutoRuns suspicious privilege Code Injection Check memory Checks debugger buffers extracted Creates shortcut Creates executable files unpack itself Windows utilities Check virtual network interfaces suspicious process AppData folder IP Check Tofsee Windows Browser Email ComputerName Cryptographic key Software crashed keylogger	1 Keyword trend analysis	7	3	18.6	M	28	ZeroCERT