Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Score	Zero	VT	Player
11806	2023-07-03 18:23	imagd.jpg 8386d64448fbc6074b27a472cc074a35 Malicious Library OS Processor Check JPEG Format VirusTotal Malware				0.4		9	ZeroCERT

11807	2023-07-03 18:12	234234.exe 3073507fafd781f155d10e59d19b5d67 UltraVNC UPX Malicious Library OS Processor Check PE File PE32 VirusTotal Malware PDB suspicious privilege Check memory Checks debugger WMI unpack itself anti-virtualization Windows ComputerName Cryptographic key crashed				5.0	M	15	ZeroCERT

11808	2023-07-03 18:10	papizx.doc 4f5cf5fbe9efe99aa65e82f460640ffa MS_RTF_Obfuscation_Objects RTF File doc Malware download VirusTotal Malware Malicious Traffic exploit crash unpack itself Windows Exploit DNS crashed	1 Keyword trend analysis	2	6 Info ET INFO Executable Download from dotted-quad Host ET MALWARE Likely Evil EXE download from dotted Quad by MSXMLHTTP M1 ET INFO Packed Executable Download ET POLICY PE EXE or DLL Windows file download HTTP ET MALWARE Likely Evil EXE download from dotted Quad by MSXMLHTTP M2 ET HUNTING SUSPICIOUS Dotted Quad Host MZ Response	4.6	M	32	ZeroCERT

11809	2023-07-03 18:08	papizx.exe fab65e608359e725451406b55821c6ce Malicious Library PE File PE32 VirusTotal Malware PDB unpack itself DNS		1		3.0	M	32	ZeroCERT

11810	2023-07-03 18:06	Dhepj.exe 66552aa98285ba1c58a90ae8eee06c7a Ave Maria WARZONE RAT Gen1 Generic Malware Malicious Library Downloader Malicious Packer UPX PE File PE32 OS Processor Check DLL Browser Info Stealer VirusTotal Email Client Info Stealer Malware MachineGuid Check memory buffers extracted WMI Creates executable files unpack itself AppData folder AntiVM_Disk VM Disk Size Check installed browsers check Browser Email ComputerName crashed		2		6.2	M	65	ZeroCERT

11811	2023-07-03 18:03	Output.exe 03d04bcff6547df551a1dae49919130d UPX .NET framework(MSIL) PE File .NET EXE PE32 Malware download VirusTotal Malware Malicious Traffic Check memory Checks debugger buffers extracted unpack itself Check virtual network interfaces Windows ComputerName	1 Keyword trend analysis	2	3	4.2	M	6	ZeroCERT

11812	2023-07-03 18:00	now.exe a740cb29c91bcad28266378943b0dc01 NSIS UPX Malicious Library PE File PE32 OS Processor Check DLL Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware AutoRuns suspicious privilege Check memory Checks debugger Creates executable files unpack itself Check virtual network interfaces AppData folder IP Check Tofsee Windows Browser Email ComputerName Cryptographic key Software crashed		2	2	7.4		30	ZeroCERT

11813	2023-07-03 17:59	rocketa69.exe 9da51f2d6f77596f35c78b4bd676a134 RedLine stealer RedlineStealer UPX .NET framework(MSIL) Confuser .NET OS Processor Check PE File .NET EXE PE32 Browser Info Stealer RedLine Malware download FTP Client Info Stealer VirusTotal Malware suspicious privilege Malicious Traffic Check memory Checks debugger buffers extracted unpack itself Collect installed applications Check virtual network interfaces installed browsers check Tofsee Stealer Windows Browser ComputerName DNS Cryptographic key Software crashed	1 Keyword trend analysis	3	2	8.0		50	ZeroCERT

11814	2023-07-03 17:58	73727282.exe abc8ad6946808c33d794bd553b7e1657 RedLine stealer UPX Malicious Library Malicious Packer AntiDebug AntiVM OS Processor Check PE File PE32 Browser Info Stealer RedLine Malware download FTP Client Info Stealer VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself Collect installed applications WriteConsoleW installed browsers check Stealer Windows Browser ComputerName DNS Cryptographic key Software crashed		1	1	11.0		38	ZeroCERT

11815	2023-07-03 17:57	csrss00.exe 7b039d47de748555460ddd62fad6cc12 UPX Malicious Library PE File PE32 DLL VirusTotal Malware Check memory Creates shortcut Creates executable files unpack itself AppData folder Windows DNS crashed		1		5.6		5	ZeroCERT

11816	2023-07-03 17:56	chimoney.exe 0b96703d2baeaa0e8cfc7bc29ee8821d NSIS UPX Malicious Library PE File PE32 OS Processor Check DLL Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware AutoRuns suspicious privilege Check memory Checks debugger Creates executable files unpack itself Check virtual network interfaces AppData folder IP Check Tofsee Windows Browser Email ComputerName Cryptographic key Software crashed		2	2	7.4		32	ZeroCERT

11817	2023-07-03 17:54	ss33.exe 3cb4486372d26a40c580113343e41ba7 UPX Malicious Library Malicious Packer PE File PE64 VirusTotal Malware PDB unpack itself Tofsee Remote Code Execution		2	2	1.8		16	ZeroCERT

11818	2023-07-03 17:54	sss.exe 9f8754468af5e3d4761c579ec5341038 Admin Tool (Sysinternals etc ...) PE File .NET EXE PE32 VirusTotal Malware PDB Check memory Checks debugger unpack itself				2.0	M	18	ZeroCERT

11819	2023-07-03 14:46	anydesk_suporte.exe 0d413fd706d688f58163b4c41194afb4 AsyncRAT UPX .NET framework(MSIL) Malicious Library Malicious Packer OS Processor Check PE File .NET EXE PE32		2		1.6			ZeroCERT

11820	2023-07-03 11:29	herozx.exe 1740c5dae86b5948e6dd0fc2e99534a8 AgentTesla Generic Malware .NET framework(MSIL) Antivirus PWS SMTP KeyLogger AntiDebug AntiVM .NET EXE PE File PE32 Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware powershell PDB suspicious privilege Code Injection Check memory Checks debugger buffers extracted Creates shortcut unpack itself powershell.exe wrote Check virtual network interfaces suspicious process WriteConsoleW Tofsee Windows Browser Email ComputerName Cryptographic key Software crashed keylogger		2	2	13.6	M	52	r0d