Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Score	Zero	VT	Player
11326	2021-08-14 10:06	Mozi.m f9d9a97220224f47484df6d10733e931 Eir D1000 routers Vulnerability AntiDebug AntiVM ELF VirusTotal Email Client Info Stealer Malware suspicious privilege Checks debugger Creates shortcut unpack itself AntiVM_Disk VM Disk Size Check installed browsers check Windows Browser Email ComputerName keylogger				5.4		31	ZeroCERT

11327	2021-08-14 10:06	sfgnvskjgnvlwknrfvlqknervjqnfb... d30c39fba040fff4e671659fd820bea5 RAT PWS .NET framework Generic Malware UPX OS Processor Check .NET EXE PE File PE32 Browser Info Stealer FTP Client Info Stealer VirusTotal Malware suspicious privilege Malicious Traffic Check memory Checks debugger buffers extracted unpack itself Collect installed applications Check virtual network interfaces installed browsers check Tofsee Windows Browser ComputerName DNS Cryptographic key Software crashed	2 Keyword trend analysis	3	2	7.4	M	41	ZeroCERT

11328	2021-08-14 10:09	Setup-Outfox.exe 598c257c885f0b71816ff13d27b2579e BitCoin Generic Malware AntiDebug AntiVM .NET EXE PE File PE32 Browser Info Stealer FTP Client Info Stealer VirusTotal Malware suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted WMI unpack itself Collect installed applications Check virtual network interfaces installed browsers check Tofsee Windows Browser ComputerName DNS Cryptographic key Software crashed	2 Keyword trend analysis	3	2	11.8	M	38	ZeroCERT

11329	2021-08-14 16:32	b4cfc49d647ebeffb99579dbd4be2a... b594afc619b7f19b04c125b093ddb099 CobaltStrike Generic Malware Malicious Packer UPX Malicious Library PE File PE64 VirusTotal Malware unpack itself crashed				2.4		39	r0d

11330	2021-08-15 12:18	Get-Variable.exe 0e78df69265dc57c37673bdee540ce2f VMProtect UPX Malicious Library PE File PE32 Malware download VirusTotal Malware IoC Malicious Traffic Checks debugger unpack itself Windows utilities suspicious process Kovter Zeus Windows ComputerName Trojan DNS	3 Keyword trend analysis	1	6 Info ET MALWARE Trojan Generic - POST To gate.php with no referer ET MALWARE Trojan Generic - POST To gate.php with no accept headers ET MALWARE Likely Zbot Generic Request to gate.php Dotted-Quad ET MALWARE Generic gate[.].php GET with minimal headers ET HUNTING Suspicious GET To gate.php with no Referer ET MALWARE WIN32/KOVTER.B Checkin	6.4		23	ZeroCERT

11331	2021-08-15 12:33	tonys1008.exe a08fedd1af1461cd057783b833b75c1a NPKI RAT Generic Malware Malicious Library UPX Anti_VM DGA DNS Socket Create Service Sniff Audio Escalate priviledges KeyLogger Code injection HTTP Hijack Network Internet API FTP ScreenShot Http API Steal credential Downloader P2P persistence AntiDebug A Browser Info Stealer FTP Client Info Stealer VirusTotal Malware AutoRuns suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted WMI Creates executable files unpack itself Windows utilities Collect installed applications Check virtual network interfaces suspicious process AppData folder malicious URLs AntiVM_Disk WriteConsoleW VM Disk Size Check installed browsers check Tofsee Windows Browser ComputerName DNS Cryptographic key Software crashed	2 Keyword trend analysis	4	2	12.8		26	ZeroCERT

11332	2021-08-15 12:33	jushenkotak.exe 4ff6c915da988f6746263dc2eb000261 NPKI RAT Generic Malware Malicious Library UPX DGA DNS Socket Create Service Sniff Audio Escalate priviledges KeyLogger Code injection HTTP Hijack Network Internet API FTP ScreenShot Http API Steal credential Downloader P2P persistence AntiDebug AntiVM PE VirusTotal Malware AutoRuns Code Injection Malicious Traffic Check memory Checks debugger WMI Creates executable files unpack itself Windows utilities Check virtual network interfaces suspicious process AppData folder malicious URLs AntiVM_Disk WriteConsoleW VM Disk Size Check Tofsee Windows ComputerName	3 Keyword trend analysis	3	1	9.6		32	ZeroCERT

