popup

Submissions

No Date Request Urls Hosts IDS Rule Score Zero VT Player Etc
11851 2021-08-28 17:53 Rbget.exe  

15478642d48681a67374167d173d4f84


Emotet Generic Malware Malicious Library PE File OS Processor Check PE32 Malware download NetWireRC VirusTotal Malware AutoRuns suspicious privilege Check memory buffers extracted unpack itself BitRAT Windows ComputerName DNS keylogger 		1 3 7.8 M 38 ZeroCERT

11852 2021-08-28 17:54 dog.exe  

6646213e564d27b399891f8b4d153852


AgentTesla(IN) RAT Generic Malware Malicious Packer Malicious Library PE File .NET EXE PE32 Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware suspicious privilege Check memory Checks debugger unpack itself Windows Browser Email ComputerName DNS Cryptographic key Software crashed 		1 1 6.4 M 43 ZeroCERT

11853 2021-08-28 17:55 lv.exe  

3841f9b923313da09a706c8ceadd9481


Emotet Gen1 Gen2 Generic Malware Malicious Library UPX Malicious Packer DGA DNS Socket Create Service Sniff Audio Escalate priviledges KeyLogger Code injection HTTP Hijack Network Internet API FTP ScreenShot Http API Steal credential Downloader P2P persis VirusTotal Malware AutoRuns Code Injection Check memory Checks debugger Creates executable files unpack itself Windows utilities AppData folder malicious URLs AntiVM_Disk WriteConsoleW VM Disk Size Check Windows 		1 6.2 M 24 ZeroCERT

11854 2021-08-28 17:57 win32u.exe  

0f8f3c508e4bcda6108dc61714e94d07


AgentTesla RAT PWS .NET framework browser info stealer Generic Malware Google Chrome User Data Socket Sniff Audio Escalate priviledges KeyLogger Code injection Internet API Downloader persistence AntiDebug AntiVM PE File .NET EXE PE32 VirusTotal Malware Buffer PE AutoRuns suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself Windows DNS Cryptographic key DDNS crashed 		2 1 8.8 M 32 ZeroCERT

11855 2021-08-28 17:59 vbc.exe  

73db2b58503ec0b2b56c4f9fdff3fe40


UPX PE File PE32 VirusTotal Malware Check memory Checks debugger unpack itself Tofsee DNS 		1 3 2 3.2 M 34 ZeroCERT

11856 2021-08-28 18:01 exb.exe  

bc48edd1be13cb850ba3c0bba7d74ea0


RAT PWS .NET framework Generic Malware SMTP KeyLogger AntiDebug AntiVM PE File .NET EXE PE32 VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself Windows ComputerName Cryptographic key crashed 		9.2 M 37 ZeroCERT

11857 2021-08-29 12:38 HBN.exe  

2d7eff43e6fe7e7b4985625183560f69


Generic Malware Malicious Packer DNS AntiDebug AntiVM PE File .NET EXE PE32 Malware download Nanocore VirusTotal Malware c&c Buffer PE AutoRuns suspicious privilege MachineGuid Code Injection Check memory Checks debugger buffers extracted WMI unpack itself Windows utilities suspicious process WriteConsoleW human activity check Windows ComputerName DNS DDNS 		2 2 13.8 M 50 ZeroCERT

11858 2021-08-29 12:38 Chrome.exe  

06fa7a3bb6e0a0069487e229de3f98e4


RAT Generic Malware PE File PE64 VirusTotal Malware Buffer PE suspicious privilege MachineGuid Code Injection Checks debugger buffers extracted exploit crash unpack itself Windows Exploit Cryptographic key crashed 		8.2 M 20 ZeroCERT

11859 2021-08-29 12:40 updater.exe  

b1e4153112eeffbb94901eff279b4906


RAT PWS .NET framework Generic Malware PE File .NET EXE PE32 PNG Format Browser Info Stealer VirusTotal Malware PDB suspicious privilege Malicious Traffic Check memory Checks debugger WMI unpack itself Check virtual network interfaces Tofsee Browser ComputerName 		1 2 1 5.2 M 46 ZeroCERT

11860 2021-08-29 12:41 lv.exe  

199172dc2093263eed50e3f744859def


Emotet Gen1 Gen2 Generic Malware Malicious Library UPX Malicious Packer PE File PE32 DLL VirusTotal Malware AutoRuns Code Injection Check memory Checks debugger Creates executable files unpack itself Windows utilities AppData folder AntiVM_Disk WriteConsoleW VM Disk Size Check Windows 		1 6.0 M 39 ZeroCERT

11861 2021-08-29 12:42 ebmm.exe  

6afae368ca54cb50b11747ce01850e35


PWS Loki[b] Loki.m RAT .NET framework Generic Malware DNS Socket KeyLogger AntiDebug AntiVM PE File .NET EXE PE32 Browser Info Stealer LokiBot Malware download FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware c&c PDB suspicious privilege MachineGuid Code Injection Malicious Traffic Check memory Checks debugger buffers extracted unpack itself malicious URLs installed browsers check Windows Browser Email ComputerName DNS Cryptographic key Software 		1 1 6 1 13.4 M 37 ZeroCERT

11862 2021-08-29 12:43 vpn_client.exe  

b42b568e5b6056dc84df89494d7b68c7


Generic Malware UPX Malicious Packer Malicious Library PE File OS Processor Check PE32 PNG Format Malware download VirusTotal Malware Microsoft suspicious privilege Malicious Traffic Check memory buffers extracted Windows utilities Check virtual network interfaces suspicious process sandbox evasion Windows ComputerName DNS 		1 1 3 9.2 M 38 ZeroCERT

11863 2021-08-29 12:45 gfc.exe  

f98399c21666ab44ffe10da4e3326546


PWS Loki[b] Loki.m RAT Generic Malware DNS Socket KeyLogger HTTP Internet API ScreenShot Http API AntiDebug AntiVM PE File .NET EXE PE32 VirusTotal Malware PDB MachineGuid Code Injection Check memory Checks debugger buffers extracted unpack itself malicious URLs ComputerName DNS 		1 9.8 M 45 ZeroCERT

11864 2021-08-29 12:45 imcr.exe  

99d398716a945554c09b46769502d375


Malicious Library AntiDebug AntiVM PE File OS Processor Check PE32 Malware download VirusTotal Malware Buffer PE AutoRuns PDB Code Injection Malicious Traffic Checks debugger buffers extracted unpack itself suspicious TLD Windows ComputerName 		4 15 1 11.0 M 48 ZeroCERT

11865 2021-08-29 12:47 Svc_host.exe  

f10f6674811925909e9d76ed554563a4


RAT PWS .NET framework Generic Malware Malicious Packer Malicious Library PE File PE32 VirusTotal Malware PDB Malicious Traffic Check memory Checks debugger unpack itself Check virtual network interfaces IP Check ComputerName DNS DDNS 		1 2 2 4.6 25 ZeroCERT

keyword