Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Score	Zero	VT	Player
11251	2023-07-25 19:03	scandav8886464.exe 66bb82ee05fc13737b1d72237c5a82b6 SMTP KeyLogger AntiDebug AntiVM .NET EXE PE File PE32 Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware AutoRuns suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself Windows utilities Check virtual network interfaces suspicious process IP Check Tofsee Windows Browser Email ComputerName Cryptographic key Software crashed keylogger	1 Keyword trend analysis	7	3	15.4	M	30	ZeroCERT

11252	2023-07-25 19:01	dewrww7a1z.exe 171411305a3172ab22696c63e445ef64 RedLine stealer RedLine Infostealer RedlineStealer UPX Malicious Library .NET framework(MSIL) Confuser .NET PWS AntiDebug AntiVM OS Processor Check PE File PE32 .NET EXE Browser Info Stealer RedLine Malware download FTP Client Info Stealer Malware Buffer PE PDB suspicious privilege Code Injection Check memory Checks debugger buffers extracted WMI Creates executable files unpack itself Collect installed applications AppData folder malicious URLs WriteConsoleW installed browsers check Stealer Windows Browser ComputerName DNS Cryptographic key Software crashed		3	1	15.2	M		ZeroCERT

11253	2023-07-25 19:01	scandavf465456.exe 7561b44d45254e3faf0c81218ac75ade SMTP KeyLogger AntiDebug AntiVM .NET EXE PE File PE32 Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware AutoRuns suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself Windows utilities Check virtual network interfaces suspicious process IP Check Tofsee Windows Browser Email ComputerName DNS Cryptographic key Software crashed keylogger	1 Keyword trend analysis	8	3	15.6	M	35	ZeroCERT

11254	2023-07-25 18:59	scanyo4648646.exe 8e2c26151d6255d8c5ce929f15fc94c3 SMTP KeyLogger AntiDebug AntiVM .NET EXE PE File PE32 Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware AutoRuns suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself Windows utilities Check virtual network interfaces suspicious process IP Check Tofsee Windows Browser Email ComputerName Cryptographic key Software crashed keylogger	1 Keyword trend analysis	7	3	15.6	M	40	ZeroCERT

11255	2023-07-25 18:59	scanhe4464684685.exe 0a08e5cf3a784baa123a28f555d44a0d SMTP KeyLogger AntiDebug AntiVM .NET EXE PE File PE32 Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware AutoRuns suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself Windows utilities Check virtual network interfaces suspicious process IP Check Tofsee Windows Browser Email ComputerName Cryptographic key Software crashed keylogger	1 Keyword trend analysis	7	3	14.8	M	39	ZeroCERT

11256	2023-07-25 18:57	scand548226.exe 92899ca104e6ac22954956977522eebb RedLine stealer PWS AntiDebug AntiVM BitCoin .NET EXE PE File PE32 VirusTotal Malware AutoRuns Code Injection Check memory Checks debugger buffers extracted Creates executable files ICMP traffic unpack itself Windows utilities Check virtual network interfaces suspicious process AppData folder Windows ComputerName DNS Cryptographic key		1		13.4	M	37	ZeroCERT

11257	2023-07-25 18:57	scanna46464.exe 0f853625fbfedb9bdd3760252644c8fa SMTP KeyLogger AntiDebug AntiVM .NET EXE PE File PE32 Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware AutoRuns suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself Windows utilities Check virtual network interfaces suspicious process IP Check Tofsee Windows Browser Email ComputerName Cryptographic key Software crashed keylogger	1 Keyword trend analysis	7	3	14.6	M	54	ZeroCERT

11258	2023-07-25 18:56	scanjo4564864654.exe e114ee8f34fd485647c0512aef82153b Generic Malware WebCam Antivirus KeyLogger AntiDebug AntiVM .NET EXE PE File PE32 VirusTotal Malware powershell Buffer PE suspicious privilege Code Injection Check memory Checks debugger buffers extracted Creates shortcut unpack itself suspicious process AntiVM_Disk VM Disk Size Check Windows ComputerName Cryptographic key crashed keylogger				12.8	M	29	ZeroCERT

11259	2023-07-25 18:55	scangur46468464.exe 30f4b0670b2cd0d54ec80173fc5b87a4 SMTP KeyLogger AntiDebug AntiVM .NET EXE PE File PE32 Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware AutoRuns suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself Windows utilities Check virtual network interfaces suspicious process IP Check Tofsee Windows Browser Email ComputerName Cryptographic key Software crashed keylogger	1 Keyword trend analysis	7	3	14.4	M	37	ZeroCERT

11260	2023-07-25 18:53	scandav44686.exe ad81a4455bc146b9f755af0de4ccf07b SMTP KeyLogger AntiDebug AntiVM .NET EXE PE File PE32 Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware AutoRuns suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself Windows utilities Check virtual network interfaces suspicious process IP Check Tofsee Windows Browser Email ComputerName Cryptographic key Software crashed keylogger	1 Keyword trend analysis	7	3	15.0	M	36	ZeroCERT

11261	2023-07-25 18:53	scandav8444461.exe ff5fec4a83b38cec5781ca7184e098b5 SMTP KeyLogger AntiDebug AntiVM .NET EXE PE File PE32 Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware AutoRuns suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself Windows utilities Check virtual network interfaces suspicious process IP Check Tofsee Windows Browser Email ComputerName Cryptographic key Software crashed keylogger	1 Keyword trend analysis	7	3	14.4	M	39	ZeroCERT

11262	2023-07-25 18:50	scania54646.exe e1f944688e00a6753e1dfa4e5d8a7670 Generic Malware Antivirus PWS AntiDebug AntiVM .NET EXE PE File PE32 VirusTotal Malware AutoRuns suspicious privilege Code Injection Check memory Checks debugger buffers extracted Creates shortcut Creates executable files unpack itself Windows utilities suspicious process AppData folder WriteConsoleW Windows ComputerName Cryptographic key				12.8	M	52	ZeroCERT

11263	2023-07-25 18:50	IBLIBLIBLIBLIBLUBLUBUBIBLIBLIB... 6042e77faf4b55ffab673816405d31b6 MS_RTF_Obfuscation_Objects RTF File doc Malware download VirusTotal Malware Malicious Traffic buffers extracted exploit crash Windows Exploit DNS crashed	1 Keyword trend analysis	3	5 Info ET INFO Executable Download from dotted-quad Host ET MALWARE Likely Evil EXE download from dotted Quad by MSXMLHTTP M1 ET POLICY PE EXE or DLL Windows file download HTTP ET MALWARE Likely Evil EXE download from dotted Quad by MSXMLHTTP M2 ET HUNTING SUSPICIOUS Dotted Quad Host MZ Response	5.2	M	30	ZeroCERT

11264	2023-07-25 18:50	wininit.exe 80e388433ae9dbb6a379d1700285136a .NET EXE PE File PE32 VirusTotal Malware PDB Check memory Checks debugger unpack itself				2.4	M	34	ZeroCERT

11265	2023-07-25 18:49	ssltdzx.exe dd2d413bc603305444c816d1cf84e2b6 AgentTesla UPX .NET framework(MSIL) KeyLogger AntiDebug AntiVM OS Processor Check .NET EXE PE File PE32 Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware PDB suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself Check virtual network interfaces IP Check Tofsee Windows Browser Email ComputerName Cryptographic key Software crashed		2	2	11.8	M	51	ZeroCERT