Submissions

No Date Request Urls Hosts IDS Rule Score Zero VT Player Etc
11641 2023-07-10 18:16 fotod45.exe  

09cea48e485e3b4f35e25db8aef6926c


Gen1 Emotet SmokeLoader UPX Malicious Library Admin Tool (Sysinternals etc ...) Malicious Packer OS Processor Check PE File PE32 DLL CAB .NET EXE Browser Info Stealer RedLine Malware download Amadey FTP Client Info Stealer Malware AutoRuns suspicious privilege Malicious Traffic Check memory Checks debugger WMI Creates executable files RWX flags setting unpack itself Windows utilities Disables Windows Security Collect installed applications suspicious process AppData folder AntiVM_Disk WriteConsoleW VM Disk Size Check installed browsers check Stealer Windows Update Browser ComputerName DNS Cryptographic key Software crashed Downloader
4 3 13 17.0 M ZeroCERT

11642 2023-07-10 18:13 notepad.exe  

f2e100f576b44fdb37d874db2e48085c


Emotet UPX MPRESS PE64 PE File VirusTotal Malware Remote Code Execution crashed
2.2 M 26 ZeroCERT

11643 2023-07-10 10:19 doward.exe  

b8984fa531de29bff678fa99589dd2c0


UPX Malicious Library OS Processor Check PE64 PE File VirusTotal Malware Checks debugger
1.2 31 ZeroCERT

11644 2023-07-10 10:15 File_pass1234.7z  

81e40f9ce52d3c67dd93866f979f9a2c


Escalate priviledges PWS KeyLogger AntiDebug AntiVM suspicious privilege Check memory Checks debugger Creates executable files unpack itself
2.0 M ZeroCERT

11645 2023-07-10 08:12 echo-D3FG-2.DE.exe  

d61c17656e28348150c5d17dcc0106cd


Gen1 UPX Malicious Library Anti_VM OS Processor Check PE64 PE File DLL ZIP Format VirusTotal Malware Check memory Creates executable files
1.8 37 ZeroCERT

11646 2023-07-10 08:09 Logic.exe  

c3e9908d1e901feba57d1787d20890bb


UPX Http API PWS HTTP ScreenShot Internet API AntiDebug AntiVM .NET EXE PE File PE32 VirusTotal Malware Buffer PE PDB suspicious privilege MachineGuid Code Injection Check memory Checks debugger buffers extracted unpack itself DNS
1 10.2 M 44 ZeroCERT

11647 2023-07-10 08:08 compan.exe  

3fae3aac2be5c0120c6a5427356c8c72


Gen1 Emotet Generic Malware UPX Malicious Library Anti_VM AntiDebug AntiVM OS Processor Check PE64 PE File .NET EXE PE32 CAB Browser Info Stealer Malware download FTP Client Info Stealer Dridex VirusTotal Malware AutoRuns suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted WMI Creates executable files unpack itself Windows utilities Checks Bios Collect installed applications Detects VirtualBox Detects VMWare Check virtual network interfaces suspicious process AppData folder VMware anti-virtualization installed browsers check Tofsee Windows Browser ComputerName Cryptographic key Software crashed
10 11 7 19.2 M 43 ZeroCERT

11648 2023-07-10 08:06 europowerzx.doc  

325fb5e2010dee354704202ba9c6cf7b


MS_RTF_Obfuscation_Objects RTF File doc Malware download VirusTotal Malware Malicious Traffic exploit crash unpack itself IP Check Tofsee Windows Exploit DNS crashed
1 3 7 5.0 M 34 ZeroCERT

11649 2023-07-10 08:06 echo-4662-2DF5.exe  

25fca21c810a8ffabf4fdf3b1755c73c


Themida Packer Generic Malware UPX Malicious Library Malicious Packer Anti_VM OS Processor Check PE64 PE File unpack itself Windows crashed
2.4 ZeroCERT

11650 2023-07-10 08:03 photo270.exe  

e2d38861d75a1dc3c502f418e56222b4


Gen1 Emotet SmokeLoader UPX Malicious Library Malicious Packer OS Processor Check PE File PE32 CAB AutoRuns suspicious privilege Check memory Checks debugger Creates executable files unpack itself Disables Windows Security AppData folder AntiVM_Disk VM Disk Size Check Windows Update DNS Cryptographic key
1 7.6 M ZeroCERT

11651 2023-07-10 08:02 s.exe  

dbf483bb273e267839e60bc5e78dd4e6


UPX Malicious Library OS Processor Check PE File PE32 unpack itself Remote Code Execution
1.0 M ZeroCERT

11652 2023-07-10 07:56 okka25.exe  

484ba824bee1da806d39dd7c902b5110


UPX Malicious Library Malicious Packer PE64 PE File Browser Info Stealer Malware download VirusTotal Malware PDB Malicious Traffic unpack itself Check virtual network interfaces Fabookie Browser Remote Code Execution
3 4 1 3 3.4 M 14 ZeroCERT

11653 2023-07-10 07:53 newpy.exe  

b28167faf2bcf0150d5e816346abb42d


Gen1 UPX Malicious Library Anti_VM OS Processor Check PE64 PE File DLL ZIP Format VirusTotal Malware Check memory Creates executable files DNS
1 2.2 M 26 ZeroCERT

11654 2023-07-10 07:52 123.exe  

791545e6e3c5eb61dd12ccfbae1b9982


Gen1 Generic Malware UPX Malicious Library Malicious Packer OS Processor Check PE64 PE File PDB Remote Code Execution
0.6 M ZeroCERT

11655 2023-07-10 07:50 RiotGames.exe  

5379d703170770355efdbce86dcdb1d3


Client SW User Data Stealer Backdoor RemcosRAT Browser Login Data Stealer browser info stealer Generic Malware Google Chrome User Data Downloader UPX Malicious Library Malicious Packer Create Service Socket Escalate priviledges PWS Sniff Audio DNS ScreenS Remcos VirusTotal Malware AutoRuns Code Injection Malicious Traffic Check memory buffers extracted Windows utilities Disables Windows Security suspicious process WriteConsoleW Windows DNS keylogger
1 3 1 10.8 58 ZeroCERT