11333	2021-08-15 12:36	5674d7511aa1fce0a68969dc57375b... 7532236d0a13e60372fe249271fc4fd8 UPX Malicious Library PE File OS Processor Check PE32 VirusTotal Malware PDB unpack itself				2.0		16	ZeroCERT

11334	2021-08-15 12:37	wj3.png 9dc3016597dfa1aa2980b346d16bebec UPX Malicious Library PE File OS Processor Check DLL PE32 VirusTotal Malware Checks debugger unpack itself				1.8	M	16	ZeroCERT

11335	2021-08-15 12:37	twixrf.exe f78f2e70b20587810b755e56821a0363 RAT PWS .NET framework Generic Malware UPX PE File OS Processor Check .NET EXE PE32 Browser Info Stealer FTP Client Info Stealer VirusTotal Malware suspicious privilege Malicious Traffic Check memory Checks debugger buffers extracted unpack itself Collect installed applications Check virtual network interfaces installed browsers check Tofsee Windows Browser ComputerName DNS Cryptographic key Software crashed	2 Keyword trend analysis	3	2	7.4	M	43	ZeroCERT

11336	2021-08-15 12:39	lv.exe 39d1258b4cc2d9085157dc6c8e84f0fe Emotet Gen1 Gen2 Malicious Library UPX Malicious Packer DGA DNS Socket Create Service Sniff Audio Escalate priviledges KeyLogger Code injection HTTP Hijack Network Internet API FTP ScreenShot Http API Steal credential Downloader P2P persistence AntiDebug VirusTotal Malware AutoRuns Code Injection Check memory Checks debugger Creates executable files unpack itself Windows utilities AppData folder malicious URLs AntiVM_Disk WriteConsoleW VM Disk Size Check Windows		1		6.6	M	41	ZeroCERT

11337	2021-08-15 12:39	toolspab2.exe ea15500c87c5662e58d8539b47ff988c UPX Malicious Library AntiDebug AntiVM PE File OS Processor Check PE32 VirusTotal Malware PDB Code Injection Checks debugger buffers extracted unpack itself				7.2	M	24	ZeroCERT

11338	2021-08-15 12:41	svchost.exe 4197eeb783ac6250fe918d469d0805f0 RAT Generic Malware DNS Socket Create Service BitCoin Escalate priviledges KeyLogger Code injection AntiDebug AntiVM PE File PE64 VirusTotal Malware AutoRuns suspicious privilege MachineGuid Code Injection Malicious Traffic Check memory Checks debugger buffers extracted Creates executable files unpack itself Windows utilities Auto service Check virtual network interfaces suspicious process malicious URLs sandbox evasion WriteConsoleW Tofsee Windows Browser ComputerName Firmware	1 Keyword trend analysis	6	1	15.0	M	41	ZeroCERT

11339	2021-08-15 12:41	sefile.exe 970dac7d9d006a955e21a10241c65afc UPX Malicious Library PE File OS Processor Check PE32 VirusTotal Malware PDB unpack itself				2.2	M	24	ZeroCERT

11340	2021-08-15 12:43	lv.exe 82e9bcd3cc8af226349d5f310b452213 Emotet Gen1 Gen2 Malicious Library UPX Malicious Packer DGA DNS Socket Create Service Sniff Audio Escalate priviledges KeyLogger Code injection HTTP Hijack Network Internet API FTP ScreenShot Http API Steal credential Downloader P2P persistence AntiDebug VirusTotal Malware AutoRuns Code Injection Check memory Checks debugger Creates executable files unpack itself Windows utilities AppData folder malicious URLs AntiVM_Disk WriteConsoleW VM Disk Size Check Windows DNS		2		7.0	M	19	ZeroCERT